Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          PmqqU8EFUrjckfnQUQDvYqrltoJl3AXEzN1i/xTtEeU=
Subject key identifier:   30:22:6C:71:0B:BB:FE:0C:C7:B8:07:A2:30:DB:6A:70:4D:2C:6D:3D
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       0196A1D232D8D548BAAE65FEBB3DAF8C8471
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          021F
Signing time:             Mon 05 May 2025 19:00:29 +0000
Manifest this update:     Mon 05 May 2025 19:00:29 +0000
Manifest next update:     Tue 06 May 2025 19:00:29 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: FsflU71tTo02aukNmes5FhLpfzcdls7w3YjzymFkD2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a1:d2:32:d8:d5:48:ba:ae:65:fe:bb:3d:af:8c:84:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: May  5 19:00:29 2025 GMT
            Not After : May  6 19:00:29 2025 GMT
        Subject: CN=30226c710bbbfe0cc7b807a230db6a704d2c6d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:2e:01:95:6f:eb:c0:dc:a9:1e:1d:6f:73:85:
                    11:e7:85:75:c4:0c:2a:1a:24:ee:3c:f5:7c:5d:af:
                    f6:02:4d:48:98:b5:77:2e:da:a0:ab:a6:30:84:6f:
                    d4:f5:b9:84:29:e4:ab:44:13:87:25:12:33:c1:f2:
                    6e:ff:27:0e:ce:f6:4b:85:04:ae:16:8a:cb:f0:80:
                    56:4c:51:39:bd:a3:07:d2:42:f7:17:c6:87:db:86:
                    60:fb:1e:a0:1e:18:c6:7d:c0:f7:2f:44:3e:1b:0f:
                    7e:03:b5:9a:02:96:eb:6f:a7:b2:79:c8:cf:96:e3:
                    a3:cc:86:fc:49:a8:8a:a1:77:06:b5:83:9a:fd:5e:
                    0b:d8:db:93:98:90:36:02:22:e0:40:8f:06:ee:2c:
                    1c:d4:da:8b:72:c0:51:fc:2d:91:f5:2e:8c:7f:8b:
                    82:b1:d4:9f:63:4d:f3:d6:59:97:95:7b:97:6d:ae:
                    4c:ff:a5:a7:cf:46:72:12:e1:70:5c:91:8a:df:51:
                    a1:e3:e7:7c:ea:41:02:8b:d6:e0:f1:43:da:f9:27:
                    7c:63:fb:95:ff:84:ae:ca:22:ae:53:07:0a:f3:f9:
                    bf:fc:28:ce:e9:56:33:51:34:e3:e8:ae:91:49:2f:
                    9f:8e:78:bb:06:c3:a2:56:1b:a4:9c:3c:3b:11:7f:
                    2c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:22:6C:71:0B:BB:FE:0C:C7:B8:07:A2:30:DB:6A:70:4D:2C:6D:3D
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:82:23:4c:99:86:31:56:bc:39:1d:80:64:d6:07:f3:7f:b5:
         32:93:2f:9e:72:19:21:78:f8:1c:0a:d1:bf:db:95:12:0d:7d:
         23:5d:c4:68:a5:c3:8d:45:f7:bb:ac:9d:9c:23:a2:8b:2f:8f:
         12:e7:40:b6:fa:c4:a9:6d:80:61:15:d6:49:dd:9a:a2:a6:a8:
         8b:8e:d4:c2:f6:ad:6b:e7:85:19:3c:8f:d9:04:39:2b:7d:f0:
         26:fc:98:e4:f5:d7:0e:d5:88:b4:35:e1:58:65:54:49:7d:4c:
         32:60:fb:f1:3e:e9:cd:29:5c:a1:83:bb:83:8c:a6:1c:45:3c:
         d8:c7:d1:08:e4:99:fa:f9:f7:f8:e4:17:4c:bd:11:bd:eb:33:
         89:a1:2c:5b:a6:c6:5d:b0:6b:bb:fc:c6:37:82:7a:53:8a:b3:
         d5:ef:cf:bc:4f:21:5b:d0:f1:a6:46:0e:44:9f:85:33:18:c9:
         e6:05:25:bd:fe:af:7e:81:26:9c:e6:61:99:af:87:02:78:02:
         b2:ec:34:54:ac:c6:c3:38:dd:49:f4:2c:be:e2:43:88:d7:55:
         e2:5e:0d:98:16:06:74:bb:56:52:db:a0:7c:df:aa:6f:cd:a4:
         e9:b4:ec:02:2b:24:ce:6e:46:72:62:61:b1:0a:6a:b6:b4:4e:
         af:f4:7f:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZah0jLY1Ui6rmX+uz2vjIRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwNTA1MTkwMDI5WhcNMjUwNTA2MTkwMDI5WjAzMTEwLwYDVQQD
EygzMDIyNmM3MTBiYmJmZTBjYzdiODA3YTIzMGRiNmE3MDRkMmM2ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6C4BlW/rwNypHh1vc4UR54V1xAwq
GiTuPPV8Xa/2Ak1ImLV3Ltqgq6YwhG/U9bmEKeSrRBOHJRIzwfJu/ycOzvZLhQSu
ForL8IBWTFE5vaMH0kL3F8aH24Zg+x6gHhjGfcD3L0Q+Gw9+A7WaApbrb6eyecjP
luOjzIb8SaiKoXcGtYOa/V4L2NuTmJA2AiLgQI8G7iwc1NqLcsBR/C2R9S6Mf4uC
sdSfY03z1lmXlXuXba5M/6Wnz0ZyEuFwXJGK31Gh4+d86kECi9bg8UPa+Sd8Y/uV
/4SuyiKuUwcK8/m//CjO6VYzUTTj6K6RSS+fjni7BsOiVhuknDw7EX8sPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDAibHELu/4Mx7gHojDbanBNLG09MB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIoIjTJmG
MVa8OR2AZNYH83+1MpMvnnIZIXj4HArRv9uVEg19I13EaKXDjUX3u6ydnCOiiy+P
EudAtvrEqW2AYRXWSd2aoqaoi47Uwvata+eFGTyP2QQ5K33wJvyY5PXXDtWItDXh
WGVUSX1MMmD78T7pzSlcoYO7g4ymHEU82MfRCOSZ+vn3+OQXTL0RvesziaEsW6bG
XbBru/zGN4J6U4qz1e/PvE8hW9DxpkYORJ+FMxjJ5gUlvf6vfoEmnOZhma+HAngC
suw0VKzGwzjdSfQsvuJDiNdV4l4NmBYGdLtWUtugfN+qb82k6bTsAiskzm5GcmJh
sQpqtrROr/R/pw==
-----END CERTIFICATE-----