Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
File:                     xndznw-VRrTwJXcsXCsXl4WSOFI.mft (raw, json)
Hash identifier:          2mvDB/kDyqfdnbnuWWpneHE+15C6rymSCoD9m4HJoRA=
Subject key identifier:   F3:8B:7E:D6:FD:3B:04:34:1F:2F:C7:41:3B:BC:A3:FA:7D:91:AA:31
Authority key identifier: C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52
Certificate issuer:       /CN=c677739f0f9546b4f025772c5c2b179785923852
Certificate serial:       0197B9338CF068221C8093023202B51668D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
Manifest number:          13C8
Signing time:             Sun 29 Jun 2025 01:00:52 +0000
Manifest this update:     Sun 29 Jun 2025 01:00:52 +0000
Manifest next update:     Mon 30 Jun 2025 01:00:52 +0000
Files and hashes:         1: xndznw-VRrTwJXcsXCsXl4WSOFI.crl (hash: kY22XTLtXhutBCPPCGMa2T1o0Gu+Ag4JsRYaZFDZX6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:33:8c:f0:68:22:1c:80:93:02:32:02:b5:16:68:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c677739f0f9546b4f025772c5c2b179785923852
        Validity
            Not Before: Jun 29 01:00:52 2025 GMT
            Not After : Jun 30 01:00:52 2025 GMT
        Subject: CN=f38b7ed6fd3b04341f2fc7413bbca3fa7d91aa31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:59:d8:83:b3:84:5b:46:9d:b2:5d:b4:c6:99:
                    29:d8:23:57:20:be:ed:7f:94:14:6e:25:99:5f:06:
                    e3:88:11:8e:fa:fd:d9:34:bb:a7:d8:f4:bb:3f:31:
                    92:d7:20:2e:a4:01:d6:59:46:cb:f9:21:9b:4a:57:
                    88:9c:16:a0:8e:95:70:1c:63:61:3d:06:3e:9a:e9:
                    e4:16:e0:53:a6:16:f8:4d:17:52:b8:aa:f3:53:37:
                    9b:95:c0:f1:6d:1f:01:c3:0b:b9:0f:2b:b6:bc:94:
                    f7:cc:65:17:37:25:eb:7b:7f:42:61:1d:dc:bb:fa:
                    49:4d:9a:55:59:ed:a6:a5:b7:eb:41:ff:4a:e0:6b:
                    f5:20:6a:38:9d:1c:73:c1:f4:78:41:0c:d4:af:1e:
                    66:ef:dc:be:a8:d9:1d:81:41:4d:5a:b3:5b:1e:4f:
                    cf:17:c7:a9:22:30:1e:b7:cb:5e:13:7d:40:8a:ad:
                    02:04:ad:c9:52:e3:60:b4:0c:6a:7d:cd:fc:34:e7:
                    9b:c2:d4:10:d4:c3:20:57:fa:72:ef:93:b4:dd:8a:
                    4f:82:a6:0c:12:73:4e:c4:e9:b3:e4:61:6e:7a:2b:
                    40:42:1f:a2:35:2a:fe:bc:78:e0:a7:2a:87:1d:05:
                    69:a5:1e:3d:bd:35:ad:49:20:80:91:13:61:6a:4b:
                    2d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:8B:7E:D6:FD:3B:04:34:1F:2F:C7:41:3B:BC:A3:FA:7D:91:AA:31
            X509v3 Authority Key Identifier:
