Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          1EiAh1OJDoTkhSGxKap/of3Y++sbz7whikvsFvYwBHQ=
Subject key identifier:   AF:01:92:74:96:CF:13:BC:C0:93:4D:63:00:41:99:56:46:63:D0:9A
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       0198D7A96E4E77082C5FDFA0AC8F730F95A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0B2D
Signing time:             Sat 23 Aug 2025 16:01:01 +0000
Manifest this update:     Sat 23 Aug 2025 16:01:01 +0000
Manifest next update:     Sun 24 Aug 2025 16:01:01 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: +LGTiTFRp367jcP5xZDonLe35b6/4O3WxNVBtVpBAGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:6e:4e:77:08:2c:5f:df:a0:ac:8f:73:0f:95:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Aug 23 16:01:01 2025 GMT
            Not After : Aug 24 16:01:01 2025 GMT
        Subject: CN=af01927496cf13bcc0934d63004199564663d09a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:bd:c1:f9:b9:7f:e3:52:0e:8e:60:72:37:ff:
                    04:3f:9b:3a:21:4d:8e:e9:0f:48:d1:4c:fa:52:24:
                    76:69:6d:50:d6:5c:34:d0:92:07:05:71:54:c6:1a:
                    f9:c6:83:5a:7a:0f:63:b4:a7:a6:d3:ba:96:66:df:
                    54:d8:0d:f9:b3:00:9a:87:09:0f:12:1e:9b:81:5c:
                    8b:48:53:43:54:4b:e0:ce:70:73:58:11:0f:03:1a:
                    9a:45:1b:32:62:93:b3:1d:91:39:54:bc:0c:9a:3f:
                    fd:a9:21:6f:6c:8e:0c:ef:9e:9b:14:2f:6d:b4:f7:
                    8a:12:02:7b:d5:d2:a3:2b:aa:2a:0d:2a:6c:02:fe:
                    23:9d:ae:01:ad:04:54:a0:45:f2:d9:47:24:ce:a2:
                    f4:b9:34:f4:34:44:62:6b:72:7e:ab:9c:bf:8b:fb:
                    f9:42:4d:72:21:4e:2e:22:b7:1f:f2:f4:7a:71:eb:
                    be:ac:14:fd:c1:36:3b:6e:ac:fa:7b:a4:9d:dc:0e:
                    96:e0:94:e5:62:d7:42:fa:c6:01:97:6c:5a:95:be:
                    67:9c:a0:c3:4f:50:ac:82:a6:0d:ba:5b:78:a3:77:
                    92:f5:31:ce:1d:76:49:68:db:66:2b:08:d9:0d:bc:
                    40:2a:3f:ac:d3:96:1d:33:56:f6:70:2b:9f:18:21:
                    c8:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:01:92:74:96:CF:13:BC:C0:93:4D:63:00:41:99:56:46:63:D0:9A
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:23:9a:4b:5f:40:a1:16:09:51:67:fe:f2:51:25:27:9b:8d:
         8e:fa:71:ad:0d:17:bd:70:5c:8d:1f:e3:5d:6c:b7:d9:0f:e1:
         45:70:61:ed:c2:be:09:fa:6e:f2:c8:2c:3e:ee:67:5a:30:f2:
         5a:4a:00:0b:f4:33:6f:ca:7f:59:06:8c:70:c6:4d:c0:6c:f5:
         0f:e2:0c:24:b1:22:b4:6d:73:1d:8d:ca:5e:2c:87:b1:7d:ae:
         6b:29:c9:95:48:fb:c1:63:08:65:65:61:c7:eb:45:af:38:af:
         e6:05:4e:85:84:4b:42:60:55:a3:50:68:7e:de:68:92:d5:20:
         10:c2:21:1d:26:b5:df:5b:a6:e0:8b:a8:b5:30:df:9e:f9:7d:
         02:59:61:9c:f4:e0:98:7f:8d:1c:12:0b:3f:35:2e:45:44:cd:
         2e:27:13:b9:f2:a9:fa:c1:ff:47:e3:1b:da:95:5c:16:11:f4:
         18:cf:e6:f0:12:b6:d8:36:9a:66:63:fd:ce:cc:4a:ee:23:26:
         4e:97:80:47:3c:5f:93:64:37:4f:b8:98:1e:f9:52:28:15:cf:
         82:55:96:08:6f:0d:3e:41:12:f7:1f:29:a9:62:1f:70:f5:0f:
         cd:6b:ce:62:e4:4e:77:dc:21:7d:18:e0:e4:63:7e:18:29:f0:
         ac:7f:3f:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqW5OdwgsX9+grI9zD5WlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwODIzMTYwMTAxWhcNMjUwODI0MTYwMTAxWjAzMTEwLwYDVQQD
EyhhZjAxOTI3NDk2Y2YxM2JjYzA5MzRkNjMwMDQxOTk1NjQ2NjNkMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5L3B+bl/41IOjmByN/8EP5s6IU2O
6Q9I0Uz6UiR2aW1Q1lw00JIHBXFUxhr5xoNaeg9jtKem07qWZt9U2A35swCahwkP
Eh6bgVyLSFNDVEvgznBzWBEPAxqaRRsyYpOzHZE5VLwMmj/9qSFvbI4M756bFC9t
tPeKEgJ71dKjK6oqDSpsAv4jna4BrQRUoEXy2UckzqL0uTT0NERia3J+q5y/i/v5
Qk1yIU4uIrcf8vR6ceu+rBT9wTY7bqz6e6Sd3A6W4JTlYtdC+sYBl2xalb5nnKDD
T1CsgqYNult4o3eS9THOHXZJaNtmKwjZDbxAKj+s05YdM1b2cCufGCHILQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8BknSWzxO8wJNNYwBBmVZGY9CaMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyOaS19A
oRYJUWf+8lElJ5uNjvpxrQ0XvXBcjR/jXWy32Q/hRXBh7cK+Cfpu8sgsPu5nWjDy
WkoAC/Qzb8p/WQaMcMZNwGz1D+IMJLEitG1zHY3KXiyHsX2uaynJlUj7wWMIZWVh
x+tFrziv5gVOhYRLQmBVo1Boft5oktUgEMIhHSa131um4IuotTDfnvl9AllhnPTg
mH+NHBILPzUuRUTNLicTufKp+sH/R+Mb2pVcFhH0GM/m8BK22DaaZmP9zsxK7iMm
TpeARzxfk2Q3T7iYHvlSKBXPglWWCG8NPkES9x8pqWIfcPUPzWvOYuROd9whfRjg
5GN+GCnwrH8/Ug==
-----END CERTIFICATE-----