Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          9rcwUtYoJhPRbe5p76wVe9MG6FFWM+GC43VQ5ALFXgU=
Subject key identifier:   65:24:2F:A4:E0:60:29:77:23:7A:1D:67:20:C8:B7:08:55:3B:D6:C1
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       01974B567819B77F4D09A7CFFCFB006A8290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          14FD
Signing time:             Sat 07 Jun 2025 17:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 17:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 17:00:47 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: 1u9Fpu6Xi3jQooN7DXySIGAHTtGFZeNsd7azIL1F8gE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:78:19:b7:7f:4d:09:a7:cf:fc:fb:00:6a:82:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: Jun  7 17:00:47 2025 GMT
            Not After : Jun  8 17:00:47 2025 GMT
        Subject: CN=65242fa4e0602977237a1d6720c8b708553bd6c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:38:81:65:f7:90:ac:2c:dc:be:71:7e:9b:ec:
                    c0:c8:aa:f8:c8:41:4d:35:68:03:9a:fa:ef:73:79:
                    92:39:dd:ef:ec:0b:32:d7:a1:e7:9e:76:4d:cb:b2:
                    a3:65:14:5f:f9:0a:32:7d:83:1c:b2:ea:23:de:6e:
                    ba:4b:0f:4a:7e:28:75:61:6c:df:71:2d:2c:9e:eb:
                    ee:51:b8:50:38:d5:9d:70:7a:99:7d:2d:79:44:57:
                    ab:be:5d:3c:3f:3d:d6:13:8b:6c:48:1b:fc:de:fb:
                    65:93:7b:b4:2e:3f:e0:fc:c4:23:84:3d:6a:61:b8:
                    fa:7b:bf:91:79:98:a2:a4:62:49:01:02:cb:cf:69:
                    b1:87:18:e9:19:2d:25:a7:56:35:cf:43:02:90:5d:
                    bc:a9:19:7a:e9:ed:b0:81:75:70:c5:4a:51:0c:5b:
                    7b:17:c4:92:62:37:fe:37:46:0c:bb:98:3f:c5:c6:
                    75:37:43:7d:b9:d9:a5:fb:21:43:5c:a1:97:9a:4b:
                    3d:9f:f9:00:0f:ab:14:a8:f9:08:60:84:ce:63:63:
                    2a:db:51:78:3e:23:c2:ec:ec:bc:2d:79:a6:df:40:
                    ca:f3:4b:c7:75:29:7c:6d:20:fc:42:63:05:c4:b2:
                    06:2f:55:df:51:4e:0e:e2:c0:05:a3:7b:e8:f1:27:
                    9c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:24:2F:A4:E0:60:29:77:23:7A:1D:67:20:C8:B7:08:55:3B:D6:C1
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:39:3c:73:1a:68:6b:58:d4:36:c7:bf:be:73:1a:7b:2c:14:
         28:f3:e1:09:a8:1c:b1:49:fd:ce:2e:4d:d8:2e:09:2a:1a:16:
         5a:4b:ca:20:9a:ae:15:4a:52:19:4b:15:bc:ee:3b:05:70:c7:
         96:ad:07:89:9e:46:62:29:bc:db:cb:cd:8f:32:5d:d0:13:b8:
         92:fd:c0:66:21:48:1d:d1:0a:73:7b:d2:55:e5:62:8f:95:89:
         5c:89:b5:0e:73:2d:ee:43:d1:12:fa:1c:e7:e0:8c:06:85:6b:
         b6:56:98:87:4d:46:95:fe:4c:c6:94:95:57:4a:e0:cf:3c:d9:
         0f:98:7a:75:1d:88:fb:ab:36:f7:f4:5f:ff:bb:51:51:74:f6:
         04:b6:83:1b:64:60:2a:7a:7f:65:55:0f:cf:cc:db:8d:5e:8e:
         6d:8c:e2:02:94:17:20:a2:aa:11:8b:3a:0c:d8:e2:5e:ce:7f:
         ab:61:db:3e:37:66:2b:65:39:15:84:81:d0:73:e6:fd:ab:19:
         e4:1e:c7:02:9e:4e:5b:c3:bb:12:82:78:d1:36:d8:35:0c:ee:
         6c:f0:9a:75:8e:57:7e:25:2c:94:90:29:f0:8f:15:3a:9a:5f:
         bb:37:32:94:54:0f:e2:ea:3c:c7:ae:fa:aa:0f:b5:8e:43:af:
         ce:f1:9f:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVngZt39NCafP/PsAaoKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjUwNjA3MTcwMDQ3WhcNMjUwNjA4MTcwMDQ3WjAzMTEwLwYDVQQD
Eyg2NTI0MmZhNGUwNjAyOTc3MjM3YTFkNjcyMGM4YjcwODU1M2JkNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ziBZfeQrCzcvnF+m+zAyKr4yEFN
NWgDmvrvc3mSOd3v7Asy16HnnnZNy7KjZRRf+QoyfYMcsuoj3m66Sw9Kfih1YWzf
cS0snuvuUbhQONWdcHqZfS15RFervl08Pz3WE4tsSBv83vtlk3u0Lj/g/MQjhD1q
Ybj6e7+ReZiipGJJAQLLz2mxhxjpGS0lp1Y1z0MCkF28qRl66e2wgXVwxUpRDFt7
F8SSYjf+N0YMu5g/xcZ1N0N9udml+yFDXKGXmks9n/kAD6sUqPkIYITOY2Mq21F4
PiPC7Oy8LXmm30DK80vHdSl8bSD8QmMFxLIGL1XfUU4O4sAFo3vo8SecvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUkL6TgYCl3I3odZyDItwhVO9bBMB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzk8cxpo
a1jUNse/vnMaeywUKPPhCagcsUn9zi5N2C4JKhoWWkvKIJquFUpSGUsVvO47BXDH
lq0HiZ5GYim828vNjzJd0BO4kv3AZiFIHdEKc3vSVeVij5WJXIm1DnMt7kPREvoc
5+CMBoVrtlaYh01Glf5MxpSVV0rgzzzZD5h6dR2I+6s29/Rf/7tRUXT2BLaDG2Rg
Knp/ZVUPz8zbjV6ObYziApQXIKKqEYs6DNjiXs5/q2HbPjdmK2U5FYSB0HPm/asZ
5B7HAp5OW8O7EoJ40TbYNQzubPCadY5XfiUslJAp8I8VOppfuzcylFQP4uo8x676
qg+1jkOvzvGfsw==
-----END CERTIFICATE-----