Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          EVPWrEJdSv0nccWNRioycCWnvpX/ajwjEJIy8Y8W5TY=
Subject key identifier:   D0:E9:DD:7E:98:C2:D9:BF:99:22:E4:FF:69:03:6B:BD:BC:56:02:73
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       0196B333DF16F8E09D9168C7E4656229EF1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          033E
Signing time:             Fri 09 May 2025 04:00:43 +0000
Manifest this update:     Fri 09 May 2025 04:00:43 +0000
Manifest next update:     Sat 10 May 2025 04:00:43 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: U+8acJi0HrIGtL5vTDnCPvwriD6+EMLQZIWteWah1g0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:33:df:16:f8:e0:9d:91:68:c7:e4:65:62:29:ef:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: May  9 04:00:43 2025 GMT
            Not After : May 10 04:00:43 2025 GMT
        Subject: CN=d0e9dd7e98c2d9bf9922e4ff69036bbdbc560273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:61:2c:51:91:b3:37:31:74:d7:63:be:4f:8a:
                    87:4b:1d:70:05:59:b9:99:9d:fa:0f:94:46:10:9e:
                    9c:c7:b7:61:73:62:8a:78:fd:5d:c8:14:01:23:c9:
                    12:3e:d7:ed:c3:42:cf:88:59:b7:fd:75:6b:ab:66:
                    c7:e3:98:9c:21:ef:81:54:59:a3:e1:60:e0:af:0a:
                    fa:e6:1a:db:fa:13:89:6f:6e:ea:45:01:37:f0:5d:
                    80:72:e6:65:2d:fb:96:d4:cb:b1:1d:bc:23:c3:98:
                    8d:4c:9e:57:b6:a8:a1:b1:b9:b3:0c:91:85:c9:15:
                    c6:9b:3d:45:e3:09:b0:d4:9b:d1:39:1b:8d:c2:1c:
                    84:72:ce:66:85:60:8f:b0:b0:63:39:02:ad:e5:66:
                    f8:c6:eb:2c:18:7d:29:b0:32:9f:e2:69:cc:2d:78:
                    5d:b1:a7:89:f4:2a:f8:34:31:90:d1:3c:09:f3:c1:
                    24:e8:7e:eb:46:cc:6e:a0:a4:c3:e5:6a:18:11:c4:
                    3c:0f:c8:96:26:61:87:03:10:c8:95:4a:cc:5c:03:
                    44:68:e0:db:2a:17:81:48:8f:ad:c4:5a:50:29:55:
                    00:b0:b8:3d:4c:93:8c:21:85:fc:38:ca:e0:3c:fc:
                    f0:9c:e5:90:14:f0:38:7c:51:19:78:1e:f1:c4:a9:
                    73:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:E9:DD:7E:98:C2:D9:BF:99:22:E4:FF:69:03:6B:BD:BC:56:02:73
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:6d:6f:06:8f:89:3a:dd:42:69:53:95:26:0a:c3:d2:99:09:
         b8:bd:09:17:56:a1:aa:f9:7f:da:a3:a5:94:7e:b4:00:22:79:
         10:b0:33:c1:ea:43:5a:cd:1e:b2:87:88:37:81:d3:9e:8c:c6:
         07:78:ff:11:13:45:eb:21:a2:e9:ba:4f:27:32:48:7e:d4:a2:
         8e:94:95:53:3f:d6:86:99:b7:91:cc:b1:9b:d7:27:68:f1:36:
         64:7f:7d:27:e4:e6:2e:c5:55:c7:65:81:87:75:c6:b8:68:d0:
         76:6b:cc:be:9a:26:a8:69:0b:dc:a6:53:3d:54:05:83:46:c8:
         64:b6:3b:a8:d4:e0:5d:e7:b8:f3:2d:10:93:9c:f0:39:6b:a4:
         6b:f0:a3:37:34:dd:26:e0:27:70:37:ec:20:e2:01:39:9c:f4:
         ff:1a:04:e2:a5:ac:e4:d6:94:0e:94:eb:82:bd:a9:27:ac:b4:
         3e:6a:5d:1f:80:25:1c:53:64:02:68:9a:0a:cc:73:8a:de:06:
         0f:a6:98:8c:7d:cd:48:c0:1b:cf:a6:72:69:38:44:1d:cc:18:
         0f:b1:dd:a2:2d:27:69:87:ed:33:01:9d:a9:0b:89:cd:f1:ac:
         ec:fd:ac:4b:ec:d2:d1:0c:7c:ad:f4:c4:d0:15:84:7a:47:8f:
         76:b7:ef:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZazM98W+OCdkWjH5GViKe8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjUwNTA5MDQwMDQzWhcNMjUwNTEwMDQwMDQzWjAzMTEwLwYDVQQD
EyhkMGU5ZGQ3ZTk4YzJkOWJmOTkyMmU0ZmY2OTAzNmJiZGJjNTYwMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomEsUZGzNzF012O+T4qHSx1wBVm5
mZ36D5RGEJ6cx7dhc2KKeP1dyBQBI8kSPtftw0LPiFm3/XVrq2bH45icIe+BVFmj
4WDgrwr65hrb+hOJb27qRQE38F2AcuZlLfuW1MuxHbwjw5iNTJ5XtqihsbmzDJGF
yRXGmz1F4wmw1JvRORuNwhyEcs5mhWCPsLBjOQKt5Wb4xussGH0psDKf4mnMLXhd
saeJ9Cr4NDGQ0TwJ88Ek6H7rRsxuoKTD5WoYEcQ8D8iWJmGHAxDIlUrMXANEaODb
KheBSI+txFpQKVUAsLg9TJOMIYX8OMrgPPzwnOWQFPA4fFEZeB7xxKlzRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDp3X6Ywtm/mSLk/2kDa728VgJzMB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABm1vBo+J
Ot1CaVOVJgrD0pkJuL0JF1ahqvl/2qOllH60ACJ5ELAzwepDWs0esoeIN4HTnozG
B3j/ERNF6yGi6bpPJzJIftSijpSVUz/Whpm3kcyxm9cnaPE2ZH99J+TmLsVVx2WB
h3XGuGjQdmvMvpomqGkL3KZTPVQFg0bIZLY7qNTgXee48y0Qk5zwOWuka/CjNzTd
JuAncDfsIOIBOZz0/xoE4qWs5NaUDpTrgr2pJ6y0PmpdH4AlHFNkAmiaCsxzit4G
D6aYjH3NSMAbz6ZyaThEHcwYD7Hdoi0naYftMwGdqQuJzfGs7P2sS+zS0Qx8rfTE
0BWEekePdrfvZQ==
-----END CERTIFICATE-----