Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
File:                     NbdnbT6rzEXogFTIuEBH7ocyvHM.mft (raw, json)
Hash identifier:          JZHdQGOBPYp1ChWxo2jaqYSuKpomld7aryH2D/kDDuM=
Subject key identifier:   7C:3D:A9:3A:A1:6F:30:4E:A0:FB:CE:A0:87:9D:EB:CE:DE:70:25:7B
Authority key identifier: 35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73
Certificate issuer:       /CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
Certificate serial:       01974B8DA5F755D2E63EE1846558D9EE8238
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
Manifest number:          0271
Signing time:             Sat 07 Jun 2025 18:01:03 +0000
Manifest this update:     Sat 07 Jun 2025 18:01:03 +0000
Manifest next update:     Sun 08 Jun 2025 18:01:03 +0000
Files and hashes:         1: NbdnbT6rzEXogFTIuEBH7ocyvHM.crl (hash: 183Nmft5BSNRdSk0zHDCLNfegvtPETKW4d5EQZDr0lI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:a5:f7:55:d2:e6:3e:e1:84:65:58:d9:ee:82:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
        Validity
            Not Before: Jun  7 18:01:03 2025 GMT
            Not After : Jun  8 18:01:03 2025 GMT
        Subject: CN=7c3da93aa16f304ea0fbcea0879debcede70257b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8c:8d:b0:3a:66:77:d0:31:73:df:b7:2e:64:
                    aa:c7:88:79:97:34:db:3d:ca:85:2f:b7:7f:12:90:
                    71:15:db:b6:0c:30:f6:ca:22:0c:e6:35:23:f4:a3:
                    24:24:dd:28:a6:a9:18:25:17:b3:70:ea:a7:10:ad:
                    d9:49:60:b6:b6:94:34:e6:85:01:bf:92:9b:31:08:
                    e2:25:22:7c:70:4a:0c:5f:6b:79:9f:44:06:49:ed:
                    e6:7a:71:3c:02:16:e6:62:9b:77:64:6d:81:bc:85:
                    bc:d8:2f:5e:9a:d4:bb:ec:66:1d:1c:12:c3:a4:05:
                    6c:4c:c8:81:3e:03:30:c5:ff:04:d4:c4:3d:f2:5c:
                    a7:dd:9f:cd:27:82:cd:7c:c2:9a:e3:e4:71:b3:a9:
                    c2:64:d0:c4:d8:db:78:2c:eb:e4:0b:c6:68:ed:94:
                    10:03:e4:b0:8e:33:2f:73:95:ee:1a:e2:4d:51:a2:
                    95:4a:16:7a:68:33:46:b6:35:eb:cc:73:c2:ca:6b:
                    45:d1:84:d2:fa:70:b4:d4:c1:d7:cf:08:e5:c1:dd:
                    9a:98:22:3b:f6:ce:f4:b2:dc:82:7b:71:80:55:98:
                    a0:a1:a1:0e:9b:f8:7b:c4:8d:4a:fe:4f:44:d7:94:
                    ec:18:ea:12:21:76:e2:69:5f:fc:ac:dd:64:dd:f4:
                    7b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3D:A9:3A:A1:6F:30:4E:A0:FB:CE:A0:87:9D:EB:CE:DE:70:25:7B
            X509v3 Authority Key Identifier:
                keyid:35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:01:e2:ba:5c:8d:fb:a2:d3:49:9a:4b:7b:8a:8c:ac:70:55:
         de:60:ea:0c:64:3b:c7:cc:98:e8:8b:64:2a:37:03:2b:98:42:
         2d:ae:ba:d1:83:6d:17:9b:02:46:3c:06:ab:48:1a:f2:eb:79:
         a7:11:e9:f8:4d:c8:49:da:e7:51:7c:19:9d:be:58:cf:c8:53:
         a1:43:5b:cc:d3:fc:4a:46:19:d4:cc:63:d2:d8:de:e1:97:9f:
         b4:3a:40:00:42:77:85:b2:1c:a0:e4:b0:4e:4f:0c:64:e2:44:
         d6:12:dd:5e:dd:d9:51:f8:0f:8b:65:db:eb:e4:65:cc:89:44:
         41:8e:35:74:a0:cb:8b:6c:25:89:b9:1e:72:7f:dc:5d:7d:14:
         0d:d9:ae:78:42:5d:3f:bc:27:02:6f:8c:36:b9:58:a2:f7:48:
         7b:22:b7:fd:2f:1a:89:61:3e:4d:23:a6:17:3f:69:3f:a0:07:
         0b:17:9f:f7:0e:5b:a4:82:8e:95:a8:5f:69:85:70:71:f4:c6:
         8a:01:c1:9e:65:49:79:3a:76:64:a3:01:fd:a7:6f:de:98:89:
         3e:1e:5c:5e:c2:60:42:d3:62:1f:02:b6:3d:67:66:e1:a0:32:
         4b:b2:a5:84:d3:3b:b4:b0:46:f9:49:b7:ba:22:2e:87:8a:82:
         f5:d9:d0:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjaX3VdLmPuGEZVjZ7oI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yjc2NzZkM2VhYmNjNDVlODgwNTRjOGI4NDA0N2VlODcz
MmJjNzMwHhcNMjUwNjA3MTgwMTAzWhcNMjUwNjA4MTgwMTAzWjAzMTEwLwYDVQQD
Eyg3YzNkYTkzYWExNmYzMDRlYTBmYmNlYTA4NzlkZWJjZWRlNzAyNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4yNsDpmd9Axc9+3LmSqx4h5lzTb
PcqFL7d/EpBxFdu2DDD2yiIM5jUj9KMkJN0opqkYJRezcOqnEK3ZSWC2tpQ05oUB
v5KbMQjiJSJ8cEoMX2t5n0QGSe3menE8AhbmYpt3ZG2BvIW82C9emtS77GYdHBLD
pAVsTMiBPgMwxf8E1MQ98lyn3Z/NJ4LNfMKa4+Rxs6nCZNDE2Nt4LOvkC8Zo7ZQQ
A+SwjjMvc5XuGuJNUaKVShZ6aDNGtjXrzHPCymtF0YTS+nC01MHXzwjlwd2amCI7
9s70styCe3GAVZigoaEOm/h7xI1K/k9E15TsGOoSIXbiaV/8rN1k3fR7WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHw9qTqhbzBOoPvOoIed687ecCV7MB8GA1UdIwQY
MBaAFDW3Z20+q8xF6IBUyLhAR+6HMrxzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUt
YmUyMDNmMDEzMDRkLzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUtYmUyMDNmMDEzMDRk
LzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwHiulyN
+6LTSZpLe4qMrHBV3mDqDGQ7x8yY6ItkKjcDK5hCLa660YNtF5sCRjwGq0ga8ut5
pxHp+E3ISdrnUXwZnb5Yz8hToUNbzNP8SkYZ1Mxj0tje4ZeftDpAAEJ3hbIcoOSw
Tk8MZOJE1hLdXt3ZUfgPi2Xb6+RlzIlEQY41dKDLi2wlibkecn/cXX0UDdmueEJd
P7wnAm+MNrlYovdIeyK3/S8aiWE+TSOmFz9pP6AHCxef9w5bpIKOlahfaYVwcfTG
igHBnmVJeTp2ZKMB/adv3piJPh5cXsJgQtNiHwK2PWdm4aAyS7KlhNM7tLBG+Um3
uiIuh4qC9dnQvw==
-----END CERTIFICATE-----