Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
File:                     nSBC44DWR2UTrMCPtU-8xzYm7D0.mft (raw, json)
Hash identifier:          Ag3VMEUXSYZBdR3270+4G2QMxfSCNR5zcNlQPEOoLqQ=
Subject key identifier:   7D:3F:D8:31:D3:38:97:0E:06:67:2E:81:89:CE:F1:62:83:83:7D:EE
Authority key identifier: 9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D
Certificate issuer:       /CN=9d2042e380d6476513acc08fb54fbcc73626ec3d
Certificate serial:       019A71132B482C243D997CDD67060578AF7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
Manifest number:          024D
Signing time:             Tue 11 Nov 2025 04:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:12 +0000
Files and hashes:         1: nSBC44DWR2UTrMCPtU-8xzYm7D0.crl (hash: 0FgOeKlk0ZXGU15KuGU4yTAC4Vqfo54P4r6m4wkKOGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:2b:48:2c:24:3d:99:7c:dd:67:06:05:78:af:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2042e380d6476513acc08fb54fbcc73626ec3d
        Validity
            Not Before: Nov 11 04:01:12 2025 GMT
            Not After : Nov 12 04:01:12 2025 GMT
        Subject: CN=7d3fd831d338970e06672e8189cef16283837dee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:63:ec:17:e0:d2:25:63:28:f1:eb:87:81:de:
                    26:4e:fb:fa:6b:21:9e:31:5c:9e:2f:03:a4:42:83:
                    88:f4:bd:c7:4c:c1:c2:6a:1c:31:8a:dd:47:8d:46:
                    29:31:47:32:db:82:33:4d:a0:1f:52:b0:de:df:69:
                    a0:dc:83:00:23:50:9a:bf:77:bd:31:d5:1a:a9:8f:
                    ae:5b:72:c8:f9:24:5c:b2:97:d1:53:28:ce:1f:8a:
                    1b:1c:50:0a:38:cf:6b:ba:32:78:5d:d6:65:60:02:
                    61:b8:49:d8:ca:07:c8:95:89:7c:22:f0:8b:72:c0:
                    bc:18:07:3e:1d:b2:9c:79:f5:61:7b:5e:ed:30:49:
                    76:1a:01:2b:60:e7:47:9c:18:92:9d:02:17:1a:ad:
                    93:08:17:fc:4d:0b:72:f5:69:28:0e:1b:5b:76:eb:
                    e7:45:26:e2:81:1d:87:0a:88:e4:4a:dd:d3:c8:bb:
                    57:1a:66:89:c2:cb:c8:0b:64:23:33:45:d0:0b:3e:
                    ff:a5:0c:5b:7b:e1:52:db:c2:d7:ac:81:04:08:f5:
                    60:f3:c1:c7:d1:48:a4:11:ee:7b:e6:85:cb:b7:c5:
                    ab:02:68:41:13:24:d6:e5:e1:39:d2:c4:c9:ea:a2:
                    2e:82:3b:11:ca:10:4d:ca:49:55:00:1f:dc:97:7d:
                    e0:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:3F:D8:31:D3:38:97:0E:06:67:2E:81:89:CE:F1:62:83:83:7D:EE
            X509v3 Authority Key Identifier:
                keyid:9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:8a:d3:01:c1:9e:03:3e:81:50:f3:a0:12:f1:0a:0f:24:c7:
         42:e3:f3:e2:fc:e6:5d:45:d2:7b:35:7c:d6:6a:54:7c:d2:a5:
         0a:5f:cf:a5:43:7c:67:0f:39:e3:5f:0b:b4:0e:5b:0d:31:e0:
         de:e8:75:e3:38:e1:a0:8f:94:09:72:dd:ab:08:9a:a2:23:8f:
         22:eb:63:9d:9f:61:8f:32:41:2c:1a:cb:87:e6:4f:43:37:b2:
         9a:19:02:69:cb:87:7b:9b:4e:42:34:6f:69:77:b1:ce:18:86:
         22:00:62:81:77:92:68:ed:71:5a:10:41:dd:c3:e6:3b:32:45:
         7f:46:19:c9:de:97:83:18:5a:95:fd:83:a4:69:ec:8e:94:65:
         71:5a:ce:52:75:69:ce:1d:23:d6:5d:23:ba:a7:11:7c:38:8f:
         6d:86:8c:45:87:b8:75:7b:b2:ef:aa:88:4b:d9:00:fc:ec:ef:
         ef:0b:f2:33:0c:84:28:31:b6:86:56:82:97:6c:e8:05:cc:5d:
         3a:77:f5:f1:0c:97:03:97:2e:5c:aa:77:25:fd:5c:ea:5a:86:
         37:2b:b5:99:c7:1b:8a:dd:94:48:29:dd:a7:f6:fb:f0:40:15:
         6c:bf:ad:bf:f4:77:68:92:27:10:4a:de:94:c0:30:61:50:d9:
         e2:8e:21:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEytILCQ9mXzdZwYFeK98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjA0MmUzODBkNjQ3NjUxM2FjYzA4ZmI1NGZiY2M3MzYy
NmVjM2QwHhcNMjUxMTExMDQwMTEyWhcNMjUxMTEyMDQwMTEyWjAzMTEwLwYDVQQD
Eyg3ZDNmZDgzMWQzMzg5NzBlMDY2NzJlODE4OWNlZjE2MjgzODM3ZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmPsF+DSJWMo8euHgd4mTvv6ayGe
MVyeLwOkQoOI9L3HTMHCahwxit1HjUYpMUcy24IzTaAfUrDe32mg3IMAI1Cav3e9
MdUaqY+uW3LI+SRcspfRUyjOH4obHFAKOM9rujJ4XdZlYAJhuEnYygfIlYl8IvCL
csC8GAc+HbKcefVhe17tMEl2GgErYOdHnBiSnQIXGq2TCBf8TQty9WkoDhtbduvn
RSbigR2HCojkSt3TyLtXGmaJwsvIC2QjM0XQCz7/pQxbe+FS28LXrIEECPVg88HH
0UikEe575oXLt8WrAmhBEyTW5eE50sTJ6qIugjsRyhBNyklVAB/cl33gwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0/2DHTOJcOBmcugYnO8WKDg33uMB8GA1UdIwQY
MBaAFJ0gQuOA1kdlE6zAj7VPvMc2Juw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDct
ZGVkMzg2MmI3NjMxLzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDctZGVkMzg2MmI3NjMx
LzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALIrTAcGe
Az6BUPOgEvEKDyTHQuPz4vzmXUXSezV81mpUfNKlCl/PpUN8Zw85418LtA5bDTHg
3uh14zjhoI+UCXLdqwiaoiOPIutjnZ9hjzJBLBrLh+ZPQzeymhkCacuHe5tOQjRv
aXexzhiGIgBigXeSaO1xWhBB3cPmOzJFf0YZyd6Xgxhalf2DpGnsjpRlcVrOUnVp
zh0j1l0juqcRfDiPbYaMRYe4dXuy76qIS9kA/Ozv7wvyMwyEKDG2hlaCl2zoBcxd
Onf18QyXA5cuXKp3Jf1c6lqGNyu1mccbit2USCndp/b78EAVbL+tv/R3aJInEEre
lMAwYVDZ4o4hPA==
-----END CERTIFICATE-----