Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          sChYCG8QM2ONURo5w0lA9qFrGpvbCyHAoNILU6wNaGA=
Subject key identifier:   1C:01:3D:46:57:2D:0D:0D:61:A5:C4:B3:53:DD:F9:B8:AC:92:AA:A6
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019921B049402F06A8AB71AC1B35EC9A5719
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0E7F
Signing time:             Sun 07 Sep 2025 01:00:24 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:24 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:24 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: 5/RtmEHgZmr/99X9X1RyBq0tvy+QKVdlhn/uB50X07M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:49:40:2f:06:a8:ab:71:ac:1b:35:ec:9a:57:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Sep  7 01:00:24 2025 GMT
            Not After : Sep  8 01:00:24 2025 GMT
        Subject: CN=1c013d46572d0d0d61a5c4b353ddf9b8ac92aaa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:85:1b:03:df:7b:e7:cb:02:fa:c1:99:9c:0a:
                    37:4b:95:14:bd:62:ac:f1:54:52:80:1b:7c:4c:3d:
                    a0:84:19:59:db:61:71:f8:be:96:e1:f1:ab:03:db:
                    ca:a9:4c:7c:1c:bd:98:2e:f8:39:fa:de:11:36:ab:
                    92:84:32:b7:fd:50:66:d8:c3:6c:83:ec:d5:c0:c1:
                    76:6f:16:d4:8a:7a:2e:57:8f:25:e9:d5:87:a3:fe:
                    5d:6e:5d:9b:5b:5b:b7:5c:cc:81:b1:04:a7:c4:3f:
                    75:9b:b2:bc:89:a3:06:b8:2d:0a:dc:39:55:78:85:
                    b7:84:9c:3b:31:9b:04:da:bd:c9:6f:6f:1a:54:17:
                    fb:05:c9:1a:1a:9f:5d:e0:89:3b:cd:f0:99:f7:78:
                    7c:20:a8:0d:6a:06:34:39:34:a4:37:c2:36:12:87:
                    9b:bf:fa:05:33:0e:e1:42:b1:71:39:6e:01:99:1c:
                    e2:ed:f4:16:48:74:11:e6:57:1b:81:73:42:36:c7:
                    38:b3:22:b5:db:bf:c1:ce:d5:65:46:8d:09:99:7b:
                    6d:33:c9:8c:8c:9c:79:2b:5a:df:d1:fb:6b:77:16:
                    8e:6c:07:62:79:7b:2d:61:23:af:d7:31:3c:1b:6e:
                    56:fb:9a:70:c5:0a:68:71:f5:db:af:97:c5:9c:40:
                    78:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:01:3D:46:57:2D:0D:0D:61:A5:C4:B3:53:DD:F9:B8:AC:92:AA:A6
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:ea:f3:73:34:78:a1:cd:91:a1:71:3f:24:96:aa:f6:37:fa:
         ae:3d:8b:46:af:86:eb:b0:b0:ca:25:47:35:9e:3c:68:88:8f:
         09:37:48:e0:e0:21:33:75:fc:f6:5e:df:77:9a:60:6f:cb:01:
         6b:a0:22:ff:a0:01:c3:33:75:94:53:62:e2:78:c3:2f:5b:8f:
         ea:bf:97:ed:36:ad:d9:24:b0:70:6f:29:43:a8:f5:a8:8b:7c:
         ed:96:b8:df:fc:8f:17:64:c9:e0:81:c6:a6:13:2a:8a:38:d7:
         f9:05:37:cb:32:ce:34:81:2e:97:9b:1b:2c:ce:62:f1:85:35:
         41:5c:50:86:17:c0:63:1a:09:75:1f:ca:72:c5:9d:4c:db:af:
         6a:8e:25:83:57:f7:60:6a:14:b2:ff:05:1b:4d:01:a1:04:ae:
         c2:36:53:98:6c:ca:0b:81:d7:1f:b0:67:4b:46:e8:d3:40:6e:
         c8:59:a8:51:db:d4:9d:e4:0d:15:c2:20:79:b5:bd:b4:3d:01:
         86:09:2d:9c:e7:ca:eb:a5:74:9d:a2:ec:f8:6c:dc:b0:ce:ad:
         f1:96:24:8d:45:bc:ce:87:f3:06:d7:ac:db:1b:9a:22:02:8e:
         52:b4:bf:c1:2d:e0:42:8a:49:bd:64:a8:df:30:78:51:ea:53:
         dd:55:bb:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsElALwaoq3GsGzXsmlcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUwOTA3MDEwMDI0WhcNMjUwOTA4MDEwMDI0WjAzMTEwLwYDVQQD
EygxYzAxM2Q0NjU3MmQwZDBkNjFhNWM0YjM1M2RkZjliOGFjOTJhYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4UbA99758sC+sGZnAo3S5UUvWKs
8VRSgBt8TD2ghBlZ22Fx+L6W4fGrA9vKqUx8HL2YLvg5+t4RNquShDK3/VBm2MNs
g+zVwMF2bxbUinouV48l6dWHo/5dbl2bW1u3XMyBsQSnxD91m7K8iaMGuC0K3DlV
eIW3hJw7MZsE2r3Jb28aVBf7BckaGp9d4Ik7zfCZ93h8IKgNagY0OTSkN8I2Eoeb
v/oFMw7hQrFxOW4BmRzi7fQWSHQR5lcbgXNCNsc4syK127/BztVlRo0JmXttM8mM
jJx5K1rf0ftrdxaObAdieXstYSOv1zE8G25W+5pwxQpocfXbr5fFnEB4lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwBPUZXLQ0NYaXEs1Pd+biskqqmMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJerzczR4
oc2RoXE/JJaq9jf6rj2LRq+G67CwyiVHNZ48aIiPCTdI4OAhM3X89l7fd5pgb8sB
a6Ai/6ABwzN1lFNi4njDL1uP6r+X7Tat2SSwcG8pQ6j1qIt87Za43/yPF2TJ4IHG
phMqijjX+QU3yzLONIEul5sbLM5i8YU1QVxQhhfAYxoJdR/KcsWdTNuvao4lg1f3
YGoUsv8FG00BoQSuwjZTmGzKC4HXH7BnS0bo00BuyFmoUdvUneQNFcIgebW9tD0B
hgktnOfK66V0naLs+GzcsM6t8ZYkjUW8zofzBtes2xuaIgKOUrS/wS3gQopJvWSo
3zB4UepT3VW7Mw==
-----END CERTIFICATE-----