                keyid:C6:77:73:9F:0F:95:46:B4:F0:25:77:2C:5C:2B:17:97:85:92:38:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xndznw-VRrTwJXcsXCsXl4WSOFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d60291-d840-4901-a85d-c685fa916b07/1/xndznw-VRrTwJXcsXCsXl4WSOFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:c0:f2:34:fe:90:7a:f4:01:e9:e3:2f:a3:05:bb:a2:8a:79:
         9a:75:c1:f7:5f:56:36:2a:ac:bc:88:66:86:f0:56:53:24:53:
         82:74:06:a4:31:27:86:53:47:10:44:80:45:b7:8d:4b:40:32:
         d7:94:e9:81:d4:c1:13:2a:a5:e3:fd:30:69:0e:be:dc:6c:27:
         7f:77:92:29:ec:6e:41:52:41:26:44:32:98:7a:09:42:ab:af:
         98:cc:d3:a5:d6:9b:53:6c:f4:11:4b:f4:ea:eb:b9:6f:fe:8a:
         8a:21:9c:8d:56:29:3d:64:55:bd:a4:1d:fa:34:e9:d8:87:76:
         6a:7e:15:7d:a5:3c:21:8d:58:3e:80:09:eb:cd:67:5a:c0:fa:
         6e:71:ab:cd:01:16:a9:f3:1d:e3:65:7b:38:d8:78:3e:73:3e:
         47:66:d8:9a:56:e0:34:63:73:46:b8:69:a4:f9:19:4a:33:2b:
         3b:67:c4:1e:c5:f4:48:dd:8a:7c:22:ee:24:38:bf:48:1a:13:
         d4:b5:93:6a:bc:18:79:27:4d:45:19:e7:87:61:54:be:91:1f:
         7c:2f:12:ed:91:2a:e3:f7:eb:4d:f4:dc:c5:6d:3e:f5:8b:15:
         5b:45:73:64:a3:85:f4:5b:0a:98:dd:c8:e6:9e:3c:e1:82:5a:
         94:a2:7d:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5M4zwaCIcgJMCMgK1FmjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Nzc3MzlmMGY5NTQ2YjRmMDI1NzcyYzVjMmIxNzk3ODU5
MjM4NTIwHhcNMjUwNjI5MDEwMDUyWhcNMjUwNjMwMDEwMDUyWjAzMTEwLwYDVQQD
EyhmMzhiN2VkNmZkM2IwNDM0MWYyZmM3NDEzYmJjYTNmYTdkOTFhYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlnYg7OEW0adsl20xpkp2CNXIL7t
f5QUbiWZXwbjiBGO+v3ZNLun2PS7PzGS1yAupAHWWUbL+SGbSleInBagjpVwHGNh
PQY+munkFuBTphb4TRdSuKrzUzeblcDxbR8Bwwu5Dyu2vJT3zGUXNyXre39CYR3c
u/pJTZpVWe2mpbfrQf9K4Gv1IGo4nRxzwfR4QQzUrx5m79y+qNkdgUFNWrNbHk/P
F8epIjAet8teE31Aiq0CBK3JUuNgtAxqfc38NOebwtQQ1MMgV/py75O03YpPgqYM
EnNOxOmz5GFueitAQh+iNSr+vHjgpyqHHQVppR49vTWtSSCAkRNhakstIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOLftb9OwQ0Hy/HQTu8o/p9kaoxMB8GA1UdIwQY
MBaAFMZ3c58PlUa08CV3LFwrF5eFkjhSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQt
YzY4NWZhOTE2YjA3LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNjAyOTEtZDg0MC00OTAxLWE4NWQtYzY4NWZhOTE2YjA3
LzEveG5kem53LVZSclR3Slhjc1hDc1hsNFdTT0ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANMDyNP6Q
evQB6eMvowW7oop5mnXB919WNiqsvIhmhvBWUyRTgnQGpDEnhlNHEESARbeNS0Ay
15TpgdTBEyql4/0waQ6+3Gwnf3eSKexuQVJBJkQymHoJQquvmMzTpdabU2z0EUv0
6uu5b/6KiiGcjVYpPWRVvaQd+jTp2Id2an4VfaU8IY1YPoAJ681nWsD6bnGrzQEW
qfMd42V7ONh4PnM+R2bYmlbgNGNzRrhppPkZSjMrO2fEHsX0SN2KfCLuJDi/SBoT
1LWTarwYeSdNRRnnh2FUvpEffC8S7ZEq4/frTfTcxW0+9YsVW0VzZKOF9FsKmN3I
5p484YJalKJ9BA==
-----END CERTIFICATE-----