Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft
File:                     NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft (raw, json)
Hash identifier:          qYrb+nmrQGWQD3126+8KCBJtcZzc9wm3qg1vsj5av6w=
Subject key identifier:   B9:01:C5:28:C7:F4:CA:7E:BB:F0:9F:DE:3C:0D:A9:D6:0B:1F:61:86
Authority key identifier: 37:25:8E:BE:E6:74:5F:06:D7:33:E4:B6:DD:0D:27:A7:3B:FD:FB:65
Certificate issuer:       /CN=37258ebee6745f06d733e4b6dd0d27a73bfdfb65
Certificate serial:       0197B6A0E4C0B371A4FB9B85CF319D35517F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NyWOvuZ0XwbXM-S23Q0npzv9-2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft
Manifest number:          12D5
Signing time:             Sat 28 Jun 2025 13:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:26 +0000
Files and hashes:         1: NyWOvuZ0XwbXM-S23Q0npzv9-2U.crl (hash: NkjkxqqKdEvnEIOv2tz+EE7TAd5R5ddNw3yLOpNSQJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NyWOvuZ0XwbXM-S23Q0npzv9-2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:e4:c0:b3:71:a4:fb:9b:85:cf:31:9d:35:51:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37258ebee6745f06d733e4b6dd0d27a73bfdfb65
        Validity
            Not Before: Jun 28 13:01:26 2025 GMT
            Not After : Jun 29 13:01:26 2025 GMT
        Subject: CN=b901c528c7f4ca7ebbf09fde3c0da9d60b1f6186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c0:f8:6c:e2:e1:b7:c7:9a:7f:d6:0c:68:71:
                    a5:41:e8:6a:92:9e:14:c1:86:23:e7:62:fa:7d:c1:
                    ad:53:e9:cd:9e:4b:bf:bf:f4:ce:54:fe:da:90:f8:
                    0e:3e:0d:7d:47:35:25:64:80:9e:94:75:c2:20:e9:
                    61:59:5e:af:20:cd:62:20:c1:e3:fd:fe:30:65:cd:
                    41:9f:03:77:06:eb:ab:1a:4c:fc:25:c2:79:49:7a:
                    59:34:ae:28:84:0f:40:74:ea:87:da:58:73:b1:d6:
                    12:36:e9:6a:f7:de:cf:fc:6c:9f:7d:5b:7e:dd:d9:
                    74:2b:cc:f0:d6:50:6a:fd:04:22:3f:8d:24:24:d7:
                    f1:b1:f0:46:7d:da:fb:7c:97:d0:b7:d9:43:df:4d:
                    f8:92:c2:57:13:f8:b8:ca:c9:cd:85:b8:d4:fb:18:
                    14:5f:49:24:75:e8:35:b6:e6:cb:79:f2:0a:70:42:
                    7b:db:81:ed:17:65:54:89:ea:36:a4:78:08:3f:a8:
                    91:94:20:2a:07:29:b5:27:c8:cf:eb:55:2f:72:20:
                    b6:90:30:95:64:53:58:1a:29:40:ad:82:7a:2a:14:
                    f8:26:f5:ef:85:ad:24:db:4a:eb:12:53:f7:d0:f3:
                    d6:a3:2a:76:94:35:cb:01:25:ee:86:96:16:2c:e2:
                    f9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:01:C5:28:C7:F4:CA:7E:BB:F0:9F:DE:3C:0D:A9:D6:0B:1F:61:86
            X509v3 Authority Key Identifier:
                keyid:37:25:8E:BE:E6:74:5F:06:D7:33:E4:B6:DD:0D:27:A7:3B:FD:FB:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NyWOvuZ0XwbXM-S23Q0npzv9-2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:d6:f6:4b:19:64:15:e1:d6:80:10:86:d1:1f:69:24:d1:6f:
         02:90:07:46:c4:31:b1:9e:23:a4:26:d9:1f:11:8e:e0:27:4a:
         36:5e:1b:db:5d:d3:af:41:a4:a1:c1:b1:62:14:ec:93:a9:85:
         e0:d0:f6:57:b3:7c:79:45:3b:9f:ca:b7:e0:d4:c0:ce:9d:f3:
         5e:96:36:71:42:5b:9b:6b:93:bc:68:22:5f:fe:61:f3:77:a3:
         e4:11:34:e3:24:47:6b:01:d0:71:aa:d6:03:d4:b1:97:dd:ea:
         75:c7:c2:eb:0d:0f:2a:fe:aa:98:e6:d9:b2:c1:11:66:54:72:
         74:1e:bd:f7:4e:db:cd:63:cc:a6:07:c8:8a:b5:ff:bd:4b:93:
         31:57:ea:87:0b:6a:33:69:b0:08:58:3b:da:e7:18:8f:0c:85:
         a1:51:53:01:6f:bf:47:3a:2d:df:ed:35:b4:ac:c1:5b:23:68:
         70:59:63:57:82:98:df:0d:4f:5b:0b:65:03:17:85:12:f8:ff:
         7c:3c:a5:93:cc:c9:bb:d1:8c:a5:32:0a:b7:5e:89:93:77:2d:
         1e:8c:97:6b:72:6c:8f:38:ff:7d:27:d3:30:5c:3f:38:d7:9c:
         72:af:f3:c8:e9:6a:58:6f:d8:a9:b6:aa:83:95:17:ed:5c:3c:
         91:d1:f6:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oOTAs3Gk+5uFzzGdNVF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MjU4ZWJlZTY3NDVmMDZkNzMzZTRiNmRkMGQyN2E3M2Jm
ZGZiNjUwHhcNMjUwNjI4MTMwMTI2WhcNMjUwNjI5MTMwMTI2WjAzMTEwLwYDVQQD
EyhiOTAxYzUyOGM3ZjRjYTdlYmJmMDlmZGUzYzBkYTlkNjBiMWY2MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cD4bOLht8eaf9YMaHGlQehqkp4U
wYYj52L6fcGtU+nNnku/v/TOVP7akPgOPg19RzUlZICelHXCIOlhWV6vIM1iIMHj
/f4wZc1BnwN3BuurGkz8JcJ5SXpZNK4ohA9AdOqH2lhzsdYSNulq997P/GyffVt+
3dl0K8zw1lBq/QQiP40kJNfxsfBGfdr7fJfQt9lD3034ksJXE/i4ysnNhbjU+xgU
X0kkdeg1tubLefIKcEJ724HtF2VUieo2pHgIP6iRlCAqBym1J8jP61UvciC2kDCV
ZFNYGilArYJ6KhT4JvXvha0k20rrElP30PPWoyp2lDXLASXuhpYWLOL5BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkBxSjH9Mp+u/Cf3jwNqdYLH2GGMB8GA1UdIwQY
MBaAFDcljr7mdF8G1zPktt0NJ6c7/ftlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnlXT3Z1WjBYd2JYTS1TMjNRMG5wenY5LTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My85YjRkOWUtYzI1ZS00ZDhhLWFhNjMt
MmI4ZmFiYzRlMDVjLzEvTnlXT3Z1WjBYd2JYTS1TMjNRMG5wenY5LTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My85YjRkOWUtYzI1ZS00ZDhhLWFhNjMtMmI4ZmFiYzRlMDVj
LzEvTnlXT3Z1WjBYd2JYTS1TMjNRMG5wenY5LTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAltb2Sxlk
FeHWgBCG0R9pJNFvApAHRsQxsZ4jpCbZHxGO4CdKNl4b213Tr0GkocGxYhTsk6mF
4ND2V7N8eUU7n8q34NTAzp3zXpY2cUJbm2uTvGgiX/5h83ej5BE04yRHawHQcarW
A9Sxl93qdcfC6w0PKv6qmObZssERZlRydB69907bzWPMpgfIirX/vUuTMVfqhwtq
M2mwCFg72ucYjwyFoVFTAW+/Rzot3+01tKzBWyNocFljV4KY3w1PWwtlAxeFEvj/
fDylk8zJu9GMpTIKt16Jk3ctHoyXa3Jsjzj/fSfTMFw/ONeccq/zyOlqWG/Yqbaq
g5UX7Vw8kdH2cA==
-----END CERTIFICATE-----