Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
File:                     NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json)
Hash identifier:          XcxTt1MrNX1ImLZXD+jvOZ5Tao4mo6cM5LSDpeglG2E=
Subject key identifier:   A6:D4:82:48:94:00:88:3E:8F:0F:BD:8C:58:99:3D:CA:A2:44:69:F2
Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85
Certificate issuer:       /CN=3466e497e8ba92830847b4d8b6710325d23bda85
Certificate serial:       019653EE08B6503D8AEA319DAB84C468436C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
Manifest number:          055C
Signing time:             Sun 20 Apr 2025 16:00:30 +0000
Manifest this update:     Sun 20 Apr 2025 16:00:30 +0000
Manifest next update:     Mon 21 Apr 2025 16:00:30 +0000
Files and hashes:         1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: WGKzDMSi4QRM1jHT7I0Jbfp5INWgLTovb/OJT4lXHN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:ee:08:b6:50:3d:8a:ea:31:9d:ab:84:c4:68:43:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85
        Validity
            Not Before: Apr 20 16:00:30 2025 GMT
            Not After : Apr 21 16:00:30 2025 GMT
        Subject: CN=a6d482489400883e8f0fbd8c58993dcaa24469f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:13:04:89:bd:3e:91:79:8d:ba:39:eb:29:c3:
                    ee:75:eb:7b:e0:11:44:20:9c:28:38:ec:0d:23:2f:
                    dd:73:72:8e:da:e3:e6:3a:47:d3:9f:d7:b0:7b:46:
                    49:13:3d:d2:3e:72:5c:b2:52:4e:5d:60:9c:06:e1:
                    1f:8f:d6:e5:0e:b0:26:ec:05:92:a0:8f:ae:83:f1:
                    b2:65:a8:a3:a0:0f:c2:b9:41:b1:51:32:87:c0:cc:
                    c7:7b:11:24:8e:df:c8:8d:45:4e:bc:c8:e8:43:82:
                    34:ce:a7:38:5c:9c:59:24:0a:eb:18:8b:80:96:ef:
                    ba:e0:2b:85:e7:85:b6:12:cd:71:5b:80:41:f3:95:
                    42:f7:30:6a:20:98:42:3a:45:eb:99:10:03:fb:2f:
                    9d:9d:92:59:31:fd:60:ee:38:fd:ac:69:b8:4f:25:
                    66:d7:23:18:0c:ee:bb:64:29:b9:22:6e:f8:fb:3f:
                    37:c7:60:d1:00:63:30:5f:fa:e4:1a:3d:ab:4f:d2:
                    3c:b7:bc:84:25:19:39:bc:a3:5f:0c:4f:d0:c1:d4:
                    00:d9:73:ee:a0:da:09:b4:6e:86:5f:4c:72:6d:05:
                    92:c1:42:1a:17:ed:8e:6e:06:d2:ee:60:40:ad:5d:
                    dc:8c:2b:37:85:1b:b3:da:08:8b:f1:2d:46:d8:15:
                    22:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:D4:82:48:94:00:88:3E:8F:0F:BD:8C:58:99:3D:CA:A2:44:69:F2
            X509v3 Authority Key Identifier:
                keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:dd:26:32:ba:89:a6:92:70:ed:ad:32:3c:fa:99:c9:4b:7b:
         29:a0:48:f5:b5:38:cf:1d:84:98:a2:6d:ea:4f:7f:05:40:be:
         ea:c5:41:bd:30:28:e2:db:f8:73:2c:d6:ff:1c:ca:ce:48:6c:
         68:aa:3d:51:b6:ae:62:d1:09:e6:86:57:f9:bc:82:44:a5:a7:
         50:e3:80:95:9e:58:2f:6c:35:df:0c:1e:7c:b1:be:f5:1f:6c:
         99:48:42:02:20:0f:1c:25:33:da:5c:97:80:3a:5a:7c:b1:31:
         be:e6:95:27:39:4a:f3:aa:92:d3:7b:64:da:56:d2:5e:ad:fe:
         51:30:0e:00:8a:a2:65:24:21:10:c7:89:6f:6e:2c:76:11:c1:
         68:24:7c:85:9c:58:b5:26:11:49:45:4a:9e:ee:1a:c0:e7:f4:
         c5:28:78:85:e1:21:f5:78:d9:27:82:e9:43:02:d6:db:18:ae:
         f3:da:b2:6e:47:87:6e:2b:fc:95:ab:4a:6a:18:d5:44:ef:ab:
         10:04:0f:bf:88:23:31:79:69:9c:56:76:5a:97:e6:81:77:d6:
         be:10:b8:74:07:c4:e3:ba:9d:93:a3:cb:06:d1:9d:df:19:8e:
         d8:69:cf:2f:5b:b6:ee:37:9c:27:97:fb:e1:fd:ea:d6:eb:3b:
         c4:d1:1d:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7gi2UD2K6jGdq4TEaENsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz
YmRhODUwHhcNMjUwNDIwMTYwMDMwWhcNMjUwNDIxMTYwMDMwWjAzMTEwLwYDVQQD
EyhhNmQ0ODI0ODk0MDA4ODNlOGYwZmJkOGM1ODk5M2RjYWEyNDQ2OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhMEib0+kXmNujnrKcPudet74BFE
IJwoOOwNIy/dc3KO2uPmOkfTn9ewe0ZJEz3SPnJcslJOXWCcBuEfj9blDrAm7AWS
oI+ug/GyZaijoA/CuUGxUTKHwMzHexEkjt/IjUVOvMjoQ4I0zqc4XJxZJArrGIuA
lu+64CuF54W2Es1xW4BB85VC9zBqIJhCOkXrmRAD+y+dnZJZMf1g7jj9rGm4TyVm
1yMYDO67ZCm5Im74+z83x2DRAGMwX/rkGj2rT9I8t7yEJRk5vKNfDE/QwdQA2XPu
oNoJtG6GX0xybQWSwUIaF+2ObgbS7mBArV3cjCs3hRuz2giL8S1G2BUi0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbUgkiUAIg+jw+9jFiZPcqiRGnyMB8GA1UdIwQY
MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt
ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm
LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPt0mMrqJ
ppJw7a0yPPqZyUt7KaBI9bU4zx2EmKJt6k9/BUC+6sVBvTAo4tv4cyzW/xzKzkhs
aKo9UbauYtEJ5oZX+byCRKWnUOOAlZ5YL2w13wwefLG+9R9smUhCAiAPHCUz2lyX
gDpafLExvuaVJzlK86qS03tk2lbSXq3+UTAOAIqiZSQhEMeJb24sdhHBaCR8hZxY
tSYRSUVKnu4awOf0xSh4heEh9XjZJ4LpQwLW2xiu89qybkeHbiv8latKahjVRO+r
EAQPv4gjMXlpnFZ2WpfmgXfWvhC4dAfE47qdk6PLBtGd3xmO2GnPL1u27jecJ5f7
4f3q1us7xNEdtQ==
-----END CERTIFICATE-----