Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft
File:                     NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft (raw, json)
Hash identifier:          yjtoyiaoKYs/ELxzgid589bTdqxwtvkQAw9mCEduxIo=
Subject key identifier:   28:F6:88:7F:E6:32:D4:E6:8E:7C:5A:AE:3D:93:69:D8:5F:7A:EB:61
Authority key identifier: 34:E8:1F:FC:43:EA:8B:BA:DC:98:30:78:A1:9A:AD:54:7A:89:1D:A5
Certificate issuer:       /CN=34e81ffc43ea8bbadc983078a19aad547a891da5
Certificate serial:       019A70A5902A96BDA20DBA9C3D3658A32413
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NOgf_EPqi7rcmDB4oZqtVHqJHaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft
Manifest number:          24
Signing time:             Tue 11 Nov 2025 02:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:29 +0000
Files and hashes:         1: NOgf_EPqi7rcmDB4oZqtVHqJHaU.crl (hash: 8/qe7KO7gr9t2BJQSfAr8MRtwsOn4BOcGR4JcWYEEjI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NOgf_EPqi7rcmDB4oZqtVHqJHaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:90:2a:96:bd:a2:0d:ba:9c:3d:36:58:a3:24:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34e81ffc43ea8bbadc983078a19aad547a891da5
        Validity
            Not Before: Nov 11 02:01:29 2025 GMT
            Not After : Nov 12 02:01:29 2025 GMT
        Subject: CN=28f6887fe632d4e68e7c5aae3d9369d85f7aeb61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fa:3e:ec:8c:4a:2d:a8:e6:4a:5e:16:ab:5d:
                    ce:b6:0b:14:51:26:b6:0a:a3:45:c8:ae:26:9a:09:
                    98:4a:64:6f:a8:16:be:7d:43:6e:32:9b:8a:f7:57:
                    df:6b:75:ac:8e:55:5c:cb:f7:cd:cd:78:ab:a1:1a:
                    16:39:64:db:b4:da:fd:3d:45:39:6b:0b:0c:14:05:
                    04:77:42:c7:a1:1b:9c:e7:8d:b8:67:9a:96:f6:5d:
                    21:f0:cb:93:40:99:a4:8d:cf:61:6c:f8:1a:19:58:
                    7b:71:3b:42:53:73:4d:97:a8:61:8c:36:71:bd:8a:
                    a1:62:62:5c:0f:05:59:96:0e:69:66:95:6b:03:11:
                    2f:66:1a:ba:73:48:97:ac:71:ef:35:cb:2a:c6:7f:
                    84:58:3e:b9:24:e9:a2:99:6d:7d:1b:ef:0f:a3:0f:
                    5e:74:e6:57:57:b8:0f:44:83:db:ee:e2:58:6d:28:
                    04:57:36:0d:90:02:38:7c:5e:b3:5d:cb:0e:3c:d8:
                    a2:54:f1:9b:73:bd:1e:a5:74:3c:5d:91:bf:0a:d1:
                    bc:d9:62:2b:3b:c1:b1:33:7c:b3:51:b7:9d:5b:01:
                    98:3d:7e:f1:b5:ba:c3:f0:ff:c2:ef:ef:63:1f:45:
                    98:63:b1:34:2f:f0:88:9d:b7:70:db:ff:61:75:f4:
                    5f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F6:88:7F:E6:32:D4:E6:8E:7C:5A:AE:3D:93:69:D8:5F:7A:EB:61
            X509v3 Authority Key Identifier:
                keyid:34:E8:1F:FC:43:EA:8B:BA:DC:98:30:78:A1:9A:AD:54:7A:89:1D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOgf_EPqi7rcmDB4oZqtVHqJHaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/e43db4-2912-48a1-a037-96c744e235b3/1/NOgf_EPqi7rcmDB4oZqtVHqJHaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:4f:b2:54:68:0b:58:0f:93:e4:67:89:c1:a3:57:ae:67:0c:
         c9:73:49:0b:05:80:e4:64:ab:1e:24:aa:7a:07:69:d1:6b:3c:
         96:3d:a8:5b:3c:40:ee:e9:61:e1:8c:3c:d6:0c:b9:1f:6b:6e:
         f9:9d:73:05:b6:bf:a7:c2:a9:ee:57:05:40:46:02:e7:16:4d:
         f6:82:43:f4:51:51:ca:52:44:c4:e4:e1:6a:73:8c:91:5e:4c:
         3e:e1:39:d8:5f:df:6c:89:c2:02:80:ed:0d:7b:3c:bf:7c:5f:
         51:fd:47:39:aa:79:2c:a2:16:01:4c:76:51:42:25:3c:92:dc:
         0e:71:83:a4:5a:7e:50:4c:89:25:de:70:94:8f:08:a8:a0:48:
         fb:08:71:4d:24:6e:1b:9d:2c:a2:43:83:62:2c:80:aa:35:33:
         26:17:3d:22:8a:66:c7:f3:81:6c:9d:f1:c6:04:4d:b0:e0:f8:
         e9:30:92:83:58:6e:c4:25:39:f3:55:bb:eb:00:85:b8:07:3d:
         a4:ba:c7:58:e6:a5:a2:71:c6:06:a1:16:56:cf:0c:66:fe:0d:
         46:3e:d4:f8:6c:2c:0c:bd:52:15:bb:20:70:84:33:74:c2:94:
         0d:ce:0a:2c:1d:c2:f6:de:84:71:31:a6:a4:28:b8:d7:88:dc:
         22:c4:c1:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpZAqlr2iDbqcPTZYoyQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTgxZmZjNDNlYThiYmFkYzk4MzA3OGExOWFhZDU0N2E4
OTFkYTUwHhcNMjUxMTExMDIwMTI5WhcNMjUxMTEyMDIwMTI5WjAzMTEwLwYDVQQD
EygyOGY2ODg3ZmU2MzJkNGU2OGU3YzVhYWUzZDkzNjlkODVmN2FlYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvo+7IxKLajmSl4Wq13OtgsUUSa2
CqNFyK4mmgmYSmRvqBa+fUNuMpuK91ffa3WsjlVcy/fNzXiroRoWOWTbtNr9PUU5
awsMFAUEd0LHoRuc5424Z5qW9l0h8MuTQJmkjc9hbPgaGVh7cTtCU3NNl6hhjDZx
vYqhYmJcDwVZlg5pZpVrAxEvZhq6c0iXrHHvNcsqxn+EWD65JOmimW19G+8Pow9e
dOZXV7gPRIPb7uJYbSgEVzYNkAI4fF6zXcsOPNiiVPGbc70epXQ8XZG/CtG82WIr
O8GxM3yzUbedWwGYPX7xtbrD8P/C7+9jH0WYY7E0L/CInbdw2/9hdfRfmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCj2iH/mMtTmjnxarj2TadhfeuthMB8GA1UdIwQY
MBaAFDToH/xD6ou63JgweKGarVR6iR2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9nZl9FUHFpN3JjbURCNG9acXRWSHFKSGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lNDNkYjQtMjkxMi00OGExLWEwMzct
OTZjNzQ0ZTIzNWIzLzEvTk9nZl9FUHFpN3JjbURCNG9acXRWSHFKSGFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lNDNkYjQtMjkxMi00OGExLWEwMzctOTZjNzQ0ZTIzNWIz
LzEvTk9nZl9FUHFpN3JjbURCNG9acXRWSHFKSGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhU+yVGgL
WA+T5GeJwaNXrmcMyXNJCwWA5GSrHiSqegdp0Ws8lj2oWzxA7ulh4Yw81gy5H2tu
+Z1zBba/p8Kp7lcFQEYC5xZN9oJD9FFRylJExOThanOMkV5MPuE52F/fbInCAoDt
DXs8v3xfUf1HOap5LKIWAUx2UUIlPJLcDnGDpFp+UEyJJd5wlI8IqKBI+whxTSRu
G50sokODYiyAqjUzJhc9Iopmx/OBbJ3xxgRNsOD46TCSg1huxCU581W76wCFuAc9
pLrHWOalonHGBqEWVs8MZv4NRj7U+GwsDL1SFbsgcIQzdMKUDc4KLB3C9t6EcTGm
pCi414jcIsTBMg==
-----END CERTIFICATE-----