Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
File:                     XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft (raw, json)
Hash identifier:          o8IuGnth0K2LkfuusrB2c9WmNx0LtPbEX2ChrUT7Axs=
Subject key identifier:   FC:FD:05:6D:A1:02:C6:1D:36:1D:C5:AE:1B:EC:96:6E:10:F0:E8:4E
Authority key identifier: 5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95
Certificate issuer:       /CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
Certificate serial:       0197493133EE585B79516A8D119E05BD4150
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
Manifest number:          058E
Signing time:             Sat 07 Jun 2025 07:00:50 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:50 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:50 +0000
Files and hashes:         1: XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl (hash: d5+G3SBqvQqsZG1QPdknZ4tdn+n6z1J564f2PDBeR+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:33:ee:58:5b:79:51:6a:8d:11:9e:05:bd:41:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d21968e91c2f47f1b07c1f35fe7d263c56d0495
        Validity
            Not Before: Jun  7 07:00:50 2025 GMT
            Not After : Jun  8 07:00:50 2025 GMT
        Subject: CN=fcfd056da102c61d361dc5ae1bec966e10f0e84e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e3:4c:cc:65:b0:a4:ff:d2:09:e0:db:81:46:
                    d1:db:33:38:c2:25:34:d1:19:45:11:d2:3a:00:03:
                    8e:c1:aa:a3:b1:0d:82:a8:bb:f1:57:39:45:2f:c9:
                    c7:6f:9d:4c:e8:64:8f:d7:3a:ac:32:7d:27:90:7f:
                    36:d2:76:8f:b3:64:c6:11:85:24:6e:af:4e:6a:a2:
                    4c:29:ce:93:a9:7c:7e:43:97:54:0c:b2:ff:2f:6d:
                    3c:b0:42:dd:51:20:00:a2:5b:9d:69:5b:39:ef:8f:
                    0e:47:80:79:f2:5f:34:26:d5:e7:b0:c1:3e:32:d9:
                    74:bd:59:e6:a1:43:3d:73:9a:be:32:e9:d1:42:fa:
                    cb:12:59:9f:98:2f:27:31:9e:73:7f:11:3c:95:e2:
                    62:d3:e4:f9:bc:06:96:ed:13:3f:91:e7:39:ef:d7:
                    43:28:bf:16:b9:44:b1:95:33:ba:f1:06:b4:71:0b:
                    b6:84:9e:cf:2c:19:ec:45:d3:ed:59:5f:fa:ae:e9:
                    32:5f:d4:94:41:a8:0d:f3:27:8e:4f:e8:e3:d5:13:
                    41:a0:33:20:ec:93:31:d5:16:db:ea:3c:ea:12:f0:
                    49:cc:6c:9f:f1:6f:04:68:8e:d8:76:30:46:37:1f:
                    20:dc:50:18:33:a6:0e:8c:f8:c2:6c:a9:e5:e3:8a:
                    c5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:FD:05:6D:A1:02:C6:1D:36:1D:C5:AE:1B:EC:96:6E:10:F0:E8:4E
            X509v3 Authority Key Identifier:
