Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
File:                     XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json)
Hash identifier:          2QLYgS51F2LMXYZ9iq2Y2G3RG/V+FODRIelSzfOTMvE=
Subject key identifier:   AB:61:A6:50:06:C6:B0:89:02:A0:C9:A5:76:AA:10:C7:FE:09:EE:DC
Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A
Certificate issuer:       /CN=5e5214158af310ffa9c315298343f4c3e66aec9a
Certificate serial:       0196BC00313CE3BEDEC7C3A1F8D61416D04A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
Manifest number:          057F
Signing time:             Sat 10 May 2025 21:00:51 +0000
Manifest this update:     Sat 10 May 2025 21:00:51 +0000
Manifest next update:     Sun 11 May 2025 21:00:51 +0000
Files and hashes:         1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: vTMcHYipv49Zqb+N0QhD6PJnpk3eeYQi+fxyYsBT6vY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 21:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:00:31:3c:e3:be:de:c7:c3:a1:f8:d6:14:16:d0:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a
        Validity
            Not Before: May 10 21:00:51 2025 GMT
            Not After : May 11 21:00:51 2025 GMT
        Subject: CN=ab61a65006c6b08902a0c9a576aa10c7fe09eedc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bf:75:28:4d:33:8e:e1:90:16:29:be:73:3e:
                    04:18:77:c3:92:0e:67:4b:9c:14:a8:72:f7:17:40:
                    6b:18:ea:00:99:ea:19:37:8d:f4:72:1b:ec:dd:92:
                    b7:5b:90:a6:33:37:a3:fe:a8:2c:8f:02:22:56:fa:
                    8f:1c:94:ea:b5:ea:49:0d:b0:bb:e4:b1:49:74:6e:
                    63:c2:59:2c:d5:0c:8d:fe:bd:08:36:8f:c8:cf:17:
                    6f:f7:e3:7e:65:de:6e:c8:63:1a:3a:d1:76:5e:91:
                    32:0e:e9:9c:c5:7c:a6:25:dd:e2:ca:66:a7:68:64:
                    fa:77:19:bb:81:ce:72:f4:c1:4b:02:e6:2d:38:a9:
                    c1:59:c1:53:d3:87:d2:bc:55:6b:90:5f:c7:ae:fe:
                    0b:1f:2c:61:2a:ae:f1:27:b6:f3:64:ff:ae:63:74:
                    13:e1:af:5f:85:07:b3:eb:d7:c8:8a:6c:eb:9b:56:
                    68:50:3d:46:d6:64:d3:26:cb:18:77:0f:40:00:3f:
                    72:50:f0:f6:85:e8:57:01:aa:31:26:2c:62:f1:bf:
                    30:da:02:dc:c5:c1:3f:87:46:99:74:6f:b0:f8:63:
                    1d:09:a1:0e:05:46:e6:13:fc:7e:fa:07:e0:6a:22:
                    56:9e:82:39:c2:75:be:82:b4:42:74:27:46:ee:f4:
                    49:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:61:A6:50:06:C6:B0:89:02:A0:C9:A5:76:AA:10:C7:FE:09:EE:DC
            X509v3 Authority Key Identifier:
                keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:28:82:13:18:3c:7a:b7:82:29:a5:d1:d1:81:e7:bc:22:05:
         51:92:b3:8d:1f:a1:33:71:c0:72:98:8b:b2:d0:c1:f3:e3:a1:
         ff:be:54:f8:d1:38:bb:d7:1d:9c:b0:a4:ac:ca:e8:65:93:6d:
         f1:18:6c:d9:cc:d3:ba:01:0d:58:5b:f4:fb:0c:53:44:f8:8e:
         3d:d8:57:a6:47:de:2c:8c:50:b2:ad:1f:ba:51:2f:d4:f9:16:
         1b:a9:60:e3:87:c2:4d:92:b6:58:76:6b:6f:02:f3:9d:fc:6a:
         a4:18:74:ae:48:0d:ce:42:87:e3:e8:c2:92:0b:c9:74:3d:b1:
         0d:d4:5b:22:ac:50:79:d1:d4:c9:e3:bd:bd:00:59:8d:53:99:
         07:bb:14:57:87:64:f1:bb:5d:4b:22:88:fd:53:64:6c:fa:fd:
         ed:f9:0d:21:d4:ba:d8:42:5f:2c:40:c5:48:cd:73:3d:c4:b6:
         84:cd:c5:c0:0b:42:35:95:1e:ac:46:5c:f5:cf:94:e3:15:bc:
         3c:37:c0:d1:38:15:e1:56:6a:20:30:41:94:52:8c:d9:5b:0e:
         69:3b:5f:93:46:8c:60:13:6b:cc:1a:71:0d:3b:b3:37:76:c7:
         88:aa:01:90:e0:07:b1:0d:89:bf:d3:48:c2:05:e0:1a:62:47:
         07:66:c1:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8ADE8477ex8Oh+NYUFtBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2
YWVjOWEwHhcNMjUwNTEwMjEwMDUxWhcNMjUwNTExMjEwMDUxWjAzMTEwLwYDVQQD
EyhhYjYxYTY1MDA2YzZiMDg5MDJhMGM5YTU3NmFhMTBjN2ZlMDllZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL91KE0zjuGQFim+cz4EGHfDkg5n
S5wUqHL3F0BrGOoAmeoZN430chvs3ZK3W5CmMzej/qgsjwIiVvqPHJTqtepJDbC7
5LFJdG5jwlks1QyN/r0INo/Izxdv9+N+Zd5uyGMaOtF2XpEyDumcxXymJd3iyman
aGT6dxm7gc5y9MFLAuYtOKnBWcFT04fSvFVrkF/Hrv4LHyxhKq7xJ7bzZP+uY3QT
4a9fhQez69fIimzrm1ZoUD1G1mTTJssYdw9AAD9yUPD2hehXAaoxJixi8b8w2gLc
xcE/h0aZdG+w+GMdCaEOBUbmE/x++gfgaiJWnoI5wnW+grRCdCdG7vRJpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKthplAGxrCJAqDJpXaqEMf+Ce7cMB8GA1UdIwQY
MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt
Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4
LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACyiCExg8
ereCKaXR0YHnvCIFUZKzjR+hM3HAcpiLstDB8+Oh/75U+NE4u9cdnLCkrMroZZNt
8Rhs2czTugENWFv0+wxTRPiOPdhXpkfeLIxQsq0fulEv1PkWG6lg44fCTZK2WHZr
bwLznfxqpBh0rkgNzkKH4+jCkgvJdD2xDdRbIqxQedHUyeO9vQBZjVOZB7sUV4dk
8btdSyKI/VNkbPr97fkNIdS62EJfLEDFSM1zPcS2hM3FwAtCNZUerEZc9c+U4xW8
PDfA0TgV4VZqIDBBlFKM2VsOaTtfk0aMYBNrzBpxDTuzN3bHiKoBkOAHsQ2Jv9NI
wgXgGmJHB2bBIQ==
-----END CERTIFICATE-----