Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          QdVoPvWGiCrTccMvyKMIiiXplxqIlxcLKB8y269SO/4=
Subject key identifier:   AE:CF:3C:0A:72:8B:04:BC:6B:2A:FA:31:27:E7:F1:D3:28:64:F3:DA
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       0197B77C5D6E9CD0120E4ADAEAF9D090FEEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          0650
Signing time:             Sat 28 Jun 2025 17:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:10 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: 7kNU0wEVScYFdjKFlunWc5cXZwJkbDi7NCSJYTk/7TE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:5d:6e:9c:d0:12:0e:4a:da:ea:f9:d0:90:fe:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Jun 28 17:01:10 2025 GMT
            Not After : Jun 29 17:01:10 2025 GMT
        Subject: CN=aecf3c0a728b04bc6b2afa3127e7f1d32864f3da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:72:0a:3c:63:64:b2:9b:48:45:2f:f0:ad:1b:
                    7f:29:06:b6:f4:ed:aa:0b:11:00:ed:05:7f:96:6a:
                    5a:be:ed:24:42:a9:7d:76:d1:bb:98:a8:0b:33:cf:
                    35:98:ee:b3:84:9c:a6:b1:ab:fe:2a:9c:35:d5:86:
                    32:d4:ee:df:39:fa:f7:5c:ff:aa:e4:32:fd:26:65:
                    27:ed:c0:9e:8f:86:64:dc:ea:a8:f8:75:c3:be:df:
                    f0:c3:69:df:39:29:9c:5e:a6:ad:18:e6:b1:33:1f:
                    c5:6e:a8:d6:60:93:c7:bf:c4:16:55:92:92:62:e7:
                    eb:6f:bc:62:b6:f0:0b:69:a8:3e:3d:d0:8e:aa:da:
                    dd:cd:e0:e5:10:8c:b0:c2:7a:f8:b7:ed:3d:cd:b9:
                    0a:1c:a3:8b:b1:1f:d3:f7:35:28:8c:8a:5e:4f:50:
                    30:62:41:d5:78:96:48:ad:be:50:f1:8b:b6:f0:87:
                    b5:66:5c:1c:9b:c0:0b:45:17:d6:f6:5d:03:10:85:
                    b2:84:c2:9b:8d:2d:88:30:d0:e6:04:b8:39:d7:f0:
                    f3:87:ed:7a:65:dc:45:8c:15:ab:0b:e7:c8:0b:b4:
                    6f:83:86:69:78:27:2f:b4:25:1f:20:8b:fc:92:a9:
                    a1:b1:2d:cc:b5:f0:5a:b2:96:24:66:8d:67:98:ce:
                    99:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:CF:3C:0A:72:8B:04:BC:6B:2A:FA:31:27:E7:F1:D3:28:64:F3:DA
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:58:49:41:10:44:e1:51:1a:af:a3:6a:a9:68:79:5c:8c:5f:
         c0:68:68:09:22:0c:4e:8a:37:8d:f7:31:06:09:7e:b1:47:89:
         bd:7c:bb:eb:3b:c1:f5:40:7b:89:08:60:c2:da:1f:2e:06:d1:
         63:2d:4b:fe:a3:b6:8f:6c:ca:48:88:a7:2b:ca:58:13:51:c8:
         9a:70:e9:89:e6:69:13:09:c5:42:d6:7f:0e:00:d4:8f:d4:9b:
         56:ca:0d:f1:94:a8:c8:b4:a8:cd:46:f4:45:75:a7:2e:48:84:
         d8:89:f0:4e:9b:cf:60:cf:c1:5d:7e:b5:c9:b0:9f:d2:fa:21:
         9d:2a:7f:7c:42:ae:e1:ba:12:83:1d:63:cc:48:62:c6:69:95:
         fd:00:61:8e:4d:0c:5a:11:e3:7f:ac:08:97:2e:0e:9b:f9:6e:
         9e:7a:47:de:e3:34:84:7e:a8:fc:ad:61:01:16:2c:9f:9c:b3:
         77:3c:ec:f4:67:dd:b4:aa:d7:b8:1d:e1:fa:16:0d:fb:75:63:
         c0:a9:a7:23:90:bb:c9:00:92:70:93:21:b8:db:b7:1a:d1:f6:
         9a:55:f0:aa:b3:75:d3:1a:6e:e6:22:e0:cb:5b:33:85:37:d0:
         ba:2e:06:1e:8f:e7:34:12:b7:aa:1e:c8:ae:cf:6a:bc:74:b0:
         ba:5e:60:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fF1unNASDkra6vnQkP7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwNjI4MTcwMTEwWhcNMjUwNjI5MTcwMTEwWjAzMTEwLwYDVQQD
EyhhZWNmM2MwYTcyOGIwNGJjNmIyYWZhMzEyN2U3ZjFkMzI4NjRmM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnIKPGNksptIRS/wrRt/KQa29O2q
CxEA7QV/lmpavu0kQql9dtG7mKgLM881mO6zhJymsav+Kpw11YYy1O7fOfr3XP+q
5DL9JmUn7cCej4Zk3Oqo+HXDvt/ww2nfOSmcXqatGOaxMx/FbqjWYJPHv8QWVZKS
Yufrb7xitvALaag+PdCOqtrdzeDlEIywwnr4t+09zbkKHKOLsR/T9zUojIpeT1Aw
YkHVeJZIrb5Q8Yu28Ie1Zlwcm8ALRRfW9l0DEIWyhMKbjS2IMNDmBLg51/Dzh+16
ZdxFjBWrC+fIC7Rvg4ZpeCcvtCUfIIv8kqmhsS3MtfBaspYkZo1nmM6ZRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7PPApyiwS8ayr6MSfn8dMoZPPaMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUFhJQRBE
4VEar6NqqWh5XIxfwGhoCSIMToo3jfcxBgl+sUeJvXy76zvB9UB7iQhgwtofLgbR
Yy1L/qO2j2zKSIinK8pYE1HImnDpieZpEwnFQtZ/DgDUj9SbVsoN8ZSoyLSozUb0
RXWnLkiE2InwTpvPYM/BXX61ybCf0vohnSp/fEKu4boSgx1jzEhixmmV/QBhjk0M
WhHjf6wIly4Om/lunnpH3uM0hH6o/K1hARYsn5yzdzzs9GfdtKrXuB3h+hYN+3Vj
wKmnI5C7yQCScJMhuNu3GtH2mlXwqrN10xpu5iLgy1szhTfQui4GHo/nNBK3qh7I
rs9qvHSwul5gnw==
-----END CERTIFICATE-----