Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          BWQwV10jQMCc3vi1MY6WjhxLbyx6scq1kh+mniU/Pwo=
Subject key identifier:   0C:20:88:17:74:01:1C:75:1C:E7:BF:53:12:74:93:FA:E8:12:EF:B6
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       0198469B1CA2A190CE68570F3EBD0E3B3BA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0707
Signing time:             Sat 26 Jul 2025 12:00:27 +0000
Manifest this update:     Sat 26 Jul 2025 12:00:27 +0000
Manifest next update:     Sun 27 Jul 2025 12:00:27 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: GTolCcRCnOXyMcfxqvs/yEmWopmYZv3sn079Fs5xg98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:46:9b:1c:a2:a1:90:ce:68:57:0f:3e:bd:0e:3b:3b:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: Jul 26 12:00:27 2025 GMT
            Not After : Jul 27 12:00:27 2025 GMT
        Subject: CN=0c20881774011c751ce7bf53127493fae812efb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a2:ea:63:7d:d5:f3:d0:2c:6b:ea:51:38:b7:
                    05:09:d1:32:20:5b:a7:25:96:88:36:a2:ea:b4:8d:
                    d4:c4:85:c9:fd:a1:91:be:26:e6:e7:9e:82:1d:28:
                    50:1c:82:f6:68:9b:df:51:fa:28:bc:21:ae:00:bf:
                    63:70:d5:b3:aa:43:e7:0c:53:2e:07:a3:d3:a6:a8:
                    d1:4b:cb:be:33:69:2d:81:4c:19:83:6a:f1:84:1f:
                    e3:b1:6b:3a:8b:99:2d:16:66:63:7e:13:ba:19:ba:
                    2b:f8:e6:de:6c:42:e9:9e:3c:58:3d:ab:32:54:dc:
                    80:0c:e6:00:b2:7c:01:14:8a:34:0e:08:a2:8f:33:
                    ea:9c:c0:74:9e:f8:72:05:32:f3:77:40:67:07:d3:
                    a7:d3:4f:ec:a3:53:30:b7:fb:9c:90:01:48:25:c2:
                    ff:df:06:f9:17:f7:3f:08:ba:3f:6d:01:32:b4:1e:
                    60:fe:d6:f5:4c:78:15:f4:34:6d:bf:9f:ee:5c:e2:
                    e0:4d:ef:5e:11:3e:d9:fa:9d:ff:7b:35:55:48:d2:
                    f1:27:ed:10:07:a2:6b:b8:63:e4:7d:9d:87:fa:ba:
                    d1:15:ae:2b:bd:7b:a7:6e:59:3a:ff:d9:85:ec:bf:
                    6f:92:d9:d2:59:3c:12:3d:58:2b:7a:6a:2e:25:62:
                    fc:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:20:88:17:74:01:1C:75:1C:E7:BF:53:12:74:93:FA:E8:12:EF:B6
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:fa:53:08:49:a2:fc:5c:ba:e0:47:01:60:1c:67:82:05:57:
         69:95:02:21:38:97:1c:2c:66:eb:5d:c6:7d:d0:00:56:c9:48:
         26:29:e1:80:db:00:dd:ab:51:79:3b:e1:42:03:55:48:29:05:
         4e:11:c7:cb:9f:66:d9:79:2d:8d:01:a7:13:b9:60:8f:31:4b:
         e0:cf:f9:f8:7e:79:06:87:14:d7:77:fd:04:b2:08:b2:5e:61:
         f0:ee:7a:7f:89:65:38:2f:91:01:c7:cd:0b:5e:81:23:b2:d1:
         84:6e:33:89:05:1c:54:9f:bf:fe:e6:11:b2:ee:2d:f2:7a:41:
         fb:01:dc:79:b5:90:7e:52:99:88:94:aa:2a:fa:65:3d:d7:b4:
         3c:07:0a:9d:c7:47:70:c5:82:61:52:70:89:78:87:1d:bc:a3:
         da:62:f0:51:d1:3e:d1:5d:5a:fd:a4:45:f8:c4:7e:27:d3:21:
         dc:36:06:30:fa:a2:86:3f:9b:cb:6c:00:27:15:eb:e2:96:b0:
         a5:36:f3:29:99:68:fa:04:2c:d5:ae:6a:f0:9d:6f:52:5d:7b:
         dd:b3:b4:35:38:32:86:c8:64:29:93:1e:ff:90:6f:b0:1d:b0:
         a0:1d:b1:67:fd:03:cb:15:18:cb:38:62:b8:ab:99:6d:8e:1c:
         9c:50:7f:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhGmxyioZDOaFcPPr0OOzuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjUwNzI2MTIwMDI3WhcNMjUwNzI3MTIwMDI3WjAzMTEwLwYDVQQD
EygwYzIwODgxNzc0MDExYzc1MWNlN2JmNTMxMjc0OTNmYWU4MTJlZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKLqY33V89Asa+pROLcFCdEyIFun
JZaINqLqtI3UxIXJ/aGRvibm556CHShQHIL2aJvfUfoovCGuAL9jcNWzqkPnDFMu
B6PTpqjRS8u+M2ktgUwZg2rxhB/jsWs6i5ktFmZjfhO6Gbor+ObebELpnjxYPasy
VNyADOYAsnwBFIo0DgiijzPqnMB0nvhyBTLzd0BnB9On00/so1Mwt/uckAFIJcL/
3wb5F/c/CLo/bQEytB5g/tb1THgV9DRtv5/uXOLgTe9eET7Z+p3/ezVVSNLxJ+0Q
B6JruGPkfZ2H+rrRFa4rvXunblk6/9mF7L9vktnSWTwSPVgremouJWL8DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwgiBd0ARx1HOe/UxJ0k/roEu+2MB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwfpTCEmi
/Fy64EcBYBxnggVXaZUCITiXHCxm613GfdAAVslIJinhgNsA3atReTvhQgNVSCkF
ThHHy59m2XktjQGnE7lgjzFL4M/5+H55BocU13f9BLIIsl5h8O56f4llOC+RAcfN
C16BI7LRhG4ziQUcVJ+//uYRsu4t8npB+wHcebWQflKZiJSqKvplPde0PAcKncdH
cMWCYVJwiXiHHbyj2mLwUdE+0V1a/aRF+MR+J9Mh3DYGMPqihj+by2wAJxXr4paw
pTbzKZlo+gQs1a5q8J1vUl173bO0NTgyhshkKZMe/5BvsB2woB2xZ/0DyxUYyzhi
uKuZbY4cnFB/mg==
-----END CERTIFICATE-----