Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          GRAi201AfF10FeJVjv3relmyBxBQCOHeELZp0R95y/E=
Subject key identifier:   E4:AD:EC:CD:C6:16:F6:14:C4:70:25:E1:DC:09:7D:A8:D8:48:8A:4A
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       019A72CAA7B7759D935E3FF7BBB5AF0B1A57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          07F8
Signing time:             Tue 11 Nov 2025 12:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:15 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: hZ7Z0YcY5gHQ9OIw/SdinRVuNCldqfl6YSUFcmojV1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:a7:b7:75:9d:93:5e:3f:f7:bb:b5:af:0b:1a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Nov 11 12:01:15 2025 GMT
            Not After : Nov 12 12:01:15 2025 GMT
        Subject: CN=e4adeccdc616f614c47025e1dc097da8d8488a4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f8:f8:28:89:7c:36:9d:81:a1:b4:6a:67:1c:
                    a9:f3:63:6b:ce:5c:2b:7f:7f:f0:10:8b:c0:c5:63:
                    da:4d:85:11:48:0d:f2:af:42:3f:79:5b:83:90:75:
                    af:50:0b:36:2e:71:6e:c1:2f:96:82:c9:d8:95:17:
                    cb:3e:48:43:75:d1:d2:27:07:48:82:f4:2c:b3:c1:
                    b6:ef:fb:1f:60:a3:06:ea:23:14:39:c9:93:c3:b5:
                    ad:47:0e:4c:1c:6c:8f:4a:c4:79:ff:d6:a2:fe:a5:
                    a1:68:ee:0a:11:89:6e:1e:1a:4e:5c:17:f8:21:cd:
                    25:d1:a5:df:cf:22:d4:5e:f6:5c:b5:fc:c3:b5:28:
                    9b:86:d0:79:4b:9e:0a:aa:54:fc:4e:db:67:ff:2a:
                    46:ca:52:52:22:5e:a6:a1:e8:ab:0e:2e:84:c1:2e:
                    f3:51:fa:7a:5c:c2:13:f3:5f:c7:8e:86:37:f2:0b:
                    07:95:9c:c5:c8:16:c5:c9:f5:69:5f:19:d1:08:ae:
                    df:3b:60:ae:81:9a:f2:c1:93:11:00:d6:35:8b:e8:
                    b5:4c:ab:68:a0:a8:a4:5f:d0:53:43:a1:40:b6:c7:
                    a3:88:15:47:ef:7c:9a:c3:00:99:66:90:a8:e4:7f:
                    d2:6c:fc:11:52:ff:14:58:7c:6d:57:c1:8c:e4:81:
                    72:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:AD:EC:CD:C6:16:F6:14:C4:70:25:E1:DC:09:7D:A8:D8:48:8A:4A
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:ca:31:8b:10:75:e3:78:e1:49:b0:b5:4e:db:68:19:71:73:
         6f:c4:e5:3a:30:2f:f7:05:36:aa:30:e4:cc:f6:36:c3:2c:4c:
         63:de:8e:91:69:f4:f2:42:e4:15:b1:c4:63:ea:8a:25:1f:79:
         84:82:cf:b3:66:9c:80:13:d4:c2:c9:34:3b:7c:22:b5:7b:b3:
         f0:7a:a1:25:00:f3:8c:94:a0:95:10:33:7b:90:0f:5d:70:76:
         af:4a:6a:24:8d:69:c3:e2:ff:02:95:9e:68:a3:90:fd:bc:d6:
         ed:1b:05:ba:f4:ae:c3:4d:6e:a8:43:84:aa:98:31:ca:70:dd:
         d4:79:17:9b:b3:ed:82:a4:d9:3c:6c:2d:99:c8:aa:b8:b0:22:
         14:3c:73:81:e6:ba:46:20:2e:73:07:6e:09:b0:94:e5:ba:25:
         98:de:a4:9a:fa:72:72:54:d8:72:f5:a5:bb:c2:4f:dc:a3:b3:
         d9:a8:5b:b5:b1:bd:83:83:9d:53:ba:3f:5e:f7:0a:2d:16:87:
         fd:18:62:7c:12:f6:e4:89:58:86:34:9a:9c:9d:5f:cb:90:0d:
         95:22:ad:5c:1e:84:81:a1:71:d0:04:43:93:7a:43:14:20:0a:
         ae:df:b8:de:7b:87:3e:5a:fc:33:c5:f4:90:ca:79:b2:bd:fc:
         74:5d:f6:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyqe3dZ2TXj/3u7WvCxpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUxMTExMTIwMTE1WhcNMjUxMTEyMTIwMTE1WjAzMTEwLwYDVQQD
EyhlNGFkZWNjZGM2MTZmNjE0YzQ3MDI1ZTFkYzA5N2RhOGQ4NDg4YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPj4KIl8Np2BobRqZxyp82Nrzlwr
f3/wEIvAxWPaTYURSA3yr0I/eVuDkHWvUAs2LnFuwS+WgsnYlRfLPkhDddHSJwdI
gvQss8G27/sfYKMG6iMUOcmTw7WtRw5MHGyPSsR5/9ai/qWhaO4KEYluHhpOXBf4
Ic0l0aXfzyLUXvZctfzDtSibhtB5S54KqlT8Tttn/ypGylJSIl6moeirDi6EwS7z
Ufp6XMIT81/HjoY38gsHlZzFyBbFyfVpXxnRCK7fO2CugZrywZMRANY1i+i1TKto
oKikX9BTQ6FAtsejiBVH73yawwCZZpCo5H/SbPwRUv8UWHxtV8GM5IFyaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSt7M3GFvYUxHAl4dwJfajYSIpKMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfMoxixB1
43jhSbC1TttoGXFzb8TlOjAv9wU2qjDkzPY2wyxMY96OkWn08kLkFbHEY+qKJR95
hILPs2acgBPUwsk0O3witXuz8HqhJQDzjJSglRAze5APXXB2r0pqJI1pw+L/ApWe
aKOQ/bzW7RsFuvSuw01uqEOEqpgxynDd1HkXm7PtgqTZPGwtmciquLAiFDxzgea6
RiAucwduCbCU5bolmN6kmvpyclTYcvWlu8JP3KOz2ahbtbG9g4OdU7o/XvcKLRaH
/RhifBL25IlYhjSanJ1fy5ANlSKtXB6EgaFx0ARDk3pDFCAKrt+43nuHPlr8M8X0
kMp5sr38dF32qg==
-----END CERTIFICATE-----