Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
File:                     NYx3zUAYPEEVsr8NznFuC8XQv9U.mft (raw, json)
Hash identifier:          wgtZhUtRlBH2UCPxeB/rwQLoQduFvmgdldedf18KM5s=
Subject key identifier:   BA:C5:DA:19:71:83:4A:12:5C:88:F1:5E:F5:89:82:F9:0F:2E:17:B3
Authority key identifier: 35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5
Certificate issuer:       /CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
Certificate serial:       0198D583F2579F09780B53D8F0A7BCB89B9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
Manifest number:          03B4
Signing time:             Sat 23 Aug 2025 06:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:50 +0000
Files and hashes:         1: NYx3zUAYPEEVsr8NznFuC8XQv9U.crl (hash: 144QeNXZBoHScFK3yHt9P407cMN8L9mnE6jogBff+2g=)
                          2: zdd_itkr61DwlSbiF7xORGma-Mg.roa (hash: s7+y8n33Kdf5OFXebrrUAhH6tASSitV8ofo7STn/T1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:f2:57:9f:09:78:0b:53:d8:f0:a7:bc:b8:9b:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
        Validity
            Not Before: Aug 23 06:00:50 2025 GMT
            Not After : Aug 24 06:00:50 2025 GMT
        Subject: CN=bac5da1971834a125c88f15ef58982f90f2e17b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:32:9f:56:b2:1d:0e:2f:a3:73:b0:be:09:da:
                    51:7a:a1:64:38:42:27:7d:b1:fd:49:43:ab:9f:af:
                    18:7b:42:85:76:9a:9c:12:83:f5:6b:9f:a9:32:ec:
                    70:ad:90:49:b5:45:a1:57:6b:5b:a6:6e:47:27:ba:
                    4a:72:00:ce:a9:4a:41:d5:b8:52:9f:36:ac:78:d7:
                    49:02:de:c5:23:c4:fb:b8:24:79:5d:10:ef:47:ac:
                    ea:ab:d6:c5:18:d5:9c:a5:19:80:8b:25:f7:97:df:
                    a9:6a:90:95:91:4d:77:51:01:a3:1c:1a:78:cd:1b:
                    ce:e0:b1:66:af:19:ff:e2:9d:06:40:ca:f2:7e:c9:
                    2f:e0:7b:1e:0d:1c:1e:69:e8:45:71:54:66:3a:59:
                    0b:1c:64:a4:c6:1d:51:3d:ad:e8:1a:d6:05:ae:fc:
                    62:3e:58:9d:77:a8:62:47:77:c9:55:65:cf:fc:04:
                    6a:62:09:c0:2c:fa:69:d5:79:da:e4:f7:bd:70:a9:
                    d1:e6:7d:aa:fa:73:39:61:4e:04:af:b5:42:9f:23:
                    04:98:c9:cb:78:38:ce:a8:27:55:7e:e5:63:2e:a9:
                    5c:0d:93:4d:86:a8:f2:fc:c4:84:ff:ed:a8:c3:41:
                    01:be:48:e9:bf:4e:b7:26:2f:72:37:ea:9f:4e:ac:
                    1d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:C5:DA:19:71:83:4A:12:5C:88:F1:5E:F5:89:82:F9:0F:2E:17:B3
            X509v3 Authority Key Identifier:
                keyid:35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:13:5a:3d:c1:5f:6e:41:81:eb:c0:2f:0c:8b:b5:1a:db:e0:
         50:10:72:7e:e5:79:c4:cf:dd:e0:77:d0:2d:b2:5e:9a:a6:ae:
         4e:dc:2d:12:31:03:f1:bd:f7:b0:6e:8b:45:e8:1d:98:c0:cd:
         c3:ab:a2:13:0e:5a:28:d1:54:8d:fb:d6:da:b4:25:30:6a:33:
         2c:1d:dc:4d:e2:fa:0f:db:03:3f:28:80:61:d0:72:3f:24:f6:
         b7:f6:29:c6:d0:4e:71:e3:3b:0e:f9:be:14:2c:84:37:7f:2f:
         56:c3:00:b1:91:16:1a:07:5e:a0:2c:24:fd:a2:68:03:ce:6b:
         a9:7f:6f:ea:25:1b:15:57:4e:2c:c4:9b:77:2c:8f:ef:55:26:
         26:15:59:80:5f:85:61:ea:87:4b:11:7a:c7:18:e3:2a:04:8a:
         05:2e:09:a8:f4:82:26:85:70:e8:a3:3a:7d:76:ed:ae:25:f5:
         7d:59:08:3a:3c:2e:8b:95:e7:ea:a8:7c:1a:31:b0:bc:0f:67:
         06:d3:2d:c0:f9:42:fb:dd:b3:0c:d8:f3:98:17:8a:86:f9:50:
         4c:a0:34:72:09:70:d4:ca:2b:ab:51:ec:03:d4:85:9c:f2:e0:
         5e:ea:be:10:cd:da:4d:1e:bf:63:34:39:1b:80:4a:38:41:7d:
         63:08:e9:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg/JXnwl4C1PY8Ke8uJueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGM3N2NkNDAxODNjNDExNWIyYmYwZGNlNzE2ZTBiYzVk
MGJmZDUwHhcNMjUwODIzMDYwMDUwWhcNMjUwODI0MDYwMDUwWjAzMTEwLwYDVQQD
EyhiYWM1ZGExOTcxODM0YTEyNWM4OGYxNWVmNTg5ODJmOTBmMmUxN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzKfVrIdDi+jc7C+CdpReqFkOEIn
fbH9SUOrn68Ye0KFdpqcEoP1a5+pMuxwrZBJtUWhV2tbpm5HJ7pKcgDOqUpB1bhS
nzaseNdJAt7FI8T7uCR5XRDvR6zqq9bFGNWcpRmAiyX3l9+papCVkU13UQGjHBp4
zRvO4LFmrxn/4p0GQMryfskv4HseDRweaehFcVRmOlkLHGSkxh1RPa3oGtYFrvxi
Plidd6hiR3fJVWXP/ARqYgnALPpp1Xna5Pe9cKnR5n2q+nM5YU4Er7VCnyMEmMnL
eDjOqCdVfuVjLqlcDZNNhqjy/MSE/+2ow0EBvkjpv063Ji9yN+qfTqwdcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrF2hlxg0oSXIjxXvWJgvkPLhezMB8GA1UdIwQY
MBaAFDWMd81AGDxBFbK/Dc5xbgvF0L/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgt
MzE1MWExNzk0Yjk3LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgtMzE1MWExNzk0Yjk3
LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOxNaPcFf
bkGB68AvDIu1GtvgUBByfuV5xM/d4HfQLbJemqauTtwtEjED8b33sG6LRegdmMDN
w6uiEw5aKNFUjfvW2rQlMGozLB3cTeL6D9sDPyiAYdByPyT2t/YpxtBOceM7Dvm+
FCyEN38vVsMAsZEWGgdeoCwk/aJoA85rqX9v6iUbFVdOLMSbdyyP71UmJhVZgF+F
YeqHSxF6xxjjKgSKBS4JqPSCJoVw6KM6fXbtriX1fVkIOjwui5Xn6qh8GjGwvA9n
BtMtwPlC+92zDNjzmBeKhvlQTKA0cglw1Morq1HsA9SFnPLgXuq+EM3aTR6/YzQ5
G4BKOEF9YwjpLQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:50 2025 by rpki-client