Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          Ce6PnydyG/B6nKUSyOthkuoFq5R1vtbo+oGTBM4bCic=
Subject key identifier:   B1:D8:44:3B:F2:36:26:D8:BB:8A:22:A7:1D:1D:2D:79:ED:92:1A:E4
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       0197C048F8A827206D9DB5BF8A959ADFA062
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          15B4
Signing time:             Mon 30 Jun 2025 10:01:36 +0000
Manifest this update:     Mon 30 Jun 2025 10:01:36 +0000
Manifest next update:     Tue 01 Jul 2025 10:01:36 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: Xq8lS/gAw6SGwxFFUdmPd8ikLXqj5aDzOt+ofTcwzlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 10:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:48:f8:a8:27:20:6d:9d:b5:bf:8a:95:9a:df:a0:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Jun 30 10:01:36 2025 GMT
            Not After : Jul  1 10:01:36 2025 GMT
        Subject: CN=b1d8443bf23626d8bb8a22a71d1d2d79ed921ae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:6d:fc:e6:ab:54:db:5f:b7:5e:4a:e0:4c:b3:
                    f4:61:64:b2:15:62:cd:44:da:b0:92:61:e0:78:13:
                    34:6a:95:2c:a1:39:ab:93:4e:65:2b:e6:ae:f5:80:
                    3b:08:1a:46:70:f5:7b:99:bd:50:dc:d3:f6:21:da:
                    42:4d:27:cd:31:07:32:7a:72:e4:41:9e:47:9b:88:
                    47:31:6d:be:1b:fd:8f:a0:a5:76:65:ef:c2:b1:df:
                    c7:2b:e3:28:62:ff:29:1c:29:2e:cd:bb:a2:68:20:
                    c6:5d:ff:6b:63:bf:a2:ec:88:b5:2c:f2:3f:e9:f7:
                    9a:2d:e4:48:53:fe:cc:f2:b6:7f:42:e7:2c:46:60:
                    17:67:2c:4a:91:32:90:45:3a:23:bf:cd:97:0a:53:
                    0f:20:74:46:96:ba:9c:52:d6:80:7c:af:be:19:a3:
                    76:2c:f0:21:a3:5e:4c:3e:06:7e:19:95:ab:3d:19:
                    b0:f4:b2:3c:f2:e1:a3:37:0b:af:8f:e2:60:36:ea:
                    a7:62:81:e0:93:37:08:77:a3:97:42:fc:30:aa:80:
                    a0:c1:5e:8b:c5:e3:0a:35:0d:a5:7f:93:45:56:bb:
                    3c:2a:71:dc:c6:4a:20:d8:c9:d9:b7:e3:8b:c5:ca:
                    5f:36:50:ef:16:70:3b:48:4d:e7:b4:ff:77:65:53:
                    6d:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D8:44:3B:F2:36:26:D8:BB:8A:22:A7:1D:1D:2D:79:ED:92:1A:E4
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:5d:93:df:76:1f:02:de:52:45:e7:1c:08:6a:2b:8f:fd:4a:
         a5:6e:4d:3e:6a:d3:a7:8c:e9:c2:90:61:ed:1f:a5:84:fe:b5:
         9a:dd:7b:a0:ba:71:c4:09:d7:a2:a9:82:d4:ed:50:12:33:e1:
         fa:ac:77:8c:98:fe:98:8c:f9:07:a6:b1:a9:da:ca:13:d4:d0:
         c1:f8:ca:a1:04:7c:8f:c5:48:00:64:06:19:9c:d9:6d:8d:d9:
         61:47:b3:ce:10:74:8c:f1:f0:25:ee:9b:24:fd:b2:48:5a:98:
         31:fa:38:a1:d8:af:19:ca:50:b0:d2:5f:5d:21:b3:e5:0c:48:
         a2:ae:72:a5:b3:13:33:74:3c:f8:0a:21:3f:1a:3f:29:b9:0c:
         4a:75:e0:a9:ab:f3:0e:45:f7:65:1d:7b:4a:94:3d:18:e0:be:
         d7:a4:a5:53:c3:99:f5:0e:36:7a:84:94:d3:c7:7e:17:f2:f7:
         b9:c6:d5:68:f4:12:4f:7e:1a:3a:69:13:88:09:16:0b:74:4f:
         d1:70:8c:37:d7:c0:a4:d3:8b:a9:98:6a:b1:8b:18:c3:da:f9:
         59:82:27:62:bc:e2:c1:29:33:75:61:d1:37:dd:ab:40:b6:7e:
         2c:82:fa:44:ea:ab:4d:90:33:34:d5:31:ee:ad:9f:9c:d6:66:
         6d:66:3e:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfASPioJyBtnbW/ipWa36BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUwNjMwMTAwMTM2WhcNMjUwNzAxMTAwMTM2WjAzMTEwLwYDVQQD
EyhiMWQ4NDQzYmYyMzYyNmQ4YmI4YTIyYTcxZDFkMmQ3OWVkOTIxYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW385qtU21+3XkrgTLP0YWSyFWLN
RNqwkmHgeBM0apUsoTmrk05lK+au9YA7CBpGcPV7mb1Q3NP2IdpCTSfNMQcyenLk
QZ5Hm4hHMW2+G/2PoKV2Ze/Csd/HK+MoYv8pHCkuzbuiaCDGXf9rY7+i7Ii1LPI/
6feaLeRIU/7M8rZ/QucsRmAXZyxKkTKQRTojv82XClMPIHRGlrqcUtaAfK++GaN2
LPAho15MPgZ+GZWrPRmw9LI88uGjNwuvj+JgNuqnYoHgkzcId6OXQvwwqoCgwV6L
xeMKNQ2lf5NFVrs8KnHcxkog2MnZt+OLxcpfNlDvFnA7SE3ntP93ZVNtCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHYRDvyNibYu4oipx0dLXntkhrkMB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF12T33Yf
At5SReccCGorj/1KpW5NPmrTp4zpwpBh7R+lhP61mt17oLpxxAnXoqmC1O1QEjPh
+qx3jJj+mIz5B6axqdrKE9TQwfjKoQR8j8VIAGQGGZzZbY3ZYUezzhB0jPHwJe6b
JP2ySFqYMfo4odivGcpQsNJfXSGz5QxIoq5ypbMTM3Q8+AohPxo/KbkMSnXgqavz
DkX3ZR17SpQ9GOC+16SlU8OZ9Q42eoSU08d+F/L3ucbVaPQST34aOmkTiAkWC3RP
0XCMN9fApNOLqZhqsYsYw9r5WYInYrziwSkzdWHRN92rQLZ+LIL6ROqrTZAzNNUx
7q2fnNZmbWY+lA==
-----END CERTIFICATE-----