Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
File:                     ny83TJpzj63o-FDKq11507kARYQ.mft (raw, json)
Hash identifier:          q8i6/FickI2DuenK7JVsAkphZFImZT2siFGcUdykvaA=
Subject key identifier:   91:1D:3B:A8:B2:E4:DA:AB:94:E7:68:F5:77:DD:91:95:A0:24:8D:A4
Authority key identifier: 9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84
Certificate issuer:       /CN=9f2f374c9a738fade8f850caab5d79d3b9004584
Certificate serial:       0197C614F3654906D7926BD6D7C48C7BFA58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
Manifest number:          15B9
Signing time:             Tue 01 Jul 2025 13:02:31 +0000
Manifest this update:     Tue 01 Jul 2025 13:02:31 +0000
Manifest next update:     Wed 02 Jul 2025 13:02:31 +0000
Files and hashes:         1: ny83TJpzj63o-FDKq11507kARYQ.crl (hash: RqVfft2oddLwt/Hi8LoT6AI2dT31in6L78vdmgOENd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 13:02:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:14:f3:65:49:06:d7:92:6b:d6:d7:c4:8c:7b:fa:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f374c9a738fade8f850caab5d79d3b9004584
        Validity
            Not Before: Jul  1 13:02:31 2025 GMT
            Not After : Jul  2 13:02:31 2025 GMT
        Subject: CN=911d3ba8b2e4daab94e768f577dd9195a0248da4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c6:8a:e8:6f:45:92:99:25:e6:cc:60:bd:62:
                    a8:8a:a9:9e:8e:65:52:76:97:13:76:e1:06:7a:e1:
                    80:1f:64:f1:03:a6:13:c6:d8:03:5b:0a:20:87:99:
                    47:1f:58:ae:9a:59:29:65:21:d6:15:28:27:5c:f3:
                    98:b1:64:24:48:8a:a8:07:87:ed:42:15:fd:91:2f:
                    e4:ef:74:26:9e:fa:03:91:d0:d2:d6:78:9e:a1:24:
                    88:d3:bf:66:63:86:a8:c8:49:08:25:a0:cf:57:e4:
                    ef:6d:bd:76:50:f4:d2:51:01:70:e9:3b:66:75:5b:
                    b2:39:4e:65:aa:f0:7e:cd:b3:48:ec:74:7a:79:20:
                    43:4f:29:44:f2:43:72:ea:74:d4:52:32:22:a5:72:
                    d8:f4:b9:52:4d:e9:91:80:41:0e:d9:8e:7b:ab:18:
                    c2:0f:1d:05:72:8a:49:ec:95:7d:13:62:0e:48:02:
                    27:f1:30:dd:55:a3:a6:6c:52:05:5a:2a:3e:04:0f:
                    56:6d:e9:32:a3:10:21:3a:76:eb:b8:cf:cd:c0:1d:
                    4b:9b:c5:76:7e:9a:19:0e:c3:a1:a6:e1:3e:df:1c:
                    51:7d:67:72:86:10:42:53:6b:f6:0e:5e:89:d9:29:
                    dd:a9:c1:42:8a:87:a1:cc:b4:5c:32:76:90:cf:b4:
                    10:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:1D:3B:A8:B2:E4:DA:AB:94:E7:68:F5:77:DD:91:95:A0:24:8D:A4
            X509v3 Authority Key Identifier:
                keyid:9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:06:83:5f:70:f0:d4:dc:1a:ce:65:4e:55:b2:5c:93:56:03:
         2a:c5:f4:33:8f:0c:e6:c5:9e:f1:24:ba:3b:2b:25:11:a8:10:
         ca:5f:9d:b6:9d:1d:f8:23:93:10:08:cb:9f:45:07:71:fc:ab:
         10:fe:44:58:cf:e9:66:32:ee:3e:a1:9c:56:bb:99:b2:60:05:
         4c:8f:a8:7b:99:3f:a7:34:fa:aa:71:5b:6e:ee:ea:63:af:ef:
         55:eb:ba:a5:6b:eb:05:c8:db:c1:3f:12:07:f8:f3:2b:74:1c:
         32:a8:0d:2b:16:03:f2:d6:14:81:d3:84:53:cd:bc:14:12:da:
         28:2b:5b:4a:05:3e:9a:62:55:57:ce:10:b9:ba:23:c9:cb:a9:
         9a:34:62:97:8d:2d:8c:dc:de:3e:3e:18:97:ca:64:1b:e7:cc:
         40:3f:d0:e8:c6:9c:e6:8b:50:e3:75:82:02:55:06:4d:18:d3:
         39:c0:bc:5e:4d:7d:9b:15:32:c4:62:91:d1:af:e5:5a:fa:49:
         71:d0:63:a0:c7:22:c5:2b:d2:d3:79:20:78:16:a7:b5:38:4f:
         fd:19:ea:40:3c:8d:38:1f:e6:25:27:11:24:c3:e2:73:19:84:
         e5:58:7e:1d:ff:e3:01:5e:17:5d:5c:7f:11:f1:ad:9a:a4:12:
         20:82:f1:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGFPNlSQbXkmvW18SMe/pYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYzNzRjOWE3MzhmYWRlOGY4NTBjYWFiNWQ3OWQzYjkw
MDQ1ODQwHhcNMjUwNzAxMTMwMjMxWhcNMjUwNzAyMTMwMjMxWjAzMTEwLwYDVQQD
Eyg5MTFkM2JhOGIyZTRkYWFiOTRlNzY4ZjU3N2RkOTE5NWEwMjQ4ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcaK6G9Fkpkl5sxgvWKoiqmejmVS
dpcTduEGeuGAH2TxA6YTxtgDWwogh5lHH1iumlkpZSHWFSgnXPOYsWQkSIqoB4ft
QhX9kS/k73QmnvoDkdDS1nieoSSI079mY4aoyEkIJaDPV+Tvbb12UPTSUQFw6Ttm
dVuyOU5lqvB+zbNI7HR6eSBDTylE8kNy6nTUUjIipXLY9LlSTemRgEEO2Y57qxjC
Dx0FcopJ7JV9E2IOSAIn8TDdVaOmbFIFWio+BA9WbekyoxAhOnbruM/NwB1Lm8V2
fpoZDsOhpuE+3xxRfWdyhhBCU2v2Dl6J2SndqcFCioehzLRcMnaQz7QQSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEdO6iy5NqrlOdo9XfdkZWgJI2kMB8GA1UdIwQY
MBaAFJ8vN0yac4+t6PhQyqtdedO5AEWEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQt
NTI0ZTkzMGU1ZmQxLzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQtNTI0ZTkzMGU1ZmQx
LzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAigaDX3Dw
1NwazmVOVbJck1YDKsX0M48M5sWe8SS6OyslEagQyl+dtp0d+COTEAjLn0UHcfyr
EP5EWM/pZjLuPqGcVruZsmAFTI+oe5k/pzT6qnFbbu7qY6/vVeu6pWvrBcjbwT8S
B/jzK3QcMqgNKxYD8tYUgdOEU828FBLaKCtbSgU+mmJVV84QubojycupmjRil40t
jNzePj4Yl8pkG+fMQD/Q6Mac5otQ43WCAlUGTRjTOcC8Xk19mxUyxGKR0a/lWvpJ
cdBjoMcixSvS03kgeBantThP/RnqQDyNOB/mJScRJMPicxmE5Vh+Hf/jAV4XXVx/
EfGtmqQSIILx9w==
-----END CERTIFICATE-----