                keyid:5D:21:96:8E:91:C2:F4:7F:1B:07:C1:F3:5F:E7:D2:63:C5:6D:04:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XSGWjpHC9H8bB8HzX-fSY8VtBJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/8f015d-a7e4-48d8-8705-1ec37465d3af/1/XSGWjpHC9H8bB8HzX-fSY8VtBJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:07:d6:33:44:27:d8:59:9e:5e:0d:15:29:b3:26:c8:a6:cd:
         1d:b6:5d:94:bd:53:4e:01:1f:51:4d:7e:a7:b9:32:8a:e3:79:
         7e:a5:91:8f:9f:79:dd:9e:a6:51:2e:a8:65:05:e4:bd:a4:e8:
         2a:ca:e9:13:9f:a1:c1:98:f8:28:2c:e4:24:a1:77:40:a9:7c:
         00:bd:bf:ba:ff:47:3c:6d:40:19:94:c6:d4:62:e7:c4:3e:bc:
         18:f2:79:eb:73:cd:f9:f0:e2:98:0d:8e:9c:2b:c8:5b:66:78:
         ca:4b:37:f3:08:39:00:2a:1c:f6:74:c1:70:4a:67:25:e7:73:
         74:3b:c4:ab:fd:84:48:a5:31:d0:96:ca:64:27:66:4e:c6:76:
         58:05:90:a9:d6:90:77:70:c6:6c:08:95:0a:6d:f0:81:7c:81:
         46:86:de:d5:5f:84:f2:9d:f3:6f:26:70:20:a4:fc:ba:c2:d5:
         5b:21:ed:77:2c:ed:a3:20:f6:15:91:bb:11:19:f8:5b:b4:3b:
         a3:2a:00:53:4d:b1:6d:26:a3:68:19:b6:3c:f1:8e:d5:56:55:
         c0:9b:5c:3e:50:19:1f:75:af:a1:d6:b5:6e:c1:88:6b:2f:8d:
         b6:63:10:9d:57:ed:d6:41:5e:21:2c:72:d2:1f:6c:3f:49:71:
         68:c0:5f:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMTPuWFt5UWqNEZ4FvUFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMjE5NjhlOTFjMmY0N2YxYjA3YzFmMzVmZTdkMjYzYzU2
ZDA0OTUwHhcNMjUwNjA3MDcwMDUwWhcNMjUwNjA4MDcwMDUwWjAzMTEwLwYDVQQD
EyhmY2ZkMDU2ZGExMDJjNjFkMzYxZGM1YWUxYmVjOTY2ZTEwZjBlODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuNMzGWwpP/SCeDbgUbR2zM4wiU0
0RlFEdI6AAOOwaqjsQ2CqLvxVzlFL8nHb51M6GSP1zqsMn0nkH820naPs2TGEYUk
bq9OaqJMKc6TqXx+Q5dUDLL/L208sELdUSAAoludaVs5748OR4B58l80JtXnsME+
Mtl0vVnmoUM9c5q+MunRQvrLElmfmC8nMZ5zfxE8leJi0+T5vAaW7RM/kec579dD
KL8WuUSxlTO68Qa0cQu2hJ7PLBnsRdPtWV/6rukyX9SUQagN8yeOT+jj1RNBoDMg
7JMx1Rbb6jzqEvBJzGyf8W8EaI7YdjBGNx8g3FAYM6YOjPjCbKnl44rFLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPz9BW2hAsYdNh3Frhvslm4Q8OhOMB8GA1UdIwQY
MBaAFF0hlo6RwvR/GwfB81/n0mPFbQSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUt
MWVjMzc0NjVkM2FmLzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS84ZjAxNWQtYTdlNC00OGQ4LTg3MDUtMWVjMzc0NjVkM2Fm
LzEvWFNHV2pwSEM5SDhiQjhIelgtZlNZOFZ0QkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMgfWM0Qn
2FmeXg0VKbMmyKbNHbZdlL1TTgEfUU1+p7kyiuN5fqWRj5953Z6mUS6oZQXkvaTo
KsrpE5+hwZj4KCzkJKF3QKl8AL2/uv9HPG1AGZTG1GLnxD68GPJ563PN+fDimA2O
nCvIW2Z4yks38wg5ACoc9nTBcEpnJedzdDvEq/2ESKUx0JbKZCdmTsZ2WAWQqdaQ
d3DGbAiVCm3wgXyBRobe1V+E8p3zbyZwIKT8usLVWyHtdyztoyD2FZG7ERn4W7Q7
oyoAU02xbSajaBm2PPGO1VZVwJtcPlAZH3Wvoda1bsGIay+NtmMQnVft1kFeISxy
0h9sP0lxaMBfUg==
-----END CERTIFICATE-----