Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
File:                     XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft (raw, json)
Hash identifier:          1ekrQo5RQw8jqmPFlNpmswkbUm1/K8UxdlKORhI5mVo=
Subject key identifier:   9F:8A:07:31:77:FB:AC:C7:B6:E9:32:80:0F:9E:9C:C8:AC:75:E7:97
Authority key identifier: 5D:B7:92:75:65:9D:D9:61:C7:42:BF:21:D8:DC:A1:84:A4:43:0D:85
Certificate issuer:       /CN=5db79275659dd961c742bf21d8dca184a4430d85
Certificate serial:       0196A277816ED07CA1B5A257FD50A23E9CAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
Manifest number:          0BA2
Signing time:             Mon 05 May 2025 22:01:02 +0000
Manifest this update:     Mon 05 May 2025 22:01:02 +0000
Manifest next update:     Tue 06 May 2025 22:01:02 +0000
Files and hashes:         1: XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl (hash: eX9viSCAZIHuaYz8WNXlss3MBT5HuMiPW6tMMQeBqjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:77:81:6e:d0:7c:a1:b5:a2:57:fd:50:a2:3e:9c:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5db79275659dd961c742bf21d8dca184a4430d85
        Validity
            Not Before: May  5 22:01:02 2025 GMT
            Not After : May  6 22:01:02 2025 GMT
        Subject: CN=9f8a073177fbacc7b6e932800f9e9cc8ac75e797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:00:f3:dc:9e:b4:a8:b5:e0:f9:cb:b5:49:fb:
                    38:f4:58:af:31:9c:4c:a7:a6:52:81:4e:e6:af:f9:
                    8d:d5:89:b3:19:e9:66:22:ae:37:4c:11:1c:13:d6:
                    cd:40:90:83:ac:be:11:e2:f1:2a:47:0d:dc:2e:fd:
                    c7:ba:07:78:94:a2:4d:5e:20:4a:32:b7:3b:55:84:
                    a1:81:ab:73:d1:e9:1f:4e:95:52:b8:d2:74:f7:dd:
                    69:5e:77:7d:c2:2b:4e:36:eb:80:24:12:67:40:6e:
                    9f:8c:93:72:f6:5a:a7:11:39:c2:b3:a2:f9:fe:9c:
                    d5:ca:03:2d:01:44:2b:94:62:0d:9f:23:2c:b0:62:
                    73:70:d2:95:62:b4:11:66:df:14:23:01:50:a8:92:
                    e4:20:4b:8d:0e:61:f5:30:01:d5:98:49:9f:e9:3f:
                    93:67:b3:f5:66:1d:26:b7:c9:a1:f9:55:8b:1d:8c:
                    c5:02:14:88:3f:fd:ec:26:80:f3:ae:a2:81:04:8a:
                    2a:9e:b3:98:be:f3:e4:53:b7:6b:ec:f2:75:3f:fd:
                    f5:9e:25:37:a9:75:09:b7:3a:a6:ce:ce:55:b9:fc:
                    3b:c8:21:2f:ff:68:de:15:d2:7b:13:d9:19:5f:ad:
                    02:7b:98:37:50:f4:64:d0:45:64:25:cc:08:04:78:
                    0d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:8A:07:31:77:FB:AC:C7:B6:E9:32:80:0F:9E:9C:C8:AC:75:E7:97
            X509v3 Authority Key Identifier:
