Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
File:                     nTXgMBWeVx-qvTebUsHZoa77FEQ.mft (raw, json)
Hash identifier:          AjBouhYi0IVbkd/XF0EbBsoRr8pLEyKR3ibDDxjalSo=
Subject key identifier:   FB:96:BB:7A:F6:FB:1E:B9:1C:3E:D0:74:61:33:12:1A:A2:F2:4B:30
Authority key identifier: 9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44
Certificate issuer:       /CN=9d35e030159e571faabd379b52c1d9a1aefb1444
Certificate serial:       0198D54E3C1EFE9C126EF5442734BF489844
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
Manifest number:          D2
Signing time:             Sat 23 Aug 2025 05:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:10 +0000
Files and hashes:         1: nTXgMBWeVx-qvTebUsHZoa77FEQ.crl (hash: d5yeG69DQLTILdMFXGHp2wGmiFn6AxmmDw6+B38xkKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:3c:1e:fe:9c:12:6e:f5:44:27:34:bf:48:98:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d35e030159e571faabd379b52c1d9a1aefb1444
        Validity
            Not Before: Aug 23 05:02:10 2025 GMT
            Not After : Aug 24 05:02:10 2025 GMT
        Subject: CN=fb96bb7af6fb1eb91c3ed0746133121aa2f24b30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3f:bd:84:e5:44:df:b9:98:a6:ac:37:cc:ab:
                    61:c9:f7:3c:9f:77:35:bf:94:c4:e0:78:85:d8:61:
                    09:d5:65:0c:8f:40:67:7a:8d:e5:11:51:12:5e:d7:
                    c9:1f:3e:ff:15:a2:59:43:8f:7c:a6:5b:0b:8a:6d:
                    50:ee:e2:4f:fb:8c:4e:6b:64:68:4f:33:a1:30:11:
                    d7:62:2e:e7:c3:c3:0c:a9:5c:94:76:b5:a1:50:b0:
                    72:74:ab:9d:c5:76:1a:6f:dd:bd:ca:e4:2e:9a:64:
                    a5:60:76:1a:75:b1:53:c9:02:3c:9b:71:c2:0d:8d:
                    b1:e8:50:11:99:80:65:96:49:91:b3:1c:3d:6d:4f:
                    e5:43:df:e4:21:63:9c:a6:07:37:29:00:8f:d2:2d:
                    45:bd:97:1e:39:16:ea:70:3f:01:d2:b4:fd:41:df:
                    04:22:56:b9:73:2f:ee:94:2c:ba:b0:9d:6a:46:f2:
                    1c:b8:23:92:c8:0e:10:0a:5f:55:45:10:47:e1:dc:
                    1e:99:72:01:94:b9:26:f4:02:a9:38:14:f8:56:a4:
                    06:0b:d0:23:4d:3f:a7:d3:38:8b:86:30:ba:97:7f:
                    79:4f:7d:be:d4:b1:cf:a4:a8:bc:5f:cf:f4:41:d4:
                    b3:9c:ed:50:c1:a4:15:63:30:25:30:ca:f6:21:69:
                    4f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:96:BB:7A:F6:FB:1E:B9:1C:3E:D0:74:61:33:12:1A:A2:F2:4B:30
            X509v3 Authority Key Identifier:
                keyid:9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:68:26:0c:a7:b8:44:64:b4:7a:72:0f:a9:21:96:33:da:4e:
         b2:65:0c:38:02:a5:98:45:65:cf:64:91:f2:9c:01:ac:8b:3b:
         19:89:e1:04:e4:74:6e:e0:ab:16:ff:3f:d6:58:43:d0:f9:ee:
         b6:c8:03:bf:7a:33:10:48:58:22:28:e9:48:20:5f:b0:79:e3:
         ec:f0:a8:23:1f:cb:9d:78:41:0d:db:1c:e5:b7:ff:04:1a:c6:
         f4:ac:bb:de:7c:1d:ef:b4:26:57:a5:6d:27:fd:d5:f9:c7:1c:
         71:24:1b:e7:ef:88:5e:98:87:7f:11:5a:7b:cb:88:8d:59:e4:
         56:ae:9b:46:6a:40:64:a5:de:ca:1b:81:40:59:a7:21:10:e5:
         73:ac:7e:cd:8a:b0:38:23:86:d3:fc:30:9e:bc:3b:0c:26:c7:
         07:c5:e6:7b:c5:25:4f:f2:fc:63:9e:b3:26:3d:f5:a1:3b:b9:
         11:e8:4a:2f:20:8b:39:e0:2a:02:df:12:3f:ad:da:61:32:25:
         3c:93:bd:e9:d4:46:2f:c3:92:1f:54:da:ad:2d:9a:6d:3f:82:
         00:c2:75:40:d9:02:a7:57:4a:a7:44:9e:bf:8b:4d:d6:f9:b8:
         b3:7e:da:bf:04:85:61:c2:4b:32:9f:fa:14:9e:bb:83:95:19:
         7f:8f:d4:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTjwe/pwSbvVEJzS/SJhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzVlMDMwMTU5ZTU3MWZhYWJkMzc5YjUyYzFkOWExYWVm
YjE0NDQwHhcNMjUwODIzMDUwMjEwWhcNMjUwODI0MDUwMjEwWjAzMTEwLwYDVQQD
EyhmYjk2YmI3YWY2ZmIxZWI5MWMzZWQwNzQ2MTMzMTIxYWEyZjI0YjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT+9hOVE37mYpqw3zKthyfc8n3c1
v5TE4HiF2GEJ1WUMj0Bneo3lEVESXtfJHz7/FaJZQ498plsLim1Q7uJP+4xOa2Ro
TzOhMBHXYi7nw8MMqVyUdrWhULBydKudxXYab929yuQummSlYHYadbFTyQI8m3HC
DY2x6FARmYBllkmRsxw9bU/lQ9/kIWOcpgc3KQCP0i1FvZceORbqcD8B0rT9Qd8E
Ila5cy/ulCy6sJ1qRvIcuCOSyA4QCl9VRRBH4dwemXIBlLkm9AKpOBT4VqQGC9Aj
TT+n0ziLhjC6l395T32+1LHPpKi8X8/0QdSznO1QwaQVYzAlMMr2IWlPdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuWu3r2+x65HD7QdGEzEhqi8kswMB8GA1UdIwQY
MBaAFJ014DAVnlcfqr03m1LB2aGu+xREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1Zjkt
Mjg2YTgyOGRkN2Q1LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1ZjktMjg2YTgyOGRkN2Q1
LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWgmDKe4
RGS0enIPqSGWM9pOsmUMOAKlmEVlz2SR8pwBrIs7GYnhBOR0buCrFv8/1lhD0Pnu
tsgDv3ozEEhYIijpSCBfsHnj7PCoIx/LnXhBDdsc5bf/BBrG9Ky73nwd77QmV6Vt
J/3V+ccccSQb5++IXpiHfxFae8uIjVnkVq6bRmpAZKXeyhuBQFmnIRDlc6x+zYqw
OCOG0/wwnrw7DCbHB8Xme8UlT/L8Y56zJj31oTu5EehKLyCLOeAqAt8SP63aYTIl
PJO96dRGL8OSH1TarS2abT+CAMJ1QNkCp1dKp0Sev4tN1vm4s37avwSFYcJLMp/6
FJ67g5UZf4/ULA==
-----END CERTIFICATE-----