Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
File:                     XTsXLoFhyBzo6VSv01pzsvrQuzo.mft (raw, json)
Hash identifier:          YEqcpB4FTeLJI0lxNzm0Ur32AyDP9SMitOl9xnklCj0=
Subject key identifier:   4A:04:30:73:5D:69:B1:91:91:07:08:23:F3:57:E2:36:99:F4:E3:6E
Authority key identifier: 5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A
Certificate issuer:       /CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
Certificate serial:       0196BF6ECFAF90BC24A128B91D39D10A9922
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
Manifest number:          07C3
Signing time:             Sun 11 May 2025 13:00:32 +0000
Manifest this update:     Sun 11 May 2025 13:00:32 +0000
Manifest next update:     Mon 12 May 2025 13:00:32 +0000
Files and hashes:         1: XTsXLoFhyBzo6VSv01pzsvrQuzo.crl (hash: gfRope/Jao/G5V8MiZluJedZMrbsNc14WUXAs/Rmc7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6e:cf:af:90:bc:24:a1:28:b9:1d:39:d1:0a:99:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
        Validity
            Not Before: May 11 13:00:32 2025 GMT
            Not After : May 12 13:00:32 2025 GMT
        Subject: CN=4a0430735d69b19191070823f357e23699f4e36e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:22:80:f8:0e:b9:68:97:11:6e:98:e6:ff:16:
                    a1:27:d1:75:f5:e6:fc:0e:30:ed:1e:87:b8:99:46:
                    90:9c:c7:da:df:21:16:f5:49:dd:93:e2:42:b9:bd:
                    62:1e:b7:58:88:2d:fc:4f:89:ea:19:38:10:0b:40:
                    94:7f:6b:3c:a0:fd:ae:0a:26:f1:0e:0a:e9:a1:84:
                    57:9a:e1:b0:31:ed:9b:5e:b3:9f:bf:7a:6b:e5:84:
                    2d:dc:cd:3b:50:2f:b8:dc:81:fb:80:4a:16:13:44:
                    81:9c:c4:06:3f:6d:3c:a5:98:2d:6d:e4:dd:8f:58:
                    a3:0f:84:c2:a2:a9:fc:4d:7f:4a:76:75:10:64:6b:
                    0f:aa:04:b1:f8:0d:38:90:23:26:0f:95:71:9e:9d:
                    99:6f:75:38:90:c2:34:83:66:e0:7b:62:9c:df:c0:
                    df:73:26:c2:b2:3c:fa:45:e2:86:0b:76:4b:5c:14:
                    43:95:a8:b1:22:86:b8:6d:b7:65:ef:b1:f2:1a:97:
                    be:c6:cf:da:b4:cc:2c:9c:c5:f7:15:07:bd:fe:c1:
                    fa:2c:f7:0f:74:a2:3f:16:b5:86:29:8e:43:3c:9b:
                    61:c0:71:36:e8:d5:14:da:6b:49:ca:d6:3f:f2:35:
                    5d:9e:cf:b7:fe:e9:0f:c1:64:be:2d:91:71:57:c3:
                    79:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:04:30:73:5D:69:B1:91:91:07:08:23:F3:57:E2:36:99:F4:E3:6E
            X509v3 Authority Key Identifier:
                keyid:5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7a:ad:47:3e:2a:40:54:0e:04:2e:ba:1a:a6:f3:40:f4:a6:
         6b:40:bb:e9:71:b9:8e:b2:fd:77:43:b5:cf:b2:58:9a:d8:47:
         9b:f6:17:6d:c1:00:f4:01:ff:68:54:d5:a8:42:af:c5:a6:78:
         91:b4:c8:2b:02:1b:d3:0b:bf:72:ee:85:f3:18:30:73:fc:11:
         34:1d:49:ba:2a:72:b0:f1:2b:33:3f:7b:fa:56:ce:2f:ad:fa:
         7d:c5:33:6c:44:71:6a:3a:2d:f7:fc:6d:26:5b:02:91:df:8c:
         fc:44:ae:20:34:d8:97:ba:70:22:21:0c:65:78:49:06:4f:13:
         49:ca:9e:54:1f:26:34:96:e5:5c:1b:93:d0:1b:c1:31:fd:3f:
         8c:d7:58:96:65:4a:f9:4d:5e:99:b8:df:4e:ec:50:68:87:4e:
         7f:47:5c:7a:ab:09:ac:28:13:e6:36:4f:3e:72:58:53:19:f9:
         da:65:e8:9f:88:ea:0a:08:b4:a3:6b:ee:7e:42:64:8a:df:ac:
         e5:76:14:62:04:7d:91:27:2c:dc:61:f7:0d:ff:fc:74:27:55:
         6e:9f:31:d0:08:0b:35:54:45:38:4f:85:86:be:73:ac:e9:76:
         00:fe:67:da:cf:d2:cd:54:6f:50:63:54:60:d2:6d:7e:34:bd:
         3a:58:99:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/bs+vkLwkoSi5HTnRCpkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2IxNzJlODE2MWM4MWNlOGU5NTRhZmQzNWE3M2IyZmFk
MGJiM2EwHhcNMjUwNTExMTMwMDMyWhcNMjUwNTEyMTMwMDMyWjAzMTEwLwYDVQQD
Eyg0YTA0MzA3MzVkNjliMTkxOTEwNzA4MjNmMzU3ZTIzNjk5ZjRlMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yKA+A65aJcRbpjm/xahJ9F19eb8
DjDtHoe4mUaQnMfa3yEW9Undk+JCub1iHrdYiC38T4nqGTgQC0CUf2s8oP2uCibx
DgrpoYRXmuGwMe2bXrOfv3pr5YQt3M07UC+43IH7gEoWE0SBnMQGP208pZgtbeTd
j1ijD4TCoqn8TX9KdnUQZGsPqgSx+A04kCMmD5Vxnp2Zb3U4kMI0g2bge2Kc38Df
cybCsjz6ReKGC3ZLXBRDlaixIoa4bbdl77HyGpe+xs/atMwsnMX3FQe9/sH6LPcP
dKI/FrWGKY5DPJthwHE26NUU2mtJytY/8jVdns+3/ukPwWS+LZFxV8N5nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoEMHNdabGRkQcII/NX4jaZ9ONuMB8GA1UdIwQY
MBaAFF07Fy6BYcgc6OlUr9Nac7L60Ls6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEt
MzJjNjEzZjczNjYxLzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEtMzJjNjEzZjczNjYx
LzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3qtRz4q
QFQOBC66GqbzQPSma0C76XG5jrL9d0O1z7JYmthHm/YXbcEA9AH/aFTVqEKvxaZ4
kbTIKwIb0wu/cu6F8xgwc/wRNB1JuipysPErMz97+lbOL636fcUzbERxajot9/xt
JlsCkd+M/ESuIDTYl7pwIiEMZXhJBk8TScqeVB8mNJblXBuT0BvBMf0/jNdYlmVK
+U1embjfTuxQaIdOf0dceqsJrCgT5jZPPnJYUxn52mXon4jqCgi0o2vufkJkit+s
5XYUYgR9kScs3GH3Df/8dCdVbp8x0AgLNVRFOE+Fhr5zrOl2AP5n2s/SzVRvUGNU
YNJtfjS9OliZhA==
-----END CERTIFICATE-----