Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          RfSHDLYHltgM2GtTh4QXHJlDXjuxBp1WYYk9n7GmmIc=
Subject key identifier:   CF:B6:DB:B0:DD:09:70:C2:61:6F:2E:69:01:03:72:42:B4:AB:A5:10
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       0197B77C9FB2E5861D320B956F5F1DC637EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          132C
Signing time:             Sat 28 Jun 2025 17:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:27 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: JFXv/D7XmM/9eKeDxLbmaFmGNBPsqLDJMwz+OK1lCwI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:9f:b2:e5:86:1d:32:0b:95:6f:5f:1d:c6:37:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Jun 28 17:01:27 2025 GMT
            Not After : Jun 29 17:01:27 2025 GMT
        Subject: CN=cfb6dbb0dd0970c2616f2e6901037242b4aba510
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e9:26:62:6f:ad:a9:dc:f2:73:15:ca:1c:cd:
                    0b:3b:d6:ce:8c:db:6a:86:4e:f1:3e:13:7e:98:4e:
                    0a:fe:9b:10:4e:65:97:ad:43:82:f7:27:4c:4c:d4:
                    2b:fc:32:2d:3b:dc:93:1d:11:56:b3:a5:04:da:83:
                    e6:f0:da:2e:21:6f:e7:04:5c:08:4b:a9:0c:b4:d8:
                    17:14:fe:9d:ec:7d:54:62:40:0a:e9:d5:37:69:8e:
                    ce:1f:f9:3d:c6:62:0c:76:7b:29:e0:e4:f6:2f:52:
                    f2:04:f6:0d:c9:b8:e3:48:f8:cb:5f:b6:45:08:9d:
                    9f:1b:bd:c4:c1:3e:6d:24:cc:1c:d6:3a:12:71:5b:
                    bb:44:48:e2:cb:6a:88:b2:1d:b9:3a:d6:d0:da:96:
                    c1:f1:39:e9:c4:18:9c:42:f9:90:8a:cb:53:0c:3c:
                    9a:63:43:9d:43:f7:52:da:71:1e:ec:72:85:b1:a8:
                    e2:e4:3a:6e:b5:7d:d8:35:a7:5f:4e:dd:75:bc:c0:
                    b9:35:6a:c1:76:79:41:da:9e:5a:1a:6f:d0:4c:33:
                    ca:d5:77:07:a5:50:a9:c0:79:1f:cc:93:26:1f:3e:
                    f8:1b:7e:47:f4:cf:fe:35:d2:be:a2:02:b2:ce:ce:
                    e9:b5:42:4b:d9:c6:8c:52:d6:5d:13:b8:b5:9f:0b:
                    cd:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:B6:DB:B0:DD:09:70:C2:61:6F:2E:69:01:03:72:42:B4:AB:A5:10
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:45:73:80:18:d8:c3:40:a4:63:08:e2:00:80:bd:fc:86:6e:
         e0:6f:45:52:4f:cf:fb:a1:a2:86:73:13:6e:72:b0:eb:b2:0d:
         10:43:c2:87:a5:6e:91:1a:33:de:53:3e:b2:9d:f9:57:f0:0b:
         0c:79:c8:90:3a:1f:95:c0:7e:1d:2e:7e:75:fb:d5:f2:3f:e3:
         f9:ef:df:1f:5f:0c:f5:4e:12:9e:0b:d2:60:ae:59:0c:9e:c0:
         f5:cc:1e:d1:9c:7f:da:03:da:c9:c0:2a:50:a8:74:15:18:c6:
         42:ab:aa:00:05:5e:cd:0d:1f:bf:80:99:19:f7:cd:9d:db:2e:
         fc:48:5c:5f:71:67:93:3b:0f:87:22:30:46:c0:44:33:f8:19:
         c5:ab:9c:08:27:18:f5:23:f9:fc:30:b9:b9:1f:8e:66:f8:6a:
         cd:fb:3f:4b:a8:13:a9:fd:c1:fe:41:df:d1:08:ab:3d:3b:74:
         77:36:af:eb:c8:58:96:c9:ea:73:92:7b:a2:89:40:b1:e0:e8:
         ed:14:d7:3f:2c:37:40:75:dd:28:d3:c0:dc:b7:05:e9:73:a7:
         56:6d:ef:59:87:49:c6:a5:b7:9f:4c:0b:16:fd:83:da:de:46:
         88:66:9b:bd:e4:e3:55:3c:db:20:67:31:ff:87:a1:ea:63:6d:
         ff:a1:22:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJ+y5YYdMguVb18dxjfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUwNjI4MTcwMTI3WhcNMjUwNjI5MTcwMTI3WjAzMTEwLwYDVQQD
EyhjZmI2ZGJiMGRkMDk3MGMyNjE2ZjJlNjkwMTAzNzI0MmI0YWJhNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwukmYm+tqdzycxXKHM0LO9bOjNtq
hk7xPhN+mE4K/psQTmWXrUOC9ydMTNQr/DItO9yTHRFWs6UE2oPm8NouIW/nBFwI
S6kMtNgXFP6d7H1UYkAK6dU3aY7OH/k9xmIMdnsp4OT2L1LyBPYNybjjSPjLX7ZF
CJ2fG73EwT5tJMwc1joScVu7REjiy2qIsh25OtbQ2pbB8TnpxBicQvmQistTDDya
Y0OdQ/dS2nEe7HKFsaji5DputX3YNadfTt11vMC5NWrBdnlB2p5aGm/QTDPK1XcH
pVCpwHkfzJMmHz74G35H9M/+NdK+ogKyzs7ptUJL2caMUtZdE7i1nwvNfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+227DdCXDCYW8uaQEDckK0q6UQMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxkVzgBjY
w0CkYwjiAIC9/IZu4G9FUk/P+6GihnMTbnKw67INEEPCh6VukRoz3lM+sp35V/AL
DHnIkDoflcB+HS5+dfvV8j/j+e/fH18M9U4SngvSYK5ZDJ7A9cwe0Zx/2gPaycAq
UKh0FRjGQquqAAVezQ0fv4CZGffNndsu/EhcX3FnkzsPhyIwRsBEM/gZxaucCCcY
9SP5/DC5uR+OZvhqzfs/S6gTqf3B/kHf0QirPTt0dzav68hYlsnqc5J7oolAseDo
7RTXPyw3QHXdKNPA3LcF6XOnVm3vWYdJxqW3n0wLFv2D2t5GiGabveTjVTzbIGcx
/4eh6mNt/6Eibg==
-----END CERTIFICATE-----