Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
File:                     Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft (raw, json)
Hash identifier:          XWcrxWy6AUs5F09g4SgZ0CprlPhakrjiPIVG8wZpzi0=
Subject key identifier:   27:FC:0F:61:42:93:68:BF:A5:3D:B3:62:76:43:61:B0:DF:F5:D5:F9
Authority key identifier: 36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29
Certificate issuer:       /CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
Certificate serial:       0199FBEB961FB2568AF84F600BDEDBA0896F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
Manifest number:          0D75
Signing time:             Sun 19 Oct 2025 10:02:24 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:24 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:24 +0000
Files and hashes:         1: Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl (hash: /xniwAWIKzpjAdDzwmvYpmesL5Xa7jisx4UlEJuxW4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:96:1f:b2:56:8a:f8:4f:60:0b:de:db:a0:89:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
        Validity
            Not Before: Oct 19 10:02:24 2025 GMT
            Not After : Oct 20 10:02:24 2025 GMT
        Subject: CN=27fc0f61429368bfa53db362764361b0dff5d5f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a0:de:f6:7c:7c:41:57:67:3c:8e:eb:10:cc:
                    f9:7d:7e:d9:57:8f:1d:24:45:1a:f5:d1:df:e9:1a:
                    21:65:02:47:44:17:ba:1e:e8:3b:e3:74:9d:d3:93:
                    3b:38:a0:89:a7:a9:33:56:3b:1e:22:a5:fa:66:6f:
                    51:a8:80:14:0d:d4:3d:65:dd:49:e8:f1:c9:94:99:
                    ba:97:1a:48:ab:b6:b5:8b:e8:b7:a1:24:04:51:d0:
                    9b:26:9e:60:f7:90:f4:31:58:00:33:45:17:d1:41:
                    75:de:f9:b5:f7:e5:0b:ce:33:ec:e7:4f:82:13:84:
                    aa:b8:98:5a:68:b2:1f:af:7d:d8:73:45:ba:2e:e0:
                    15:10:b2:78:2e:d3:8b:2b:01:55:4d:88:63:a3:69:
                    47:08:69:04:ae:d0:a2:bc:04:02:2f:59:6f:36:b3:
                    3b:25:93:e8:22:ec:ac:3c:22:14:15:88:85:e9:e1:
                    5f:09:47:3f:79:98:b5:c2:d6:94:e5:91:58:19:3a:
                    5c:d8:21:f8:b3:4e:b6:0d:3b:d4:1b:b1:fa:92:6e:
                    d5:37:90:8e:e7:0d:bc:83:a4:6d:4a:79:1d:cd:26:
                    c6:16:78:b0:c6:5b:eb:b2:35:b4:21:ba:dc:9f:43:
                    f9:32:b2:2c:a4:2c:1e:1b:2a:81:19:9c:2f:2a:62:
                    51:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:FC:0F:61:42:93:68:BF:A5:3D:B3:62:76:43:61:B0:DF:F5:D5:F9
            X509v3 Authority Key Identifier:
                keyid:36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:10:55:04:24:ff:51:01:84:f1:bd:32:0a:3e:75:ff:44:76:
         03:a7:34:e0:2f:cd:c6:dc:69:9b:36:b0:52:f4:ce:40:15:32:
         fb:d0:3c:a6:2e:2c:cf:d0:0e:ce:35:b7:ff:4f:34:a7:0f:ed:
         2c:8a:57:a0:d1:e5:64:31:49:f7:cf:50:d5:db:08:67:76:ab:
         6d:68:a9:e2:4a:dc:f4:78:2f:bc:1c:2d:11:3b:da:a6:b3:48:
         3e:09:4d:23:f0:22:f0:14:41:75:12:53:02:de:b9:5f:b3:79:
         47:28:61:7f:83:c1:2c:06:c5:96:ad:07:20:3c:6f:79:58:ef:
         00:5d:c7:ae:a8:28:ce:e0:12:52:57:28:d7:fe:68:1d:dc:03:
         ca:0d:7f:34:3d:9b:5e:0f:3d:b8:5f:85:bb:52:e9:31:2f:60:
         82:5a:10:00:d9:85:ef:1e:10:a8:1b:91:01:dc:e4:e9:4b:7c:
         27:71:e6:a0:93:17:df:71:f4:b5:47:04:c6:99:90:97:47:bd:
         df:74:a2:fe:d1:11:80:86:62:2b:24:44:a9:48:4e:ef:06:1c:
         ac:fd:c7:b6:d1:e2:b5:49:40:b9:b2:0a:48:d6:45:7d:78:03:
         0f:a9:c1:4d:37:59:6c:8d:10:ed:36:1b:af:a3:37:48:e9:ec:
         a1:88:62:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765YfslaK+E9gC97boIlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmRmNjhjZWNhMzc2OWU5MWIwZTc2NDhkMWY5NTU4ZWQ0
YzdjMjkwHhcNMjUxMDE5MTAwMjI0WhcNMjUxMDIwMTAwMjI0WjAzMTEwLwYDVQQD
EygyN2ZjMGY2MTQyOTM2OGJmYTUzZGIzNjI3NjQzNjFiMGRmZjVkNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKDe9nx8QVdnPI7rEMz5fX7ZV48d
JEUa9dHf6RohZQJHRBe6Hug743Sd05M7OKCJp6kzVjseIqX6Zm9RqIAUDdQ9Zd1J
6PHJlJm6lxpIq7a1i+i3oSQEUdCbJp5g95D0MVgAM0UX0UF13vm19+ULzjPs50+C
E4SquJhaaLIfr33Yc0W6LuAVELJ4LtOLKwFVTYhjo2lHCGkErtCivAQCL1lvNrM7
JZPoIuysPCIUFYiF6eFfCUc/eZi1wtaU5ZFYGTpc2CH4s062DTvUG7H6km7VN5CO
5w28g6RtSnkdzSbGFniwxlvrsjW0Ibrcn0P5MrIspCweGyqBGZwvKmJRBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCf8D2FCk2i/pT2zYnZDYbDf9dX5MB8GA1UdIwQY
MBaAFDb99ozso3aekbDnZI0flVjtTHwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYt
MzUyMzgwNDBlOGY5LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYtMzUyMzgwNDBlOGY5
LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKxBVBCT/
UQGE8b0yCj51/0R2A6c04C/NxtxpmzawUvTOQBUy+9A8pi4sz9AOzjW3/080pw/t
LIpXoNHlZDFJ989Q1dsIZ3arbWip4krc9HgvvBwtETvaprNIPglNI/Ai8BRBdRJT
At65X7N5Ryhhf4PBLAbFlq0HIDxveVjvAF3HrqgozuASUlco1/5oHdwDyg1/ND2b
Xg89uF+Fu1LpMS9ggloQANmF7x4QqBuRAdzk6Ut8J3HmoJMX33H0tUcExpmQl0e9
33Si/tERgIZiKyREqUhO7wYcrP3HttHitUlAubIKSNZFfXgDD6nBTTdZbI0Q7TYb
r6M3SOnsoYhiHA==
-----END CERTIFICATE-----