Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          WhpSZTrPQOS/FfID3zH5yKKIv4duUuSfEkCrMP12cRA=
Subject key identifier:   7D:59:D9:E8:3C:EF:3F:C6:6A:99:00:9F:0B:B2:93:FD:A7:17:A3:B7
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       019645C4689D6A74A5A7A225A443BD3862A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          0B33
Signing time:             Thu 17 Apr 2025 22:00:21 +0000
Manifest this update:     Thu 17 Apr 2025 22:00:21 +0000
Manifest next update:     Fri 18 Apr 2025 22:00:21 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: Ck0O0GAIBpNFKlJB6qKwxP4FExzmZrHNr3Y7I62Dgso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 18:56:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c4:68:9d:6a:74:a5:a7:a2:25:a4:43:bd:38:62:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Apr 17 22:00:21 2025 GMT
            Not After : Apr 18 22:00:21 2025 GMT
        Subject: CN=7d59d9e83cef3fc66a99009f0bb293fda717a3b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2b:1b:a0:34:b9:5d:9b:73:05:79:ec:11:92:
                    3d:c1:d4:7f:46:e8:6c:1b:66:a0:4b:6f:e6:ca:6d:
                    03:2b:5b:e9:b1:7e:91:e9:63:7d:92:40:2e:9e:45:
                    83:d5:56:7f:c2:b7:0f:16:b6:29:cc:46:4a:9f:12:
                    42:51:81:27:40:43:b7:c0:74:29:14:bf:df:78:fd:
                    d7:0f:6e:71:14:0f:e9:d0:21:84:f8:a5:64:91:4c:
                    22:81:2b:32:b6:aa:35:28:fe:0b:c7:f1:b6:02:6c:
                    c1:45:25:1b:50:e9:2f:3c:11:58:52:30:de:03:46:
                    57:a0:b4:0e:af:cb:48:f4:b4:93:42:dc:2a:db:b5:
                    a7:b7:da:b2:c1:8b:83:d0:0a:c0:e8:f5:b5:75:26:
                    a7:82:00:bb:b5:8f:5c:14:41:f5:f3:7b:27:6a:a4:
                    7f:4f:3c:33:6e:45:fb:bd:a6:4b:20:63:14:74:b5:
                    ac:3f:60:bc:92:ee:b5:b2:32:42:47:39:c8:8b:83:
                    99:53:8e:28:f1:6f:bd:ec:72:69:fe:96:22:58:c1:
                    25:c5:a8:1b:1b:e0:44:00:65:04:c5:82:8b:80:aa:
                    eb:75:ba:b2:39:2e:42:cc:ff:bf:2c:78:be:8a:3f:
                    c4:b8:de:11:0e:39:18:3c:ad:ff:70:90:7c:4e:54:
                    6a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:59:D9:E8:3C:EF:3F:C6:6A:99:00:9F:0B:B2:93:FD:A7:17:A3:B7
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:12:8a:4d:51:5a:3c:ec:6d:e5:dc:b2:a3:30:b7:e1:4f:17:
         38:ac:15:08:5f:88:4e:ee:56:54:19:4b:95:9e:02:21:56:e1:
         01:a3:93:3e:ad:72:d1:71:d4:94:23:c6:43:3b:00:5d:27:66:
         63:00:94:87:cf:11:19:00:27:28:e7:7d:97:2c:ee:3d:40:4c:
         d6:d0:9e:8c:03:56:1d:ad:0c:8a:63:63:d4:7e:37:e5:d8:28:
         e2:dd:25:d8:1f:19:55:61:cf:15:44:f2:b4:f9:e0:86:e3:2f:
         98:4a:07:c7:20:41:e5:9f:94:52:b4:ff:09:e1:17:7b:d5:96:
         df:5c:62:99:11:6d:70:75:11:f0:eb:4d:e9:e9:c4:21:68:93:
         4a:3b:31:c4:6a:0c:70:cd:70:e9:18:de:e9:4d:49:ed:1c:ca:
         6b:bb:d5:25:19:17:8c:98:fd:50:75:41:0c:60:fe:b2:0f:d1:
         c7:25:13:f2:b0:63:24:bc:79:1e:cf:ed:d6:34:dc:c5:6e:99:
         2c:88:a4:ae:fb:19:b4:22:2d:f8:48:b5:a4:54:18:b3:e2:ff:
         11:a4:34:a3:87:0b:ba:8a:2c:0d:ed:45:1d:3f:d1:a2:9b:eb:
         cb:a8:81:8c:ca:1e:50:df:44:28:c8:80:93:04:7e:64:b6:14:
         d5:1b:f6:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxGidanSlp6IlpEO9OGKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjUwNDE3MjIwMDIxWhcNMjUwNDE4MjIwMDIxWjAzMTEwLwYDVQQD
Eyg3ZDU5ZDllODNjZWYzZmM2NmE5OTAwOWYwYmIyOTNmZGE3MTdhM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqisboDS5XZtzBXnsEZI9wdR/Ruhs
G2agS2/mym0DK1vpsX6R6WN9kkAunkWD1VZ/wrcPFrYpzEZKnxJCUYEnQEO3wHQp
FL/feP3XD25xFA/p0CGE+KVkkUwigSsytqo1KP4Lx/G2AmzBRSUbUOkvPBFYUjDe
A0ZXoLQOr8tI9LSTQtwq27Wnt9qywYuD0ArA6PW1dSanggC7tY9cFEH183snaqR/
TzwzbkX7vaZLIGMUdLWsP2C8ku61sjJCRznIi4OZU44o8W+97HJp/pYiWMElxagb
G+BEAGUExYKLgKrrdbqyOS5CzP+/LHi+ij/EuN4RDjkYPK3/cJB8TlRqZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1Z2eg87z/GapkAnwuyk/2nF6O3MB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhKKTVFa
POxt5dyyozC34U8XOKwVCF+ITu5WVBlLlZ4CIVbhAaOTPq1y0XHUlCPGQzsAXSdm
YwCUh88RGQAnKOd9lyzuPUBM1tCejANWHa0MimNj1H435dgo4t0l2B8ZVWHPFUTy
tPnghuMvmEoHxyBB5Z+UUrT/CeEXe9WW31ximRFtcHUR8OtN6enEIWiTSjsxxGoM
cM1w6Rje6U1J7RzKa7vVJRkXjJj9UHVBDGD+sg/RxyUT8rBjJLx5Hs/t1jTcxW6Z
LIikrvsZtCIt+Ei1pFQYs+L/EaQ0o4cLuoosDe1FHT/Ropvry6iBjMoeUN9EKMiA
kwR+ZLYU1Rv2tw==
-----END CERTIFICATE-----