Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft
File:                     NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft (raw, json)
Hash identifier:          WYg6O98N3fzAM9qhubyDTAXzpYO8hwmRKSijg+r6Ijs=
Subject key identifier:   86:76:CE:FF:44:A4:58:FE:7F:D7:CE:EC:31:ED:08:B1:AA:F0:A7:0E
Authority key identifier: 37:25:8E:BE:E6:74:5F:06:D7:33:E4:B6:DD:0D:27:A7:3B:FD:FB:65
Certificate issuer:       /CN=37258ebee6745f06d733e4b6dd0d27a73bfdfb65
Certificate serial:       0196B7B5EF689C6DDACDAF68658C079F9253
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NyWOvuZ0XwbXM-S23Q0npzv9-2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft
Manifest number:          1251
Signing time:             Sat 10 May 2025 01:01:15 +0000
Manifest this update:     Sat 10 May 2025 01:01:15 +0000
Manifest next update:     Sun 11 May 2025 01:01:15 +0000
Files and hashes:         1: NyWOvuZ0XwbXM-S23Q0npzv9-2U.crl (hash: Afu+In6JGGPMiMqlMyMZEc31UoicXTdZ/VS7MFrYDSg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NyWOvuZ0XwbXM-S23Q0npzv9-2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 01:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:b5:ef:68:9c:6d:da:cd:af:68:65:8c:07:9f:92:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37258ebee6745f06d733e4b6dd0d27a73bfdfb65
        Validity
            Not Before: May 10 01:01:15 2025 GMT
            Not After : May 11 01:01:15 2025 GMT
        Subject: CN=8676ceff44a458fe7fd7ceec31ed08b1aaf0a70e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:c6:94:08:96:f1:50:03:b2:f9:5b:f9:4b:3d:
                    bb:4f:65:43:d1:dd:c3:ab:b1:3d:30:26:e2:d3:68:
                    cb:d7:dc:79:e9:1a:34:3e:6c:01:e8:df:3d:b4:5a:
                    08:0c:e1:44:43:de:a7:7f:d6:84:4c:1c:f1:40:c2:
                    f0:c7:86:53:20:52:79:3c:36:11:c8:73:59:a0:fa:
                    9c:0f:3e:0b:a4:cf:fb:d9:12:4b:24:fc:b5:93:5f:
                    c1:23:e9:24:57:96:0f:b3:16:d2:8e:49:3d:08:36:
                    ce:73:97:2d:ed:dd:7c:2d:8e:ea:69:f3:fd:f0:66:
                    50:d8:77:0b:f6:02:bd:d7:10:f1:7e:5d:1b:e8:e9:
                    2f:ef:5e:82:e6:fd:b8:56:e5:61:83:8b:65:5a:09:
                    ba:53:11:1d:e8:72:8d:77:31:12:c7:79:46:8f:73:
                    75:bb:d8:9d:0b:6f:78:45:09:9e:a2:3d:38:4d:76:
                    4d:1b:a0:54:c8:24:6f:40:d1:95:25:fc:4b:44:34:
                    14:96:35:ad:eb:c6:35:27:81:21:6d:eb:a9:25:63:
                    34:f3:bb:64:6d:cc:1c:64:88:bb:ac:85:6d:45:c9:
                    2f:07:b2:e4:24:11:37:ca:db:70:6d:ab:4c:80:1f:
                    04:e5:f6:be:7d:3c:4b:2a:7e:59:43:2e:03:04:9b:
                    32:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:76:CE:FF:44:A4:58:FE:7F:D7:CE:EC:31:ED:08:B1:AA:F0:A7:0E
            X509v3 Authority Key Identifier:
