Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          FszbudObuN3SjA+4xmv4JsfKrgCv/xv+cJUxxA7NN0M=
Subject key identifier:   83:E3:C1:C1:3E:79:5B:C9:2E:76:0B:CB:45:5F:21:B3:0E:6D:8C:33
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       0199FF59A8B716F4D88CF32B486513A4B50D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          04A1
Signing time:             Mon 20 Oct 2025 02:01:29 +0000
Manifest this update:     Mon 20 Oct 2025 02:01:29 +0000
Manifest next update:     Tue 21 Oct 2025 02:01:29 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: n067CeNI6GpkW2+w/nrY6QgYh/TyRZWJfm2gU65NsKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 02:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:59:a8:b7:16:f4:d8:8c:f3:2b:48:65:13:a4:b5:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Oct 20 02:01:29 2025 GMT
            Not After : Oct 21 02:01:29 2025 GMT
        Subject: CN=83e3c1c13e795bc92e760bcb455f21b30e6d8c33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:61:8a:fe:01:60:17:e6:11:69:7f:8b:d9:0b:
                    57:9a:78:ee:4b:b5:c0:d0:7a:9c:15:7a:b9:0f:a5:
                    5d:95:72:57:b1:3e:c2:d3:da:4d:14:64:0d:06:d1:
                    bd:e9:07:42:d7:2a:5b:0e:d6:d0:53:04:99:cd:66:
                    96:f2:29:6a:1f:d4:f4:e0:28:20:0e:5c:07:36:e9:
                    90:f6:af:50:6f:5c:0c:de:76:0b:69:7c:0b:a5:53:
                    dd:b3:52:2e:fc:57:05:b3:9f:5d:6d:a4:6c:41:ee:
                    51:26:5e:19:ac:a6:75:1a:66:b3:7a:1c:c9:a4:ac:
                    d8:0a:5f:8a:a6:71:3d:75:f8:ee:75:fb:0f:5f:59:
                    6f:57:16:72:91:e4:2c:94:74:f1:1f:4d:6d:12:d3:
                    23:3e:7f:0b:4a:d4:45:2c:23:4e:53:11:a8:ac:0c:
                    52:21:9a:67:09:ee:37:5c:ba:23:d9:66:47:56:37:
                    47:2f:07:78:f2:1d:51:aa:a3:67:47:a8:15:17:61:
                    e5:47:9f:21:93:c2:1c:53:82:37:07:1a:68:39:13:
                    6a:e3:77:29:99:39:f4:85:2d:0a:80:45:c2:73:3c:
                    3d:c9:8c:4d:98:28:d6:08:4d:8a:90:7b:48:2f:65:
                    1d:89:3a:fa:75:45:dd:3e:6e:45:d2:78:9e:4b:1f:
                    97:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:E3:C1:C1:3E:79:5B:C9:2E:76:0B:CB:45:5F:21:B3:0E:6D:8C:33
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:b7:a6:4a:58:b0:f3:a0:ef:84:fa:20:61:d9:cc:3b:61:62:
         45:a6:ac:29:86:43:95:82:cf:f0:dc:52:4c:46:5b:dc:68:1c:
         5a:80:36:b6:7b:95:0b:98:35:19:9a:e7:ac:72:2d:a7:68:19:
         5f:e6:a3:60:71:ab:63:f6:a7:56:3f:04:08:e2:dd:ba:7f:0f:
         bf:4f:b2:75:23:a6:bc:f7:fa:1b:1e:c3:5a:cc:28:09:e3:c4:
         18:de:c3:e1:92:ae:5b:41:94:05:33:f9:4b:4c:bf:8c:e0:5d:
         13:cf:fd:84:b7:2d:28:e7:ca:c7:86:df:00:19:b9:a0:50:8d:
         60:95:30:9d:42:39:2e:e5:11:5b:f1:7a:8b:fd:ec:e5:47:55:
         5d:b7:f7:cd:c9:b0:82:42:01:07:34:82:96:4d:91:f3:e1:66:
         ed:f8:72:20:9e:28:bc:2a:32:4b:d1:6f:20:bc:af:b2:cb:49:
         86:1d:7b:c0:76:01:26:77:18:46:ee:34:32:a1:49:a6:02:47:
         5f:04:13:ba:99:6f:a0:b2:87:00:8b:bb:4c:02:99:c3:11:6c:
         49:78:06:74:ec:d6:6a:31:53:82:5d:35:b1:81:ba:c5:43:2e:
         b0:4f:b8:99:37:f9:b7:b4:65:43:0c:20:56:79:30:4f:fb:52:
         2c:f1:6e:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Wai3FvTYjPMrSGUTpLUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUxMDIwMDIwMTI5WhcNMjUxMDIxMDIwMTI5WjAzMTEwLwYDVQQD
Eyg4M2UzYzFjMTNlNzk1YmM5MmU3NjBiY2I0NTVmMjFiMzBlNmQ4YzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGGK/gFgF+YRaX+L2QtXmnjuS7XA
0HqcFXq5D6VdlXJXsT7C09pNFGQNBtG96QdC1ypbDtbQUwSZzWaW8ilqH9T04Cgg
DlwHNumQ9q9Qb1wM3nYLaXwLpVPds1Iu/FcFs59dbaRsQe5RJl4ZrKZ1GmazehzJ
pKzYCl+KpnE9dfjudfsPX1lvVxZykeQslHTxH01tEtMjPn8LStRFLCNOUxGorAxS
IZpnCe43XLoj2WZHVjdHLwd48h1RqqNnR6gVF2HlR58hk8IcU4I3BxpoORNq43cp
mTn0hS0KgEXCczw9yYxNmCjWCE2KkHtIL2UdiTr6dUXdPm5F0nieSx+XowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPjwcE+eVvJLnYLy0VfIbMObYwzMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALLemSliw
86DvhPogYdnMO2FiRaasKYZDlYLP8NxSTEZb3GgcWoA2tnuVC5g1GZrnrHItp2gZ
X+ajYHGrY/anVj8ECOLdun8Pv0+ydSOmvPf6Gx7DWswoCePEGN7D4ZKuW0GUBTP5
S0y/jOBdE8/9hLctKOfKx4bfABm5oFCNYJUwnUI5LuURW/F6i/3s5UdVXbf3zcmw
gkIBBzSClk2R8+Fm7fhyIJ4ovCoyS9FvILyvsstJhh17wHYBJncYRu40MqFJpgJH
XwQTuplvoLKHAIu7TAKZwxFsSXgGdOzWajFTgl01sYG6xUMusE+4mTf5t7RlQwwg
VnkwT/tSLPFu+A==
-----END CERTIFICATE-----