Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File:                     XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier:          Pr81zETX4yGIUb7Dj+qNlA/qukD9qhcMDcg50zC9j5Y=
Subject key identifier:   27:00:39:7B:77:CD:C4:D1:7E:B0:A7:D8:9B:20:0A:85:54:41:60:DF
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer:       /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial:       0197B88F3BB7D53F95003DB4603737BFA657
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number:          14F5
Signing time:             Sat 28 Jun 2025 22:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:24 +0000
Files and hashes:         1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: pFBoyN6PCt42rL8vu2N403PDcVqAVgu/KDmyM0N1pH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:3b:b7:d5:3f:95:00:3d:b4:60:37:37:bf:a6:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
        Validity
            Not Before: Jun 28 22:01:24 2025 GMT
            Not After : Jun 29 22:01:24 2025 GMT
        Subject: CN=2700397b77cdc4d17eb0a7d89b200a85544160df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:25:1d:78:62:9d:f7:82:b7:8e:5e:85:bc:b3:
                    7b:8e:f1:e0:72:a5:5f:40:36:a9:2b:4b:4d:62:2b:
                    1e:9e:18:db:55:60:2b:c2:5b:f2:19:d3:9f:68:50:
                    0b:a9:fe:18:d2:cc:a0:60:3d:38:26:cb:77:86:84:
                    a6:31:0c:92:1b:59:9b:e6:52:98:0e:3e:15:dd:b3:
                    bd:26:75:c9:b8:c5:40:e5:fb:ce:cf:5b:f2:36:f9:
                    97:69:4d:09:c4:58:32:b2:a6:b1:09:36:03:15:93:
                    64:b5:2a:e4:bb:81:19:54:23:e3:db:c0:17:9d:c8:
                    91:d9:9d:3a:b6:4b:6a:0c:ac:b5:ff:3e:89:4d:c9:
                    8b:89:3e:6f:b0:04:f5:bf:0c:a1:b6:57:92:72:74:
                    8e:2f:f2:05:2e:e3:78:02:1d:19:3c:73:3e:8b:d5:
                    bb:3e:bd:a2:80:85:26:1d:1e:95:d5:cf:b4:16:c5:
                    98:2d:7c:3a:d2:c5:d2:ec:f8:74:b4:c2:4c:6f:b5:
                    bb:94:00:a3:8e:35:ee:b6:2c:0d:e2:8b:c8:3a:53:
                    47:a0:c3:cc:b8:6e:ab:ee:71:47:78:33:1a:26:1d:
                    2c:e8:44:61:c1:05:0b:4e:e9:47:49:53:b1:a2:0c:
                    23:aa:8e:15:81:1a:96:63:a4:62:1e:e2:a1:6f:33:
                    63:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:00:39:7B:77:CD:C4:D1:7E:B0:A7:D8:9B:20:0A:85:54:41:60:DF
            X509v3 Authority Key Identifier:
                keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:31:2d:4b:88:0e:5d:69:1f:e7:43:ef:13:42:e8:8f:70:b8:
         1c:99:a8:6e:20:7f:8e:d4:a6:24:f1:ea:79:eb:28:3f:fb:11:
         a4:3a:66:bb:73:32:b4:9f:80:82:ab:0d:73:3d:ec:ba:2d:cf:
         6d:af:9e:4a:6f:e3:34:ac:b5:96:67:b2:02:bd:c3:74:fd:c4:
         3a:6e:2e:9b:40:55:17:a0:c1:4e:b9:ed:96:29:02:dc:7a:b7:
         20:11:9b:05:88:53:34:07:a4:86:98:b9:16:fa:26:55:a4:08:
         7a:9d:6b:91:e9:ac:6a:a6:c1:fc:55:bc:8c:2e:28:a6:0d:2a:
         73:85:ca:ad:0f:91:4a:35:22:c0:39:17:35:81:48:b1:10:99:
         78:8b:c6:66:e9:7d:ed:73:c2:cd:71:8e:9d:9f:69:80:0b:3a:
         e0:71:f7:25:7d:8e:00:5e:59:16:6b:df:e0:68:70:3f:fe:d2:
         7c:5a:96:19:a8:1e:e5:e4:09:7b:7c:aa:1c:3e:bb:cd:16:26:
         93:5b:b2:cb:c5:52:01:13:06:69:41:af:54:f0:5f:d5:dc:92:
         4f:b3:da:18:0e:b9:25:24:9a:ac:73:3a:64:36:6d:d8:95:5c:
         d7:3c:62:e0:44:52:ac:32:36:b6:d6:66:44:a9:45:75:52:2c:
         c6:f2:1e:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jzu31T+VAD20YDc3v6ZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUwNjI4MjIwMTI0WhcNMjUwNjI5MjIwMTI0WjAzMTEwLwYDVQQD
EygyNzAwMzk3Yjc3Y2RjNGQxN2ViMGE3ZDg5YjIwMGE4NTU0NDE2MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSUdeGKd94K3jl6FvLN7jvHgcqVf
QDapK0tNYisenhjbVWArwlvyGdOfaFALqf4Y0sygYD04Jst3hoSmMQySG1mb5lKY
Dj4V3bO9JnXJuMVA5fvOz1vyNvmXaU0JxFgysqaxCTYDFZNktSrku4EZVCPj28AX
nciR2Z06tktqDKy1/z6JTcmLiT5vsAT1vwyhtleScnSOL/IFLuN4Ah0ZPHM+i9W7
Pr2igIUmHR6V1c+0FsWYLXw60sXS7Ph0tMJMb7W7lACjjjXutiwN4ovIOlNHoMPM
uG6r7nFHeDMaJh0s6ERhwQULTulHSVOxogwjqo4VgRqWY6RiHuKhbzNj/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcAOXt3zcTRfrCn2JsgCoVUQWDfMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdDEtS4gO
XWkf50PvE0Loj3C4HJmobiB/jtSmJPHqeesoP/sRpDpmu3MytJ+AgqsNcz3sui3P
ba+eSm/jNKy1lmeyAr3DdP3EOm4um0BVF6DBTrntlikC3Hq3IBGbBYhTNAekhpi5
FvomVaQIep1rkemsaqbB/FW8jC4opg0qc4XKrQ+RSjUiwDkXNYFIsRCZeIvGZul9
7XPCzXGOnZ9pgAs64HH3JX2OAF5ZFmvf4GhwP/7SfFqWGage5eQJe3yqHD67zRYm
k1uyy8VSARMGaUGvVPBf1dyST7PaGA65JSSarHM6ZDZt2JVc1zxi4ERSrDI2ttZm
RKlFdVIsxvIe9Q==
-----END CERTIFICATE-----