Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          dI+W3bpCUJColfJ+5W8TGbCEizI9ZxI62g67DoNkYyI=
Subject key identifier:   B4:DD:CB:59:0B:2B:B9:1E:85:35:23:54:B6:83:95:5D:E2:1A:D1:0B
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       0199FAD8248A6F87AF1CFCF9647E4681041F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          01F0
Signing time:             Sun 19 Oct 2025 05:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:33 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: 3hk8eslA8DEkZanuuP4IqaDlL+TUGY1QIXah5vxOjCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:24:8a:6f:87:af:1c:fc:f9:64:7e:46:81:04:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Oct 19 05:01:33 2025 GMT
            Not After : Oct 20 05:01:33 2025 GMT
        Subject: CN=b4ddcb590b2bb91e85352354b683955de21ad10b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:de:64:30:d7:ca:27:73:fa:c8:a7:c6:15:88:
                    cc:8a:83:a5:1a:38:25:b9:5c:1b:fc:2b:ea:95:c6:
                    e5:74:d1:51:54:fa:41:3d:87:2b:0f:b6:6b:6b:06:
                    08:fe:1d:8e:74:8f:87:9d:8b:98:18:08:27:f0:5d:
                    52:42:f1:a2:3e:56:ae:b7:39:1e:f1:e8:05:9d:e4:
                    31:88:7b:1e:b2:f7:89:d8:ec:c7:4a:d1:ab:d4:99:
                    74:18:4c:1a:c4:0f:80:66:36:e2:52:2e:b3:b4:6a:
                    ea:8f:b8:83:3c:82:5a:f2:9a:b6:e2:28:26:8b:c1:
                    88:6c:ef:39:01:77:6d:d0:ad:0a:3d:19:f6:7c:30:
                    8b:be:d6:bd:9a:d5:8e:91:04:a4:fc:6e:6b:44:f9:
                    6e:3b:b5:43:b2:e6:16:eb:c3:82:97:4a:a5:13:c3:
                    c0:56:30:10:35:96:f6:d2:1c:cb:91:e3:c2:38:c9:
                    65:b9:cb:74:2f:57:ce:8b:b2:47:5e:f0:2c:cb:19:
                    e6:f1:8a:ad:96:f2:a1:88:73:b3:7d:3e:f6:15:6f:
                    2a:ce:e6:74:c6:e4:34:1b:37:11:35:9a:58:b4:58:
                    39:5a:d3:d2:94:be:68:f8:7b:b9:87:81:00:0f:82:
                    3b:77:e2:04:d1:cb:75:a0:10:1b:d9:42:0f:4f:cc:
                    eb:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:DD:CB:59:0B:2B:B9:1E:85:35:23:54:B6:83:95:5D:E2:1A:D1:0B
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:23:a9:51:15:db:1e:f3:d2:8b:3a:a3:d3:c1:09:59:62:d4:
         41:e9:90:0d:14:8f:97:49:e9:de:f4:e4:35:76:c2:16:59:55:
         9f:2e:e2:2b:dd:5f:d4:81:04:1d:dc:68:ff:eb:6b:e7:b0:c3:
         a3:a8:0a:a3:87:76:4c:00:6e:bd:c4:76:49:1d:02:4a:53:f9:
         d8:f6:14:5a:24:56:49:21:b7:4f:4b:43:66:cc:0e:28:b8:7f:
         7f:e3:c4:50:e1:31:f3:ee:60:5b:e0:4a:b9:f1:70:7a:0c:b3:
         f6:36:d5:ea:91:28:3a:4c:38:bf:ee:e0:3a:db:0f:19:8d:ca:
         d5:00:c8:9f:c5:3b:ab:7b:76:4b:a1:91:52:2a:9d:0a:d6:1c:
         ce:8a:17:e9:66:e9:37:31:86:e8:f4:eb:38:58:ef:5d:be:59:
         bb:cf:67:ee:cc:95:85:fd:f1:07:39:79:26:20:29:02:72:90:
         28:44:05:17:06:d5:8e:31:77:a8:3f:52:a2:9a:a5:0d:97:6c:
         f2:ef:ad:de:43:13:9b:01:2f:56:26:be:f4:fa:80:60:a9:94:
         76:d9:6e:05:83:4d:da:61:7d:02:d6:08:b3:88:5e:05:d8:5a:
         98:3c:b6:37:91:02:59:65:65:ef:3e:1b:6e:6c:3a:2d:76:ef:
         74:2a:f6:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62CSKb4evHPz5ZH5GgQQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjUxMDE5MDUwMTMzWhcNMjUxMDIwMDUwMTMzWjAzMTEwLwYDVQQD
EyhiNGRkY2I1OTBiMmJiOTFlODUzNTIzNTRiNjgzOTU1ZGUyMWFkMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd5kMNfKJ3P6yKfGFYjMioOlGjgl
uVwb/CvqlcbldNFRVPpBPYcrD7ZrawYI/h2OdI+HnYuYGAgn8F1SQvGiPlautzke
8egFneQxiHsesveJ2OzHStGr1Jl0GEwaxA+AZjbiUi6ztGrqj7iDPIJa8pq24igm
i8GIbO85AXdt0K0KPRn2fDCLvta9mtWOkQSk/G5rRPluO7VDsuYW68OCl0qlE8PA
VjAQNZb20hzLkePCOMlluct0L1fOi7JHXvAsyxnm8YqtlvKhiHOzfT72FW8qzuZ0
xuQ0GzcRNZpYtFg5WtPSlL5o+Hu5h4EAD4I7d+IE0ct1oBAb2UIPT8zrgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTdy1kLK7kehTUjVLaDlV3iGtELMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyOpURXb
HvPSizqj08EJWWLUQemQDRSPl0np3vTkNXbCFllVny7iK91f1IEEHdxo/+tr57DD
o6gKo4d2TABuvcR2SR0CSlP52PYUWiRWSSG3T0tDZswOKLh/f+PEUOEx8+5gW+BK
ufFwegyz9jbV6pEoOkw4v+7gOtsPGY3K1QDIn8U7q3t2S6GRUiqdCtYczooX6Wbp
NzGG6PTrOFjvXb5Zu89n7syVhf3xBzl5JiApAnKQKEQFFwbVjjF3qD9SopqlDZds
8u+t3kMTmwEvVia+9PqAYKmUdtluBYNN2mF9AtYIs4heBdhamDy2N5ECWWVl7z4b
bmw6LXbvdCr21A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:47 2025 by rpki-client