Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
File:                     nB7k05z6obOseZwX94grjOTigSA.mft (raw, json)
Hash identifier:          M1pPQLlgHAZGZJfRLF2wooLmc2whBrWL07BRR3YZJhc=
Subject key identifier:   72:9E:83:F1:26:51:35:CF:8A:38:BE:21:18:9F:DE:12:50:2E:BF:3A
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Certificate issuer:       /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial:       019765F25F6AC6FA4506799E6EB5F463D371
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
Manifest number:          083E
Signing time:             Thu 12 Jun 2025 21:01:12 +0000
Manifest this update:     Thu 12 Jun 2025 21:01:12 +0000
Manifest next update:     Fri 13 Jun 2025 21:01:12 +0000
Files and hashes:         1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=)
                          2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: b9V2NsnrYFXIaMsv5CqFOi79bpqkIWIBB3vEwNJZvko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 21:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:f2:5f:6a:c6:fa:45:06:79:9e:6e:b5:f4:63:d3:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
        Validity
            Not Before: Jun 12 21:01:12 2025 GMT
            Not After : Jun 13 21:01:12 2025 GMT
        Subject: CN=729e83f1265135cf8a38be21189fde12502ebf3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:29:08:0b:43:00:06:72:5d:aa:f0:44:d7:3a:
                    ed:d5:7f:92:5e:38:45:af:00:73:ba:5a:0a:0a:83:
                    5d:d0:8c:84:d4:88:ae:72:e1:06:f9:ad:fd:6e:0d:
                    30:79:cb:26:62:99:f0:38:e6:62:b8:53:3c:25:ac:
                    63:ac:4b:f9:47:73:ed:5a:6c:3b:cf:ba:70:ee:f8:
                    4f:03:af:60:b8:f6:c8:dc:93:29:a5:64:65:67:eb:
                    3c:8f:22:e8:ce:5a:bc:a3:a5:6b:11:c6:35:c2:71:
                    a4:3e:fd:52:01:bd:ab:d7:a5:45:fe:7d:49:de:dd:
                    e0:52:11:cc:78:67:32:0d:85:df:d8:13:de:82:e1:
                    78:3a:1d:53:6d:1f:22:35:8e:ae:38:42:03:77:9f:
                    ba:8b:30:56:d5:4c:ac:fc:d1:4a:87:a7:6f:87:a7:
                    7d:71:2e:ff:f6:fb:55:15:04:35:5a:54:71:bb:ed:
                    ad:c1:a7:ff:c5:b1:13:b6:57:a8:c1:2c:5c:f6:d5:
                    1b:78:cc:50:0c:d5:52:b1:18:03:06:64:f9:34:0b:
                    21:4c:1d:44:b6:9f:03:08:2a:c5:dd:c0:e2:67:91:
                    04:d9:ac:43:46:f2:11:d7:db:0e:f4:be:d8:a6:fb:
                    01:a4:cf:5f:fa:8c:3b:68:65:78:80:26:cb:2b:c2:
                    d6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:9E:83:F1:26:51:35:CF:8A:38:BE:21:18:9F:DE:12:50:2E:BF:3A
            X509v3 Authority Key Identifier:
                keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:a0:03:1c:fd:2d:56:43:51:c2:e9:d3:eb:ed:12:d3:0c:c5:
         13:df:51:4a:00:26:10:5e:8e:82:be:23:7b:0d:6d:ef:0a:6a:
         e5:b8:75:2d:fd:e2:76:04:ea:a3:f2:49:95:13:5f:e9:1f:a6:
         45:1b:bb:5f:04:40:2e:12:e8:72:f3:e0:3f:0e:3f:60:15:7e:
         fa:41:52:0c:52:ed:2e:37:83:14:96:cd:8c:8b:0b:8b:19:e3:
         d8:96:09:db:7a:33:51:40:3e:46:91:f3:d5:48:8a:b6:4b:ab:
         25:05:1c:04:3e:3f:4d:f7:29:2e:42:d4:51:4e:e1:24:88:bc:
         ab:05:19:9b:d6:37:98:ae:16:0c:d1:65:5b:aa:89:ae:ea:46:
         26:08:44:5b:86:c9:f6:de:57:1d:22:f2:72:95:27:ac:ff:11:
         29:fc:b1:56:70:a9:32:10:82:f9:a4:02:60:f3:bc:6c:91:e7:
         dc:eb:26:0e:d0:70:3d:7f:83:ef:4f:19:36:81:b9:ff:d8:5a:
         6a:dd:87:de:47:53:23:57:fc:1b:97:05:6c:75:35:bf:f7:a8:
         00:6c:4b:4d:b2:71:38:01:59:75:b1:6f:ff:36:bc:bf:77:ed:
         f8:cf:ba:2d:0d:70:83:a0:1a:92:d1:a1:fd:15:44:fa:fa:35:
         77:8f:9e:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdl8l9qxvpFBnmebrX0Y9NxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjUwNjEyMjEwMTEyWhcNMjUwNjEzMjEwMTEyWjAzMTEwLwYDVQQD
Eyg3MjllODNmMTI2NTEzNWNmOGEzOGJlMjExODlmZGUxMjUwMmViZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ikIC0MABnJdqvBE1zrt1X+SXjhF
rwBzuloKCoNd0IyE1IiucuEG+a39bg0wecsmYpnwOOZiuFM8JaxjrEv5R3PtWmw7
z7pw7vhPA69guPbI3JMppWRlZ+s8jyLozlq8o6VrEcY1wnGkPv1SAb2r16VF/n1J
3t3gUhHMeGcyDYXf2BPeguF4Oh1TbR8iNY6uOEIDd5+6izBW1Uys/NFKh6dvh6d9
cS7/9vtVFQQ1WlRxu+2twaf/xbETtleowSxc9tUbeMxQDNVSsRgDBmT5NAshTB1E
tp8DCCrF3cDiZ5EE2axDRvIR19sO9L7YpvsBpM9f+ow7aGV4gCbLK8LWNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKeg/EmUTXPiji+IRif3hJQLr86MB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYqADHP0t
VkNRwunT6+0S0wzFE99RSgAmEF6Ogr4jew1t7wpq5bh1Lf3idgTqo/JJlRNf6R+m
RRu7XwRALhLocvPgPw4/YBV++kFSDFLtLjeDFJbNjIsLixnj2JYJ23ozUUA+RpHz
1UiKtkurJQUcBD4/TfcpLkLUUU7hJIi8qwUZm9Y3mK4WDNFlW6qJrupGJghEW4bJ
9t5XHSLycpUnrP8RKfyxVnCpMhCC+aQCYPO8bJHn3OsmDtBwPX+D708ZNoG5/9ha
at2H3kdTI1f8G5cFbHU1v/eoAGxLTbJxOAFZdbFv/za8v3ft+M+6LQ1wg6AaktGh
/RVE+vo1d4+enQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 03:23:45 2025 by rpki-client