Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
File:                     n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json)
Hash identifier:          t1kwQtH8e+/dEurEvoArUbpOuvtQl8y/Lu9qtITtZpw=
Subject key identifier:   49:E9:45:01:73:A4:E7:DD:12:9B:9A:C9:FC:9C:3F:BA:9E:BF:06:1C
Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
Certificate issuer:       /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Certificate serial:       01976F2C6F7C2E910DF6264DD57E09D4737E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
Manifest number:          0F6A
Signing time:             Sat 14 Jun 2025 16:01:12 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:12 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:12 +0000
Files and hashes:         1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: Gm09hBMgQsUCbCPDntLBH1leSgNk7PS6C1Fed9hEllk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:6f:7c:2e:91:0d:f6:26:4d:d5:7e:09:d4:73:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
        Validity
            Not Before: Jun 14 16:01:12 2025 GMT
            Not After : Jun 15 16:01:12 2025 GMT
        Subject: CN=49e9450173a4e7dd129b9ac9fc9c3fba9ebf061c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:52:93:db:b5:8d:9f:73:a6:06:67:4d:10:24:
                    2f:42:0a:df:d9:34:99:bf:48:40:34:77:45:04:d8:
                    0d:df:95:c3:2d:90:37:ca:29:a4:f7:e9:64:4a:0f:
                    b5:6a:bd:ac:f0:9f:8c:1f:fe:4e:d4:f7:1b:0f:62:
                    60:17:b3:5d:b5:7d:1c:75:49:b3:3d:15:af:15:25:
                    8d:2b:9e:1e:cc:57:8e:69:a7:c6:c0:09:76:49:fd:
                    fa:6e:08:fc:c1:a1:7f:63:e4:c7:59:f1:11:e0:a6:
                    97:cf:ba:38:47:df:2d:a0:d0:86:4d:38:2e:57:6b:
                    28:b0:86:d6:24:e1:34:16:33:a3:8a:83:2b:4b:d4:
                    b6:c3:aa:13:db:22:ca:16:3f:1f:aa:e3:6a:7c:95:
                    dc:ea:ab:80:35:a3:a3:6e:b6:e8:10:9d:17:2e:a3:
                    be:0d:4c:59:e3:83:e7:71:22:c5:fb:a2:05:32:34:
                    b3:7b:6b:67:5d:cb:24:a7:6e:60:4c:3c:91:f7:13:
                    e6:b2:45:f3:ae:06:fa:c8:eb:93:23:fb:15:0a:07:
                    f9:4c:23:40:4e:a1:c0:f2:4a:92:b0:ac:0b:c7:9a:
                    da:8b:58:03:cb:89:32:1d:65:e2:63:fb:84:b4:50:
                    a2:36:fa:a4:da:58:7e:04:f5:8b:c3:cd:27:b9:c1:
                    1d:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:E9:45:01:73:A4:E7:DD:12:9B:9A:C9:FC:9C:3F:BA:9E:BF:06:1C
            X509v3 Authority Key Identifier:
                keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:20:52:78:6c:0a:6d:5b:be:96:65:87:4c:cb:9e:28:71:dc:
         de:bf:97:f8:b7:8d:32:03:bc:07:11:a6:bf:c4:44:db:49:67:
         1e:9b:17:2e:07:6b:ea:c1:80:ad:15:7e:cd:1d:ca:29:2e:69:
         d6:da:c4:5f:53:60:7c:73:2a:f8:f7:14:c1:91:62:bd:ec:8f:
         db:d4:08:0b:39:55:83:da:ed:be:a5:2c:a5:6a:98:9b:e2:95:
         4b:22:a5:4a:e9:49:e8:e2:d6:1d:5f:07:f4:6d:e9:41:06:a4:
         bb:bd:c7:25:e5:ec:2e:d9:89:57:3b:bb:fa:fa:5c:c2:76:71:
         78:21:8a:40:60:14:06:18:05:bb:20:35:4b:51:7e:2d:a8:04:
         a6:25:16:8c:9a:19:0b:7b:02:1b:ba:70:84:ef:12:4e:14:c0:
         5c:e2:39:03:f1:a7:38:ad:b6:41:24:34:81:39:f9:7e:9d:56:
         96:e7:25:d0:b1:f1:d2:89:9c:6a:46:63:a1:06:3a:02:51:75:
         19:3e:39:f6:ea:f3:d2:fc:50:18:47:35:57:11:8f:cf:73:47:
         5f:a9:8e:7f:96:cc:d3:f0:f2:5b:92:d5:b0:7f:94:90:65:77:
         32:89:30:ed:11:cb:67:bb:66:c9:d7:9a:3d:c3:65:e9:59:77:
         37:d1:7a:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLG98LpEN9iZN1X4J1HN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5
YzkzM2YwHhcNMjUwNjE0MTYwMTEyWhcNMjUwNjE1MTYwMTEyWjAzMTEwLwYDVQQD
Eyg0OWU5NDUwMTczYTRlN2RkMTI5YjlhYzlmYzljM2ZiYTllYmYwNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFKT27WNn3OmBmdNECQvQgrf2TSZ
v0hANHdFBNgN35XDLZA3yimk9+lkSg+1ar2s8J+MH/5O1PcbD2JgF7NdtX0cdUmz
PRWvFSWNK54ezFeOaafGwAl2Sf36bgj8waF/Y+THWfER4KaXz7o4R98toNCGTTgu
V2sosIbWJOE0FjOjioMrS9S2w6oT2yLKFj8fquNqfJXc6quANaOjbrboEJ0XLqO+
DUxZ44PncSLF+6IFMjSze2tnXcskp25gTDyR9xPmskXzrgb6yOuTI/sVCgf5TCNA
TqHA8kqSsKwLx5rai1gDy4kyHWXiY/uEtFCiNvqk2lh+BPWLw80nucEdHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnpRQFzpOfdEpuayfycP7qevwYcMB8GA1UdIwQY
MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt
NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4
LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsSBSeGwK
bVu+lmWHTMueKHHc3r+X+LeNMgO8BxGmv8RE20lnHpsXLgdr6sGArRV+zR3KKS5p
1trEX1NgfHMq+PcUwZFiveyP29QICzlVg9rtvqUspWqYm+KVSyKlSulJ6OLWHV8H
9G3pQQaku73HJeXsLtmJVzu7+vpcwnZxeCGKQGAUBhgFuyA1S1F+LagEpiUWjJoZ
C3sCG7pwhO8SThTAXOI5A/GnOK22QSQ0gTn5fp1Wlucl0LHx0omcakZjoQY6AlF1
GT459urz0vxQGEc1VxGPz3NHX6mOf5bM0/DyW5LVsH+UkGV3Mokw7RHLZ7tmydea
PcNl6Vl3N9F6iA==
-----END CERTIFICATE-----