Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File:                     nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier:          rTYWD5Pxai0pmtgVMl4stCGCzbjhsmqTUBytUBPtow8=
Subject key identifier:   CD:4C:F6:F5:E4:76:64:8D:25:97:A1:0C:A3:46:0D:96:BE:60:6E:29
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer:       /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial:       01975BDBF21B6F515F872084716A4BC00178
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number:          07FE
Signing time:             Tue 10 Jun 2025 22:00:30 +0000
Manifest this update:     Tue 10 Jun 2025 22:00:30 +0000
Manifest next update:     Wed 11 Jun 2025 22:00:30 +0000
Files and hashes:         1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=)
                          2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: J95FLr+ZxTPg4jnKjVNmWSIduR2Hm8wgHnuKQZztXRY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:db:f2:1b:6f:51:5f:87:20:84:71:6a:4b:c0:01:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
        Validity
            Not Before: Jun 10 22:00:30 2025 GMT
            Not After : Jun 11 22:00:30 2025 GMT
        Subject: CN=cd4cf6f5e476648d2597a10ca3460d96be606e29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ec:c9:19:bd:75:ef:16:2c:9b:1b:7a:1f:85:
                    42:91:e8:db:29:a9:51:c7:4d:2f:b4:a5:dd:0b:b5:
                    e1:8b:26:64:b6:4b:c6:47:ca:40:90:fe:76:f3:d2:
                    8b:0b:4d:69:a9:b0:bb:c3:6a:4e:14:4a:ba:e2:a2:
                    eb:47:eb:f6:44:6d:8c:e1:1d:c3:45:5d:23:1b:97:
                    74:3f:4e:ce:b7:03:80:e3:56:98:21:65:d9:c2:0a:
                    d6:97:08:f5:42:38:64:81:3b:a7:d9:b1:97:16:62:
                    fe:a6:45:7b:d3:8e:02:02:07:0c:10:da:28:35:e5:
                    64:2a:a4:6d:03:7f:b5:62:83:12:c9:38:6f:b8:d0:
                    dc:dc:4f:ad:08:e3:d8:6c:29:b6:25:f0:fc:ea:56:
                    99:42:03:2a:96:b9:4b:20:0c:c2:f9:2c:4f:86:10:
                    5d:01:78:e6:0a:c6:23:e2:dc:80:89:16:11:3f:c6:
                    2c:ef:ef:fd:d7:df:12:a5:33:68:6f:d8:49:7a:bd:
                    e5:64:85:5d:ee:6c:e9:67:8d:a7:65:19:55:bf:7b:
                    4c:2b:b4:fd:bf:9a:ea:f6:d0:ef:fb:12:24:6e:e9:
                    e3:33:2e:00:3d:1d:81:c7:c3:ad:fd:f3:4e:76:12:
                    4e:4e:78:16:d3:46:99:53:ba:94:67:89:35:60:8e:
                    00:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:4C:F6:F5:E4:76:64:8D:25:97:A1:0C:A3:46:0D:96:BE:60:6E:29
            X509v3 Authority Key Identifier:
                keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:00:bb:9d:ce:08:a9:8d:4d:81:02:91:6f:e8:9a:85:4a:7e:
         85:51:09:49:40:12:18:ac:5b:f2:a2:08:68:d2:7d:01:b9:82:
         ad:bf:97:85:5f:3f:3b:95:f3:55:a9:8c:24:71:b3:2c:70:28:
         aa:0a:24:de:01:c2:fd:7f:59:eb:b7:8f:11:f6:03:82:26:53:
         46:7b:ca:be:01:0b:e1:92:64:b4:b4:74:46:1d:fc:85:df:60:
         0e:75:98:fb:6e:62:a2:cc:cb:39:ed:82:54:bb:82:24:b9:e0:
         db:3d:70:88:e1:78:3d:6b:b6:87:46:b7:64:87:80:53:84:db:
         b0:1b:75:3f:67:0e:69:cc:55:3d:b1:d3:ad:50:81:d0:53:a6:
         44:af:44:48:97:c7:20:7c:d2:cb:93:aa:04:e4:e4:aa:01:fe:
         8e:eb:9d:32:75:cd:04:27:50:b7:02:1e:45:db:31:50:95:b3:
         75:c8:74:a2:1b:45:31:4f:91:1f:98:9c:35:a6:0a:f0:ea:b2:
         da:3f:15:f7:34:a6:eb:12:dc:dd:3a:4a:96:45:c7:88:30:f8:
         6f:50:b7:c5:7e:fc:f4:f1:22:5a:9b:a9:94:28:89:a6:3e:e5:
         4e:ba:de:cc:13:19:22:0d:df:bf:da:42:e8:30:b7:e8:c6:30:
         f8:6e:7c:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdb2/Ibb1FfhyCEcWpLwAF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjUwNjEwMjIwMDMwWhcNMjUwNjExMjIwMDMwWjAzMTEwLwYDVQQD
EyhjZDRjZjZmNWU0NzY2NDhkMjU5N2ExMGNhMzQ2MGQ5NmJlNjA2ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvezJGb117xYsmxt6H4VCkejbKalR
x00vtKXdC7XhiyZktkvGR8pAkP5289KLC01pqbC7w2pOFEq64qLrR+v2RG2M4R3D
RV0jG5d0P07OtwOA41aYIWXZwgrWlwj1QjhkgTun2bGXFmL+pkV7044CAgcMENoo
NeVkKqRtA3+1YoMSyThvuNDc3E+tCOPYbCm2JfD86laZQgMqlrlLIAzC+SxPhhBd
AXjmCsYj4tyAiRYRP8Ys7+/9198SpTNob9hJer3lZIVd7mzpZ42nZRlVv3tMK7T9
v5rq9tDv+xIkbunjMy4APR2Bx8Ot/fNOdhJOTngW00aZU7qUZ4k1YI4AmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1M9vXkdmSNJZehDKNGDZa+YG4pMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANwC7nc4I
qY1NgQKRb+iahUp+hVEJSUASGKxb8qIIaNJ9AbmCrb+XhV8/O5XzVamMJHGzLHAo
qgok3gHC/X9Z67ePEfYDgiZTRnvKvgEL4ZJktLR0Rh38hd9gDnWY+25ioszLOe2C
VLuCJLng2z1wiOF4PWu2h0a3ZIeAU4TbsBt1P2cOacxVPbHTrVCB0FOmRK9ESJfH
IHzSy5OqBOTkqgH+juudMnXNBCdQtwIeRdsxUJWzdch0ohtFMU+RH5icNaYK8Oqy
2j8V9zSm6xLc3TpKlkXHiDD4b1C3xX789PEiWpuplCiJpj7lTrrezBMZIg3fv9pC
6DC36MYw+G58Zw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:44:31 2025 by rpki-client