Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          /VQO9LBZs8T1t4pINLRPU+HNLZcBqStFLZj9trIlov4=
Subject key identifier:   E1:4B:3E:AF:BD:61:EA:A9:63:93:42:2E:BD:A8:71:D4:4D:C5:D2:37
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       0197499F68A0EAE72B261BDB1B6321FB247F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          0655
Signing time:             Sat 07 Jun 2025 09:01:13 +0000
Manifest this update:     Sat 07 Jun 2025 09:01:13 +0000
Manifest next update:     Sun 08 Jun 2025 09:01:13 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: NjFTGvpHhdZ+GBPaIKLbMZqE3LkDdlNEDPzJoLLUVe8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9f:68:a0:ea:e7:2b:26:1b:db:1b:63:21:fb:24:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Jun  7 09:01:13 2025 GMT
            Not After : Jun  8 09:01:13 2025 GMT
        Subject: CN=e14b3eafbd61eaa96393422ebda871d44dc5d237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:97:2f:15:9b:d9:f9:cd:30:76:68:4e:a2:ec:
                    b9:bd:ae:ad:e8:0e:65:03:11:da:71:c4:de:7c:9b:
                    f5:ce:e5:9c:1e:e8:fa:4f:ee:d2:39:d8:24:09:96:
                    d9:eb:fb:73:4a:69:e2:96:5c:f1:78:65:90:70:d0:
                    8d:dd:1f:37:fe:25:e1:b8:6a:eb:35:bb:49:bb:8d:
                    2d:e9:31:5e:dc:d2:77:07:2e:1c:db:7a:0c:5f:72:
                    fc:6f:b3:a5:2a:81:02:48:f0:66:a5:e8:40:c8:7a:
                    45:3a:5f:51:f7:23:a4:46:f2:b6:06:94:99:5a:45:
                    31:75:7a:55:e6:bc:cd:1c:74:fb:34:14:7d:d0:26:
                    89:ba:75:44:be:27:79:c2:c0:3e:61:0d:ec:b8:75:
                    51:14:01:ea:bd:54:43:f4:63:62:9e:26:c7:e0:97:
                    0b:26:1a:23:22:27:15:db:1a:eb:29:86:9b:00:a5:
                    da:72:a8:6f:f7:3c:71:36:2c:1e:0e:b9:b1:d6:6b:
                    03:1a:eb:d5:04:38:8b:1b:4b:64:f4:c1:f0:81:4c:
                    b3:4f:f2:1d:51:f6:af:8d:17:15:a2:03:6d:b0:a9:
                    e7:7f:0e:42:ab:ad:10:8e:c1:8b:18:3a:4a:43:f7:
                    62:38:55:a4:78:52:89:00:1b:e6:4a:77:61:ce:a0:
                    48:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:4B:3E:AF:BD:61:EA:A9:63:93:42:2E:BD:A8:71:D4:4D:C5:D2:37
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:24:44:90:a0:26:10:83:c0:ca:24:ab:24:ba:56:b5:9a:98:
         00:a4:6d:df:6b:70:35:0e:cb:58:29:b7:a8:8a:57:95:3c:d0:
         b6:78:01:ea:f5:7a:71:6d:8f:dc:da:8f:ea:5f:78:1a:44:06:
         64:27:53:57:41:3d:8e:3b:5d:d8:99:17:35:fc:6f:6d:f8:89:
         b8:85:d1:0a:84:67:83:2b:f7:7f:c5:02:1d:fe:13:e4:ed:79:
         e2:29:14:de:be:08:54:66:6b:dd:30:2b:e6:7f:7a:3f:3d:bf:
         a6:f8:d4:7c:b9:f4:60:1b:b0:a3:3f:1c:91:5f:c1:83:4b:05:
         dc:56:cf:6a:24:0c:ab:18:c6:c3:ac:ea:68:7c:c4:af:96:44:
         85:b4:2d:5b:56:e5:5a:06:a9:8b:89:b5:fa:5c:75:eb:07:23:
         42:29:b4:eb:5e:d8:f4:bf:86:08:27:48:30:5b:e1:b6:6d:ce:
         9b:dd:81:84:40:e6:0e:32:e9:0d:fd:2f:03:45:8e:ae:2d:b1:
         0b:94:0d:61:88:ca:24:71:f3:4d:45:4b:40:1d:37:21:21:e7:
         ad:06:df:d9:31:25:61:f9:11:f7:cd:c6:58:d7:e6:ec:f4:89:
         44:ef:5b:1d:db:c8:23:eb:5d:19:29:4a:ed:5c:1c:dd:0c:20:
         97:e8:31:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJn2ig6ucrJhvbG2Mh+yR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUwNjA3MDkwMTEzWhcNMjUwNjA4MDkwMTEzWjAzMTEwLwYDVQQD
EyhlMTRiM2VhZmJkNjFlYWE5NjM5MzQyMmViZGE4NzFkNDRkYzVkMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJcvFZvZ+c0wdmhOouy5va6t6A5l
AxHaccTefJv1zuWcHuj6T+7SOdgkCZbZ6/tzSmnillzxeGWQcNCN3R83/iXhuGrr
NbtJu40t6TFe3NJ3By4c23oMX3L8b7OlKoECSPBmpehAyHpFOl9R9yOkRvK2BpSZ
WkUxdXpV5rzNHHT7NBR90CaJunVEvid5wsA+YQ3suHVRFAHqvVRD9GNinibH4JcL
JhojIicV2xrrKYabAKXacqhv9zxxNiweDrmx1msDGuvVBDiLG0tk9MHwgUyzT/Id
UfavjRcVogNtsKnnfw5Cq60QjsGLGDpKQ/diOFWkeFKJABvmSndhzqBI+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFLPq+9YeqpY5NCLr2ocdRNxdI3MB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYyREkKAm
EIPAyiSrJLpWtZqYAKRt32twNQ7LWCm3qIpXlTzQtngB6vV6cW2P3NqP6l94GkQG
ZCdTV0E9jjtd2JkXNfxvbfiJuIXRCoRngyv3f8UCHf4T5O154ikU3r4IVGZr3TAr
5n96Pz2/pvjUfLn0YBuwoz8ckV/Bg0sF3FbPaiQMqxjGw6zqaHzEr5ZEhbQtW1bl
Wgapi4m1+lx16wcjQim0617Y9L+GCCdIMFvhtm3Om92BhEDmDjLpDf0vA0WOri2x
C5QNYYjKJHHzTUVLQB03ISHnrQbf2TElYfkR983GWNfm7PSJRO9bHdvII+tdGSlK
7Vwc3Qwgl+gxEw==
-----END CERTIFICATE-----