Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
File:                     nvnDHh7MuhkCs_YiWT3pcspxi1w.mft (raw, json)
Hash identifier:          lFx/J+obW3IMoEaEhB9DbqDFuZXPx4p4Lold8eOuWN0=
Subject key identifier:   44:C2:0A:2D:F7:C4:2B:D1:50:68:9F:EC:99:57:B4:09:23:AE:46:50
Authority key identifier: 9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C
Certificate issuer:       /CN=9ef9c31e1eccba1902b3f622593de972ca718b5c
Certificate serial:       019A7293B8CA64382F4460E40A554245FF7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
Manifest number:          0E77
Signing time:             Tue 11 Nov 2025 11:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:14 +0000
Files and hashes:         1: nvnDHh7MuhkCs_YiWT3pcspxi1w.crl (hash: 8Rjyrz6ro/1kXHOAhCd6i6xVlag5K1faVohfj+a5iYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:b8:ca:64:38:2f:44:60:e4:0a:55:42:45:ff:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ef9c31e1eccba1902b3f622593de972ca718b5c
        Validity
            Not Before: Nov 11 11:01:14 2025 GMT
            Not After : Nov 12 11:01:14 2025 GMT
        Subject: CN=44c20a2df7c42bd150689fec9957b40923ae4650
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:dd:b9:4c:f7:ce:19:61:ab:cd:74:70:af:ed:
                    fd:8a:57:57:14:8b:20:b4:cd:a7:d7:dd:b9:1c:3e:
                    98:15:a4:a9:3e:70:56:25:e1:fc:df:a1:08:51:77:
                    0b:89:5d:16:9a:8e:c1:3a:a5:71:3e:a4:3f:2a:38:
                    01:67:5b:66:8e:19:98:37:63:fc:e5:18:30:67:94:
                    11:63:2b:2a:b1:dd:4a:0e:f2:e8:c9:3b:9a:ae:21:
                    31:80:b6:a9:7c:d2:ec:5f:09:18:06:50:e5:f9:ec:
                    93:14:e9:38:67:ab:51:ff:a7:c2:42:20:b9:02:2f:
                    4f:53:9d:9a:5a:e1:83:b2:61:8e:76:6c:e1:40:50:
                    6a:78:74:a8:35:d5:37:e4:fa:ac:b4:65:18:65:14:
                    26:1c:31:29:97:5b:1f:fc:b7:d1:3d:37:dc:37:f0:
                    86:4f:08:4b:b3:54:75:89:50:6f:e7:b6:63:75:f0:
                    11:69:c0:4a:4c:59:5e:a8:19:09:76:c3:e3:ef:e0:
                    8d:fd:e5:da:a7:35:72:35:39:69:bd:4a:97:a9:9d:
                    52:dd:1d:74:da:cd:a9:f1:ba:1f:d3:77:08:1a:9f:
                    63:5a:e3:49:f9:7c:50:d3:a9:cd:82:97:07:25:bc:
                    65:e4:96:57:7d:10:1d:c6:bd:e1:fe:14:6c:4b:bc:
                    dd:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:C2:0A:2D:F7:C4:2B:D1:50:68:9F:EC:99:57:B4:09:23:AE:46:50
            X509v3 Authority Key Identifier:
                keyid:9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:fb:2a:bf:a1:c0:f2:80:f9:0d:9d:c4:13:7a:41:27:b6:4c:
         62:51:71:a8:ce:58:ce:bf:f5:59:13:b5:35:23:d0:ad:b6:fa:
         d5:b5:94:15:12:41:a2:ce:ef:79:0a:d1:af:66:09:fd:9c:70:
         f1:7a:ef:6f:61:f9:a7:27:14:e1:f2:2e:f5:23:95:d5:78:70:
         25:71:de:df:fb:21:8d:21:2d:54:ef:6c:07:19:32:61:b9:92:
         5c:0d:d6:6c:af:aa:60:07:2c:e2:7e:f4:c1:ed:5c:80:60:9f:
         89:2c:86:a6:44:7c:7b:f8:c1:26:63:be:71:8f:55:6e:8d:cc:
         f2:a8:48:de:fd:8c:5b:98:91:72:8d:c6:9e:33:b6:dd:e5:76:
         e3:c4:9a:c5:fc:dd:86:34:91:87:55:c9:e8:56:c8:b8:67:a7:
         68:be:f4:e5:b8:c5:fb:3d:9c:35:53:1c:84:87:da:12:76:36:
         37:81:68:af:c0:05:c0:86:ef:c6:2b:ee:ce:93:96:f0:16:02:
         11:9d:a9:8a:12:62:bc:02:2a:f3:9f:ab:40:1d:e2:84:33:ae:
         46:69:56:c1:4e:cf:d4:aa:fe:a3:8f:ac:88:47:69:e1:46:f5:
         7a:b1:f5:f4:6d:8f:1b:df:89:b3:99:65:89:e9:1b:f3:f1:96:
         ab:f3:32:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7jKZDgvRGDkClVCRf9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZjljMzFlMWVjY2JhMTkwMmIzZjYyMjU5M2RlOTcyY2E3
MThiNWMwHhcNMjUxMTExMTEwMTE0WhcNMjUxMTEyMTEwMTE0WjAzMTEwLwYDVQQD
Eyg0NGMyMGEyZGY3YzQyYmQxNTA2ODlmZWM5OTU3YjQwOTIzYWU0NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt25TPfOGWGrzXRwr+39ildXFIsg
tM2n1925HD6YFaSpPnBWJeH836EIUXcLiV0Wmo7BOqVxPqQ/KjgBZ1tmjhmYN2P8
5RgwZ5QRYysqsd1KDvLoyTuariExgLapfNLsXwkYBlDl+eyTFOk4Z6tR/6fCQiC5
Ai9PU52aWuGDsmGOdmzhQFBqeHSoNdU35PqstGUYZRQmHDEpl1sf/LfRPTfcN/CG
TwhLs1R1iVBv57ZjdfARacBKTFleqBkJdsPj7+CN/eXapzVyNTlpvUqXqZ1S3R10
2s2p8bof03cIGp9jWuNJ+XxQ06nNgpcHJbxl5JZXfRAdxr3h/hRsS7zdYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETCCi33xCvRUGif7JlXtAkjrkZQMB8GA1UdIwQY
MBaAFJ75wx4ezLoZArP2Ilk96XLKcYtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzIt
OTcyYzBmYWU2N2I4LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzItOTcyYzBmYWU2N2I4
LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfPsqv6HA
8oD5DZ3EE3pBJ7ZMYlFxqM5Yzr/1WRO1NSPQrbb61bWUFRJBos7veQrRr2YJ/Zxw
8Xrvb2H5pycU4fIu9SOV1XhwJXHe3/shjSEtVO9sBxkyYbmSXA3WbK+qYAcs4n70
we1cgGCfiSyGpkR8e/jBJmO+cY9Vbo3M8qhI3v2MW5iRco3GnjO23eV248Saxfzd
hjSRh1XJ6FbIuGenaL705bjF+z2cNVMchIfaEnY2N4For8AFwIbvxivuzpOW8BYC
EZ2pihJivAIq85+rQB3ihDOuRmlWwU7P1Kr+o4+siEdp4Ub1erH19G2PG9+Js5ll
iekb8/GWq/Mypg==
-----END CERTIFICATE-----