Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
File:                     Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft (raw, json)
Hash identifier:          7GI9LgRo8mLV27/TQi1dN5AeV6iubnIAwDkecr5fhq0=
Subject key identifier:   69:4B:F0:D5:E5:8C:22:D8:08:8A:13:AD:72:AB:91:D5:BF:9B:FD:21
Authority key identifier: 36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29
Certificate issuer:       /CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
Certificate serial:       0198D6611CC9FAC6423D48544422388B32DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
Manifest number:          0CDD
Signing time:             Sat 23 Aug 2025 10:02:25 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:25 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:25 +0000
Files and hashes:         1: Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl (hash: VWQHhL5vC1MslGsXf8XgD6o0eBcTZEyasREyJAzBYSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:1c:c9:fa:c6:42:3d:48:54:44:22:38:8b:32:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
        Validity
            Not Before: Aug 23 10:02:25 2025 GMT
            Not After : Aug 24 10:02:25 2025 GMT
        Subject: CN=694bf0d5e58c22d8088a13ad72ab91d5bf9bfd21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:c2:ec:67:ef:72:d8:a3:8b:f7:23:29:44:46:
                    e7:ab:7a:be:63:85:81:92:77:f5:59:03:03:3a:ce:
                    32:9c:e5:6b:08:36:4f:67:2b:28:88:9b:62:db:20:
                    1c:7f:79:ae:9a:5b:24:6b:d1:35:6b:f8:92:69:43:
                    ab:5f:61:a1:82:bf:de:c8:ac:7a:0b:85:84:2a:db:
                    83:fb:97:7e:93:dd:e2:f6:26:c3:38:66:ed:29:ca:
                    ab:f0:b9:85:99:1d:2f:7e:08:50:d9:aa:27:67:d5:
                    e7:73:4c:e9:97:ef:a4:36:34:4a:1e:e6:07:03:68:
                    79:1a:51:67:0b:99:56:c7:df:94:13:f8:6d:d2:b0:
                    15:39:30:85:43:41:72:f1:c3:ed:42:4d:51:e3:25:
                    e5:26:70:43:5c:17:17:fa:ff:47:a1:44:d9:83:61:
                    4c:ca:7d:5c:fd:8f:60:48:52:af:53:03:43:14:d8:
                    d8:76:31:59:8e:32:74:2e:c0:c9:42:88:7e:71:cc:
                    52:2f:d2:95:07:ff:c8:2e:cc:9c:12:34:1e:69:da:
                    76:73:2a:7c:98:f7:6b:12:7a:ad:e6:3b:de:9f:b6:
                    3a:02:34:a6:b1:a6:85:a6:92:d9:db:4c:1a:fc:4c:
                    3f:fd:49:aa:e8:52:0a:f0:6f:34:0b:23:6c:bb:24:
                    a4:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:4B:F0:D5:E5:8C:22:D8:08:8A:13:AD:72:AB:91:D5:BF:9B:FD:21
            X509v3 Authority Key Identifier:
                keyid:36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:27:f7:ca:f4:e3:d3:61:ba:2a:cc:de:b1:f7:ab:51:cc:c9:
         7f:dd:2b:90:30:fe:6b:2f:f1:ae:8d:57:e5:29:b4:e1:58:fa:
         b5:23:b2:6a:b0:9c:20:64:ba:6c:d1:f5:1c:54:71:22:9e:91:
         bb:07:9b:cb:ac:ba:67:2a:53:6e:5b:ec:e7:a6:f6:27:42:15:
         94:c2:e4:a8:ce:82:3c:16:64:13:b0:8e:35:dc:bd:20:9e:3e:
         ca:ce:83:f0:10:7f:6c:b6:63:53:a6:a7:98:ad:e6:c1:ec:39:
         e3:be:b0:e3:d6:35:98:bb:61:4d:0b:64:95:a6:af:86:3e:9c:
         07:dc:d5:50:2c:bf:6a:44:14:70:62:3e:7f:7d:4f:fa:c4:98:
         b6:93:e9:f1:b7:ea:1f:29:05:a7:1a:f6:7f:e0:9b:38:eb:50:
         09:e4:15:45:b0:86:a8:a6:10:1c:45:5a:19:18:a2:e3:75:74:
         66:80:20:ed:ca:18:c3:f5:df:23:ec:fc:4b:58:41:49:fc:b3:
         c7:03:ec:3f:7f:a9:89:9b:ad:c3:05:7b:3a:ed:74:7d:89:36:
         dc:32:d5:f0:43:90:d5:f8:fb:d1:b8:77:34:83:eb:90:9c:09:
         af:c5:db:9e:c3:47:74:16:85:08:4a:e4:66:cd:ee:83:69:6a:
         78:0e:d1:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYRzJ+sZCPUhURCI4izLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmRmNjhjZWNhMzc2OWU5MWIwZTc2NDhkMWY5NTU4ZWQ0
YzdjMjkwHhcNMjUwODIzMTAwMjI1WhcNMjUwODI0MTAwMjI1WjAzMTEwLwYDVQQD
Eyg2OTRiZjBkNWU1OGMyMmQ4MDg4YTEzYWQ3MmFiOTFkNWJmOWJmZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MLsZ+9y2KOL9yMpREbnq3q+Y4WB
knf1WQMDOs4ynOVrCDZPZysoiJti2yAcf3mumlska9E1a/iSaUOrX2Ghgr/eyKx6
C4WEKtuD+5d+k93i9ibDOGbtKcqr8LmFmR0vfghQ2aonZ9Xnc0zpl++kNjRKHuYH
A2h5GlFnC5lWx9+UE/ht0rAVOTCFQ0Fy8cPtQk1R4yXlJnBDXBcX+v9HoUTZg2FM
yn1c/Y9gSFKvUwNDFNjYdjFZjjJ0LsDJQoh+ccxSL9KVB//ILsycEjQeadp2cyp8
mPdrEnqt5jven7Y6AjSmsaaFppLZ20wa/Ew//Umq6FIK8G80CyNsuySk/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlL8NXljCLYCIoTrXKrkdW/m/0hMB8GA1UdIwQY
MBaAFDb99ozso3aekbDnZI0flVjtTHwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYt
MzUyMzgwNDBlOGY5LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYtMzUyMzgwNDBlOGY5
LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuCf3yvTj
02G6KszesferUczJf90rkDD+ay/xro1X5Sm04Vj6tSOyarCcIGS6bNH1HFRxIp6R
uweby6y6ZypTblvs56b2J0IVlMLkqM6CPBZkE7CONdy9IJ4+ys6D8BB/bLZjU6an
mK3mwew5476w49Y1mLthTQtklaavhj6cB9zVUCy/akQUcGI+f31P+sSYtpPp8bfq
HykFpxr2f+CbOOtQCeQVRbCGqKYQHEVaGRii43V0ZoAg7coYw/XfI+z8S1hBSfyz
xwPsP3+piZutwwV7Ou10fYk23DLV8EOQ1fj70bh3NIPrkJwJr8XbnsNHdBaFCErk
Zs3ug2lqeA7R2Q==
-----END CERTIFICATE-----