                keyid:37:25:8E:BE:E6:74:5F:06:D7:33:E4:B6:DD:0D:27:A7:3B:FD:FB:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NyWOvuZ0XwbXM-S23Q0npzv9-2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9b4d9e-c25e-4d8a-aa63-2b8fabc4e05c/1/NyWOvuZ0XwbXM-S23Q0npzv9-2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:4c:3f:6c:cf:60:b2:6c:1f:4e:89:15:04:36:c3:7b:3a:82:
         09:c0:a9:48:8f:63:34:12:cf:05:54:ca:59:4d:fe:9d:21:c7:
         43:0b:1b:39:49:52:91:3d:6c:96:23:a3:47:08:a6:d5:a9:43:
         53:61:f6:74:3a:7d:2b:aa:9f:a6:c1:30:3d:3e:79:8f:d7:81:
         d8:70:c5:1d:86:d4:f0:5b:ca:b0:f6:a2:95:6d:de:fb:7f:c2:
         9d:51:76:80:cc:0d:5a:83:94:b8:5b:4f:90:32:6e:88:87:44:
         eb:36:c7:e2:f9:32:7d:a0:19:8e:36:c6:fb:5f:9c:fd:b8:0d:
         8b:c1:83:e8:25:77:ea:19:0e:6b:70:b7:aa:06:e2:8e:a9:5b:
         8f:c4:2e:05:65:c8:b3:ff:9d:af:68:e7:7e:c5:a3:06:d2:1f:
         39:66:af:16:72:0c:b6:72:d2:61:1a:5c:2a:ef:71:6b:aa:7c:
         9b:c1:0f:78:d3:46:2b:ae:60:72:73:48:82:74:44:20:2f:cd:
         15:8a:c4:6e:d4:c9:cf:b7:43:5b:2b:2e:57:86:6a:bb:f5:5c:
         13:5f:b2:b7:d9:44:d7:32:b2:8d:98:18:df:eb:98:49:dc:f1:
         5b:0f:28:11:e1:d1:f7:09:15:60:99:e0:48:f5:7e:ea:8c:b2:
         47:1a:0e:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3te9onG3aza9oZYwHn5JTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MjU4ZWJlZTY3NDVmMDZkNzMzZTRiNmRkMGQyN2E3M2Jm
ZGZiNjUwHhcNMjUwNTEwMDEwMTE1WhcNMjUwNTExMDEwMTE1WjAzMTEwLwYDVQQD
Eyg4Njc2Y2VmZjQ0YTQ1OGZlN2ZkN2NlZWMzMWVkMDhiMWFhZjBhNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8aUCJbxUAOy+Vv5Sz27T2VD0d3D
q7E9MCbi02jL19x56Ro0PmwB6N89tFoIDOFEQ96nf9aETBzxQMLwx4ZTIFJ5PDYR
yHNZoPqcDz4LpM/72RJLJPy1k1/BI+kkV5YPsxbSjkk9CDbOc5ct7d18LY7qafP9
8GZQ2HcL9gK91xDxfl0b6Okv716C5v24VuVhg4tlWgm6UxEd6HKNdzESx3lGj3N1
u9idC294RQmeoj04TXZNG6BUyCRvQNGVJfxLRDQUljWt68Y1J4EhbeupJWM087tk
bcwcZIi7rIVtRckvB7LkJBE3yttwbatMgB8E5fa+fTxLKn5ZQy4DBJsyDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZ2zv9EpFj+f9fO7DHtCLGq8KcOMB8GA1UdIwQY
MBaAFDcljr7mdF8G1zPktt0NJ6c7/ftlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnlXT3Z1WjBYd2JYTS1TMjNRMG5wenY5LTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My85YjRkOWUtYzI1ZS00ZDhhLWFhNjMt
MmI4ZmFiYzRlMDVjLzEvTnlXT3Z1WjBYd2JYTS1TMjNRMG5wenY5LTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My85YjRkOWUtYzI1ZS00ZDhhLWFhNjMtMmI4ZmFiYzRlMDVj
LzEvTnlXT3Z1WjBYd2JYTS1TMjNRMG5wenY5LTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd0w/bM9g
smwfTokVBDbDezqCCcCpSI9jNBLPBVTKWU3+nSHHQwsbOUlSkT1sliOjRwim1alD
U2H2dDp9K6qfpsEwPT55j9eB2HDFHYbU8FvKsPailW3e+3/CnVF2gMwNWoOUuFtP
kDJuiIdE6zbH4vkyfaAZjjbG+1+c/bgNi8GD6CV36hkOa3C3qgbijqlbj8QuBWXI
s/+dr2jnfsWjBtIfOWavFnIMtnLSYRpcKu9xa6p8m8EPeNNGK65gcnNIgnREIC/N
FYrEbtTJz7dDWysuV4Zqu/VcE1+yt9lE1zKyjZgY3+uYSdzxWw8oEeHR9wkVYJng
SPV+6oyyRxoOHA==
-----END CERTIFICATE-----