Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          Znf/cMpi/JUfBmDkWfIjfL+Vo+GYRiQsWitVtqgqIxs=
Subject key identifier:   0F:AA:52:18:76:B2:57:B2:EB:54:E3:3D:DB:D4:A0:89:C7:26:F7:CC
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       0199228C69B6472776F1F8E980035C4DF216
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          13E8
Signing time:             Sun 07 Sep 2025 05:00:51 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:51 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:51 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: zeoSHJQzw82JLauGyx3r24DTOdTZc9EToiAgeZkB7SY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:69:b6:47:27:76:f1:f8:e9:80:03:5c:4d:f2:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Sep  7 05:00:51 2025 GMT
            Not After : Sep  8 05:00:51 2025 GMT
        Subject: CN=0faa521876b257b2eb54e33ddbd4a089c726f7cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9e:5c:7e:0e:98:d6:69:f5:bf:f6:51:80:44:
                    78:95:14:97:ec:11:26:07:25:fe:bd:4c:c3:e3:fb:
                    47:e2:af:1a:38:4b:7f:c5:e0:44:c7:e2:e6:fc:63:
                    f2:51:c2:5f:d8:bf:ba:ab:16:bd:a3:9c:a8:f3:55:
                    37:42:dc:ba:32:49:24:57:11:fb:6e:7d:bd:cf:56:
                    ba:70:31:8f:2e:0a:06:56:25:b6:c7:25:1d:be:84:
                    8c:ca:67:e8:6a:98:0a:09:4e:0e:06:3c:71:5b:28:
                    45:91:24:cb:ad:ed:c7:aa:88:de:2f:41:ef:6f:3a:
                    95:45:1d:cf:53:01:45:d4:93:5e:cc:12:dc:b5:a5:
                    ac:6e:d9:2f:84:03:57:f5:68:9c:a5:77:85:29:21:
                    1e:1f:02:8e:73:dc:3a:1a:ec:20:cd:53:bf:8b:fe:
                    2a:02:e0:21:ba:60:1f:29:96:2a:73:6c:cc:0d:49:
                    6f:ad:76:9b:e7:ce:64:bc:d3:49:7f:2e:56:6f:74:
                    a8:e7:86:42:64:1a:ce:59:a2:f3:17:37:21:2d:c7:
                    1e:12:da:bf:c9:3a:f9:89:c0:61:26:38:dd:e9:9c:
                    47:cd:22:fc:f2:69:a4:77:9c:b4:78:83:57:06:a2:
                    bc:73:f2:c7:d0:4d:75:ff:f3:b0:28:01:18:7b:76:
                    04:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:AA:52:18:76:B2:57:B2:EB:54:E3:3D:DB:D4:A0:89:C7:26:F7:CC
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d4:3f:aa:50:a5:6e:02:1f:c1:d5:7e:3c:62:d2:16:3c:1e:68:
         0a:c9:ac:20:44:35:a0:f6:c2:1c:c4:56:59:be:2a:82:bb:8d:
         dc:b8:32:62:aa:3d:f1:a9:5f:dc:28:20:f1:e7:2a:92:d4:b5:
         31:1e:7e:60:a4:81:27:0a:78:d7:70:1c:7f:76:f7:ef:fc:05:
         df:19:75:79:b8:f1:44:06:a9:db:b8:52:69:51:c0:08:ce:e1:
         b6:a8:7e:79:2f:2e:40:92:f2:45:2c:5f:f5:c7:13:11:63:04:
         09:e1:e6:be:6d:15:b9:2e:2b:4c:97:36:01:49:1c:74:87:18:
         b4:5a:6c:b0:fa:17:81:5f:87:44:ec:6b:da:dc:11:04:62:7b:
         c3:56:1f:1e:90:71:36:e5:c7:80:91:76:2c:f2:a6:20:f2:05:
         df:22:35:c2:fe:63:a8:d7:ca:54:a6:61:17:ba:b2:b2:6b:85:
         82:c4:97:aa:aa:80:f9:44:33:6d:3b:78:6c:d2:a3:d3:50:47:
         39:ff:37:8c:52:c8:3e:be:2f:a0:f8:ad:e1:4d:0e:f0:fb:13:
         67:58:3f:2c:da:94:eb:35:55:c3:fd:2a:ed:00:6c:39:58:1f:
         7e:93:a0:fa:f1:58:3e:e4:de:d4:f0:0b:16:ae:cc:c7:f8:98:
         27:63:cc:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijGm2Ryd28fjpgANcTfIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjUwOTA3MDUwMDUxWhcNMjUwOTA4MDUwMDUxWjAzMTEwLwYDVQQD
EygwZmFhNTIxODc2YjI1N2IyZWI1NGUzM2RkYmQ0YTA4OWM3MjZmN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ5cfg6Y1mn1v/ZRgER4lRSX7BEm
ByX+vUzD4/tH4q8aOEt/xeBEx+Lm/GPyUcJf2L+6qxa9o5yo81U3Qty6MkkkVxH7
bn29z1a6cDGPLgoGViW2xyUdvoSMymfoapgKCU4OBjxxWyhFkSTLre3HqojeL0Hv
bzqVRR3PUwFF1JNezBLctaWsbtkvhANX9WicpXeFKSEeHwKOc9w6GuwgzVO/i/4q
AuAhumAfKZYqc2zMDUlvrXab585kvNNJfy5Wb3So54ZCZBrOWaLzFzchLcceEtq/
yTr5icBhJjjd6ZxHzSL88mmkd5y0eINXBqK8c/LH0E11//OwKAEYe3YEcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+qUhh2sley61TjPdvUoInHJvfMMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1D+qUKVu
Ah/B1X48YtIWPB5oCsmsIEQ1oPbCHMRWWb4qgruN3LgyYqo98alf3Cgg8ecqktS1
MR5+YKSBJwp413Acf3b37/wF3xl1ebjxRAap27hSaVHACM7htqh+eS8uQJLyRSxf
9ccTEWMECeHmvm0VuS4rTJc2AUkcdIcYtFpssPoXgV+HROxr2twRBGJ7w1YfHpBx
NuXHgJF2LPKmIPIF3yI1wv5jqNfKVKZhF7qysmuFgsSXqqqA+UQzbTt4bNKj01BH
Of83jFLIPr4voPit4U0O8PsTZ1g/LNqU6zVVw/0q7QBsOVgffpOg+vFYPuTe1PAL
Fq7Mx/iYJ2PMYA==
-----END CERTIFICATE-----