                keyid:5D:B7:92:75:65:9D:D9:61:C7:42:BF:21:D8:DC:A1:84:A4:43:0D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbeSdWWd2WHHQr8h2NyhhKRDDYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/52740e-5cb0-4814-a21a-a0967a435a6a/1/XbeSdWWd2WHHQr8h2NyhhKRDDYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:3d:7d:a3:7e:6a:c0:af:6a:e8:15:ed:85:2e:64:72:bd:00:
         38:b4:5b:d1:48:af:ee:4a:95:e5:e8:af:17:a3:0d:96:7a:61:
         b0:0b:af:9e:43:5b:33:e5:ae:c6:0d:9c:02:eb:f8:5c:0c:36:
         fd:d9:a2:47:29:d7:ce:b7:85:38:5e:65:89:fd:a6:00:ea:ad:
         3b:96:7e:0c:76:62:71:eb:02:05:81:54:6b:6d:0f:f7:bb:b1:
         f1:d8:4a:04:2f:3a:aa:ad:30:f8:c4:29:35:f5:0b:51:71:ff:
         7a:ce:50:92:2b:72:cf:31:23:57:a2:28:f1:7d:fb:03:55:b6:
         e8:60:c4:39:4a:ff:86:f5:ac:7d:3c:55:1f:9c:a5:d0:fa:31:
         5f:f1:99:eb:e5:07:41:93:8a:8c:8f:c2:6e:ba:d2:e7:28:a4:
         0d:e3:f3:a1:c5:87:03:a1:3d:09:95:a3:e3:31:79:af:45:b4:
         28:a4:f5:36:39:df:40:eb:a2:c4:9c:c3:e5:c7:76:98:51:fc:
         f8:0e:b8:da:43:2b:d3:83:05:39:31:0a:e1:c7:03:8e:cc:71:
         53:82:4e:7c:c4:c8:34:a0:50:72:7e:d8:ff:10:1d:56:82:8d:
         84:f2:23:20:b3:2a:51:bf:fd:ee:be:b7:76:3f:93:3c:5d:37:
         de:12:c2:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaid4Fu0HyhtaJX/VCiPpyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjc5Mjc1NjU5ZGQ5NjFjNzQyYmYyMWQ4ZGNhMTg0YTQ0
MzBkODUwHhcNMjUwNTA1MjIwMTAyWhcNMjUwNTA2MjIwMTAyWjAzMTEwLwYDVQQD
Eyg5ZjhhMDczMTc3ZmJhY2M3YjZlOTMyODAwZjllOWNjOGFjNzVlNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gDz3J60qLXg+cu1Sfs49FivMZxM
p6ZSgU7mr/mN1YmzGelmIq43TBEcE9bNQJCDrL4R4vEqRw3cLv3Hugd4lKJNXiBK
Mrc7VYShgatz0ekfTpVSuNJ0991pXnd9witONuuAJBJnQG6fjJNy9lqnETnCs6L5
/pzVygMtAUQrlGINnyMssGJzcNKVYrQRZt8UIwFQqJLkIEuNDmH1MAHVmEmf6T+T
Z7P1Zh0mt8mh+VWLHYzFAhSIP/3sJoDzrqKBBIoqnrOYvvPkU7dr7PJ1P/31niU3
qXUJtzqmzs5Vufw7yCEv/2jeFdJ7E9kZX60Ce5g3UPRk0EVkJcwIBHgN/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+KBzF3+6zHtukygA+enMisdeeXMB8GA1UdIwQY
MBaAFF23knVlndlhx0K/IdjcoYSkQw2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81Mjc0MGUtNWNiMC00ODE0LWEyMWEt
YTA5NjdhNDM1YTZhLzEvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81Mjc0MGUtNWNiMC00ODE0LWEyMWEtYTA5NjdhNDM1YTZh
LzEvWGJlU2RXV2QyV0hIUXI4aDJOeWhoS1JERFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQD19o35q
wK9q6BXthS5kcr0AOLRb0Uiv7kqV5eivF6MNlnphsAuvnkNbM+Wuxg2cAuv4XAw2
/dmiRynXzreFOF5lif2mAOqtO5Z+DHZicesCBYFUa20P97ux8dhKBC86qq0w+MQp
NfULUXH/es5QkityzzEjV6Io8X37A1W26GDEOUr/hvWsfTxVH5yl0PoxX/GZ6+UH
QZOKjI/CbrrS5yikDePzocWHA6E9CZWj4zF5r0W0KKT1NjnfQOuixJzD5cd2mFH8
+A642kMr04MFOTEK4ccDjsxxU4JOfMTINKBQcn7Y/xAdVoKNhPIjILMqUb/97r63
dj+TPF033hLC2Q==
-----END CERTIFICATE-----