Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          qxE/wRD7pKhh/4QgCAS8R2f2koZnDn3KGjftyQ21QQE=
Subject key identifier:   6F:DD:67:AB:19:21:B6:D5:BA:BF:AE:20:ED:B1:A3:66:DA:EC:E3:D2
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       01974A7B7055C9B9142C22EB11A3B1651083
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 13:01:32 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:32 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:32 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: e5qUjQ28HGgZLGq3dKlB9Ei1VuMcZg826GzleM7RhKk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:70:55:c9:b9:14:2c:22:eb:11:a3:b1:65:10:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Jun  7 13:01:32 2025 GMT
            Not After : Jun  8 13:01:32 2025 GMT
        Subject: CN=6fdd67ab1921b6d5babfae20edb1a366daece3d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:2e:e7:fd:e7:d6:8e:64:fe:49:96:83:5e:44:
                    be:5a:60:20:13:b8:b6:b9:33:1a:ac:04:a4:ec:20:
                    a5:3e:6e:ea:a0:e5:7a:38:1d:3c:b0:d9:51:df:f7:
                    08:fa:1f:53:6d:80:16:25:03:84:4c:6c:7f:9d:5b:
                    4b:ec:88:3d:6d:bb:76:62:85:9e:b5:c0:68:2f:29:
                    c7:74:ae:5f:8e:73:95:cc:cb:4e:b4:b0:3f:4b:91:
                    17:21:58:93:6e:21:1d:ac:2b:d6:80:c3:72:00:a2:
                    2b:bd:46:51:e8:cc:31:cb:f3:a3:3b:29:1f:39:0d:
                    75:3f:cc:09:f8:c6:eb:1e:88:61:ec:8a:52:dd:7a:
                    37:39:08:c8:12:f4:c8:2d:21:d8:e6:1c:6b:3b:92:
                    be:16:ea:83:ec:cb:58:6c:a8:1c:72:ec:76:2f:9f:
                    9c:b2:c6:85:1f:7f:fe:77:47:aa:a1:c3:a0:d0:a7:
                    a8:a2:b7:83:9c:85:6d:d8:0e:42:48:af:8c:5a:58:
                    12:81:3c:c5:3f:a7:44:f7:60:0e:01:ae:7e:6c:20:
                    d5:be:46:48:0d:fe:4a:f5:53:5e:bc:cd:9f:0e:c5:
                    14:15:10:32:25:95:8d:38:b0:b3:d9:30:88:fd:52:
                    91:2e:ea:04:e4:51:a4:7d:3d:c5:35:7b:11:3a:85:
                    d0:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:DD:67:AB:19:21:B6:D5:BA:BF:AE:20:ED:B1:A3:66:DA:EC:E3:D2
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:4a:a9:79:21:cd:71:89:b9:32:e6:6a:40:83:ca:ed:bb:a0:
         7d:c8:8d:61:5b:6a:fd:84:09:ad:22:c4:51:51:5d:3b:b3:fd:
         5d:a6:37:7a:23:d6:14:f8:b6:5a:94:46:a5:5e:ee:43:c5:e5:
         9f:8c:8b:68:6e:fe:10:c8:11:ae:f0:91:03:51:58:1b:8b:1d:
         65:14:4b:ba:bc:f5:fd:22:45:f7:4c:bf:9e:ac:72:0b:47:07:
         4c:a7:22:31:af:26:74:4f:a5:86:4e:64:72:aa:f7:7b:2b:d4:
         38:9e:7c:59:ec:3a:77:db:96:ff:03:8f:8e:78:28:ff:46:ec:
         88:4c:15:3e:20:ca:c2:86:57:59:43:cc:b0:8a:e4:46:df:3a:
         8a:a6:16:87:02:c1:3e:0d:1f:6c:1d:87:0f:5e:0e:e2:cc:b7:
         67:4a:29:dd:a2:36:5b:08:90:1e:3d:66:1f:68:14:60:54:ed:
         53:40:54:82:18:e8:60:92:b8:9d:ca:c2:07:83:44:5c:5d:23:
         6c:93:f7:f9:ac:ac:1d:6e:27:fc:6e:12:bc:51:9c:86:bb:15:
         3b:93:1f:ed:9d:d1:39:c6:77:25:a1:9a:bb:e0:c6:84:f0:df:
         0a:d9:dc:4e:6a:7a:0e:47:4e:16:4f:de:15:e3:1b:da:0c:85:
         84:c1:91:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe3BVybkULCLrEaOxZRCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUwNjA3MTMwMTMyWhcNMjUwNjA4MTMwMTMyWjAzMTEwLwYDVQQD
Eyg2ZmRkNjdhYjE5MjFiNmQ1YmFiZmFlMjBlZGIxYTM2NmRhZWNlM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS7n/efWjmT+SZaDXkS+WmAgE7i2
uTMarASk7CClPm7qoOV6OB08sNlR3/cI+h9TbYAWJQOETGx/nVtL7Ig9bbt2YoWe
tcBoLynHdK5fjnOVzMtOtLA/S5EXIViTbiEdrCvWgMNyAKIrvUZR6Mwxy/OjOykf
OQ11P8wJ+MbrHohh7IpS3Xo3OQjIEvTILSHY5hxrO5K+FuqD7MtYbKgccux2L5+c
ssaFH3/+d0eqocOg0KeooreDnIVt2A5CSK+MWlgSgTzFP6dE92AOAa5+bCDVvkZI
Df5K9VNevM2fDsUUFRAyJZWNOLCz2TCI/VKRLuoE5FGkfT3FNXsROoXQ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/dZ6sZIbbVur+uIO2xo2ba7OPSMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATkqpeSHN
cYm5MuZqQIPK7bugfciNYVtq/YQJrSLEUVFdO7P9XaY3eiPWFPi2WpRGpV7uQ8Xl
n4yLaG7+EMgRrvCRA1FYG4sdZRRLurz1/SJF90y/nqxyC0cHTKciMa8mdE+lhk5k
cqr3eyvUOJ58Wew6d9uW/wOPjngo/0bsiEwVPiDKwoZXWUPMsIrkRt86iqYWhwLB
Pg0fbB2HD14O4sy3Z0op3aI2WwiQHj1mH2gUYFTtU0BUghjoYJK4ncrCB4NEXF0j
bJP3+aysHW4n/G4SvFGchrsVO5Mf7Z3ROcZ3JaGau+DGhPDfCtncTmp6DkdOFk/e
FeMb2gyFhMGR6Q==
-----END CERTIFICATE-----