Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          djFUB2qOzrIMP6JDCdhAHJFX8LYK1aqq1cCgBJMs+DM=
Subject key identifier:   ED:63:9A:99:E2:40:F0:16:39:E7:2B:21:3D:F2:D8:7D:EC:55:B0:75
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       01964F6CC04A63D19E37EF84076B898D5DB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          14F9
Signing time:             Sat 19 Apr 2025 19:00:49 +0000
Manifest this update:     Sat 19 Apr 2025 19:00:49 +0000
Manifest next update:     Sun 20 Apr 2025 19:00:49 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: LcTAcy4ESJaBQWr+PFzBbfmBXPfoL1UdlKrMrk44wQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 19:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6c:c0:4a:63:d1:9e:37:ef:84:07:6b:89:8d:5d:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Apr 19 19:00:49 2025 GMT
            Not After : Apr 20 19:00:49 2025 GMT
        Subject: CN=ed639a99e240f01639e72b213df2d87dec55b075
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:c9:55:ae:9e:bc:d1:93:29:3f:8e:50:01:b1:
                    54:41:3a:18:f8:0a:e3:61:dc:b7:eb:de:fd:6d:a9:
                    aa:9d:98:b5:af:ae:5d:f7:59:10:a3:20:87:6b:65:
                    07:36:b5:23:e3:b2:6b:e7:f7:0f:cb:da:81:50:a5:
                    5a:0e:55:ea:fa:90:fc:43:a6:65:38:f9:43:15:77:
                    0e:4a:ea:c2:c2:51:8e:30:b6:58:10:40:1c:31:ef:
                    21:ea:16:e9:f1:15:a1:96:e4:58:59:44:4f:07:cc:
                    6a:db:95:cc:ac:50:ab:3c:4f:d1:73:4c:5b:7f:9b:
                    26:a3:f4:60:c5:29:58:7e:ea:ad:3d:11:9c:ad:38:
                    a0:eb:7e:dc:c2:20:04:af:1e:5b:58:0e:a7:c7:f0:
                    39:80:16:89:b3:2e:f5:7b:ae:12:a6:ac:fa:84:bc:
                    cc:f5:46:e5:26:10:3c:93:4b:8f:50:08:27:97:a3:
                    ce:25:4c:2c:0a:45:85:cd:31:ad:2f:ff:c4:04:41:
                    0b:19:92:f9:d6:f3:6f:70:eb:20:0f:09:5c:56:a5:
                    e0:e6:08:31:98:35:20:a3:de:94:a2:e4:b6:52:3b:
                    72:46:93:7c:50:59:08:c4:e2:41:2a:d6:02:17:00:
                    c4:1b:84:0e:2a:85:66:f3:66:a4:8e:16:78:05:91:
                    97:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:63:9A:99:E2:40:F0:16:39:E7:2B:21:3D:F2:D8:7D:EC:55:B0:75
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:2a:3b:cd:0f:8a:10:1a:e1:47:98:c1:72:6a:60:55:21:c4:
         b7:5a:60:75:bd:c8:fe:e8:95:3a:db:4b:d3:69:1d:6e:32:c7:
         24:14:5c:da:0f:9c:2c:98:5d:de:7b:cc:47:f4:66:1d:23:c8:
         7d:20:5f:41:6d:a2:86:62:9d:ad:6e:39:97:c3:0f:c0:0d:2c:
         e0:ea:04:e0:79:20:30:6e:ee:c8:66:7e:e7:09:8c:db:2b:a9:
         e4:e9:c3:93:84:d0:99:1e:21:1d:91:3e:c6:c7:f5:3f:b0:04:
         6f:ba:c2:60:28:48:22:b2:1e:d6:ce:3a:0b:56:41:4d:ca:40:
         60:94:e6:f4:6d:31:f3:50:ae:19:f6:c9:0c:0e:94:5a:62:22:
         f7:a4:ba:d3:12:3f:ee:dc:03:e6:ab:77:00:2c:f4:33:7b:10:
         d9:54:df:67:e2:9c:22:ff:fa:10:4e:7e:36:7a:da:3e:ca:63:
         68:a8:71:c8:14:58:c4:01:17:8f:c0:7b:50:b8:45:2b:c0:06:
         91:e2:fe:67:b9:41:5c:cf:9c:eb:d3:3b:16:e7:92:85:26:de:
         b3:67:7c:5a:dd:bf:c2:b8:54:3b:65:30:93:bf:a3:3c:0d:d8:
         23:f3:6a:12:cd:4f:b8:c5:32:a7:32:b9:1e:c7:29:de:a6:3d:
         b2:ce:eb:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbMBKY9GeN++EB2uJjV2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjUwNDE5MTkwMDQ5WhcNMjUwNDIwMTkwMDQ5WjAzMTEwLwYDVQQD
EyhlZDYzOWE5OWUyNDBmMDE2MzllNzJiMjEzZGYyZDg3ZGVjNTViMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MlVrp680ZMpP45QAbFUQToY+Arj
Ydy36979bamqnZi1r65d91kQoyCHa2UHNrUj47Jr5/cPy9qBUKVaDlXq+pD8Q6Zl
OPlDFXcOSurCwlGOMLZYEEAcMe8h6hbp8RWhluRYWURPB8xq25XMrFCrPE/Rc0xb
f5smo/RgxSlYfuqtPRGcrTig637cwiAErx5bWA6nx/A5gBaJsy71e64Spqz6hLzM
9UblJhA8k0uPUAgnl6POJUwsCkWFzTGtL//EBEELGZL51vNvcOsgDwlcVqXg5ggx
mDUgo96UouS2UjtyRpN8UFkIxOJBKtYCFwDEG4QOKoVm82akjhZ4BZGXDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1jmpniQPAWOecrIT3y2H3sVbB1MB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwCo7zQ+K
EBrhR5jBcmpgVSHEt1pgdb3I/uiVOttL02kdbjLHJBRc2g+cLJhd3nvMR/RmHSPI
fSBfQW2ihmKdrW45l8MPwA0s4OoE4HkgMG7uyGZ+5wmM2yup5OnDk4TQmR4hHZE+
xsf1P7AEb7rCYChIIrIe1s46C1ZBTcpAYJTm9G0x81CuGfbJDA6UWmIi96S60xI/
7twD5qt3ACz0M3sQ2VTfZ+KcIv/6EE5+NnraPspjaKhxyBRYxAEXj8B7ULhFK8AG
keL+Z7lBXM+c69M7FueShSbes2d8Wt2/wrhUO2Uwk7+jPA3YI/NqEs1PuMUypzK5
Hscp3qY9ss7r9w==
-----END CERTIFICATE-----