Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
File:                     Nq6kWA8QexEmjJbqMYko1O11_5M.mft (raw, json)
Hash identifier:          NR1CbhYMABiU2EMH1mKSSUJpqdCc4FB/b0WU28AkfPc=
Subject key identifier:   AA:95:79:4F:8C:1D:99:3D:C6:D0:7F:29:55:6E:D4:9B:32:56:C1:75
Authority key identifier: 36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93
Certificate issuer:       /CN=36aea4580f107b11268c96ea318928d4ed75ff93
Certificate serial:       01974DB27BD4741417FFDF9700A4941E0597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
Manifest number:          0436
Signing time:             Sun 08 Jun 2025 04:00:32 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:32 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:32 +0000
Files and hashes:         1: Nq6kWA8QexEmjJbqMYko1O11_5M.crl (hash: E3CvqGXawHI/u3I882e+dghk1IfJwT71bC1GYXDpGkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 04:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:7b:d4:74:14:17:ff:df:97:00:a4:94:1e:05:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36aea4580f107b11268c96ea318928d4ed75ff93
        Validity
            Not Before: Jun  8 04:00:32 2025 GMT
            Not After : Jun  9 04:00:32 2025 GMT
        Subject: CN=aa95794f8c1d993dc6d07f29556ed49b3256c175
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d0:fc:b4:d8:d2:c6:c1:bc:53:a7:7b:49:d6:
                    73:d2:bd:5e:30:f3:2a:98:b5:3e:33:8d:7a:da:ba:
                    de:ad:04:bd:6b:e3:77:40:69:30:18:bd:57:db:fb:
                    d8:ad:fb:08:b4:31:67:a9:eb:f9:e6:a6:8c:0c:c6:
                    18:f4:44:2d:f2:de:25:00:26:71:e7:4b:26:ab:91:
                    42:a6:5c:a5:d3:14:63:df:d2:45:fd:ec:c0:44:0d:
                    53:74:b8:ba:de:33:25:10:65:9c:4d:6c:ef:49:13:
                    bf:d2:16:ca:c7:94:13:32:93:09:99:ee:72:63:4b:
                    37:9e:11:8b:6c:bd:b2:ab:15:1d:76:bc:cb:79:9e:
                    26:94:c7:f8:ae:a6:a2:02:1c:3a:ce:c0:20:51:42:
                    3a:ab:30:ee:f7:88:f1:b7:25:3b:8c:64:1c:06:cd:
                    a1:8e:7d:d8:3e:08:44:ec:17:a8:ee:91:d7:67:57:
                    a7:ec:45:67:de:66:18:ae:cd:85:e2:3d:12:65:66:
                    bf:9f:90:ce:c2:91:c3:57:e4:fd:28:82:d4:ef:f2:
                    09:f0:34:3f:fc:a7:7d:89:70:a6:79:9c:45:d4:a9:
                    c5:97:a2:ec:50:cf:1a:f2:82:fa:1f:2e:88:a2:9a:
                    3e:2b:01:4d:7a:30:71:94:c7:36:66:f5:b2:70:56:
                    00:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:95:79:4F:8C:1D:99:3D:C6:D0:7F:29:55:6E:D4:9B:32:56:C1:75
            X509v3 Authority Key Identifier:
                keyid:36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:ae:6a:2c:d4:54:b5:29:d3:1e:1c:46:1b:e8:4f:9a:df:df:
         64:36:94:7a:41:d8:e1:0e:92:52:5a:91:c4:d4:9a:4a:d6:c2:
         45:31:63:49:bd:c0:db:93:98:48:fe:ff:01:99:8f:c2:b2:14:
         55:4d:ee:d6:9c:00:6a:02:c9:d5:b4:ef:1c:32:da:ba:8d:1b:
         da:96:a4:5e:e2:d2:cc:99:c7:d2:98:6b:2d:e6:ce:7f:bb:eb:
         9b:ee:25:a3:c8:0c:2a:8b:92:c4:71:f0:9b:ee:b4:e1:f6:3a:
         a8:71:21:a8:ac:a4:4b:3a:5d:f4:8b:a5:59:dc:f7:fc:87:98:
         35:dd:84:2b:aa:b4:7a:b0:ee:7e:7b:c1:83:2a:d5:2c:11:f3:
         29:f2:d0:7d:c1:f0:ad:53:d2:60:8c:42:19:b1:89:fe:76:b8:
         78:39:0a:d1:77:15:fa:01:f8:64:ed:06:03:97:c3:92:97:c3:
         12:ea:1e:b3:3a:e3:2a:44:8c:1c:6e:c6:df:fa:31:37:56:9e:
         5e:92:37:ab:e7:0a:42:87:e6:20:7f:fe:c4:fe:20:ea:37:20:
         c8:80:4b:b1:71:37:41:9b:d2:12:3c:7b:f7:4e:94:e3:26:c5:
         57:ee:70:97:81:ed:96:ea:61:80:2e:c6:55:26:d8:c8:6a:65:
         51:4a:d7:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNsnvUdBQX/9+XAKSUHgWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YWVhNDU4MGYxMDdiMTEyNjhjOTZlYTMxODkyOGQ0ZWQ3
NWZmOTMwHhcNMjUwNjA4MDQwMDMyWhcNMjUwNjA5MDQwMDMyWjAzMTEwLwYDVQQD
EyhhYTk1Nzk0ZjhjMWQ5OTNkYzZkMDdmMjk1NTZlZDQ5YjMyNTZjMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndD8tNjSxsG8U6d7SdZz0r1eMPMq
mLU+M4162rrerQS9a+N3QGkwGL1X2/vYrfsItDFnqev55qaMDMYY9EQt8t4lACZx
50smq5FCplyl0xRj39JF/ezARA1TdLi63jMlEGWcTWzvSRO/0hbKx5QTMpMJme5y
Y0s3nhGLbL2yqxUddrzLeZ4mlMf4rqaiAhw6zsAgUUI6qzDu94jxtyU7jGQcBs2h
jn3YPghE7Beo7pHXZ1en7EVn3mYYrs2F4j0SZWa/n5DOwpHDV+T9KILU7/IJ8DQ/
/Kd9iXCmeZxF1KnFl6LsUM8a8oL6Hy6Iopo+KwFNejBxlMc2ZvWycFYAQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqVeU+MHZk9xtB/KVVu1JsyVsF1MB8GA1UdIwQY
MBaAFDaupFgPEHsRJoyW6jGJKNTtdf+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYt
ZjI4ZDk3MmM4ODA4LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYtZjI4ZDk3MmM4ODA4
LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe65qLNRU
tSnTHhxGG+hPmt/fZDaUekHY4Q6SUlqRxNSaStbCRTFjSb3A25OYSP7/AZmPwrIU
VU3u1pwAagLJ1bTvHDLauo0b2pakXuLSzJnH0phrLebOf7vrm+4lo8gMKouSxHHw
m+604fY6qHEhqKykSzpd9IulWdz3/IeYNd2EK6q0erDufnvBgyrVLBHzKfLQfcHw
rVPSYIxCGbGJ/na4eDkK0XcV+gH4ZO0GA5fDkpfDEuoeszrjKkSMHG7G3/oxN1ae
XpI3q+cKQofmIH/+xP4g6jcgyIBLsXE3QZvSEjx7906U4ybFV+5wl4HtluphgC7G
VSbYyGplUUrXmg==
-----END CERTIFICATE-----