Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
File:                     CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft (raw, json)
Hash identifier:          F4gsYW+UmeERdi2mQudAqpvhC3M/eJm9s/6Fhzryq+w=
Subject key identifier:   A1:93:7A:FE:16:A9:06:3C:5F:DF:56:74:07:4D:36:DE:6B:64:2C:12
Authority key identifier: 08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
Certificate issuer:       /CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
Certificate serial:       019A71B8B00250BE2339673547CACBE21AEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
Manifest number:          0BB8
Signing time:             Tue 11 Nov 2025 07:02:00 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:00 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:00 +0000
Files and hashes:         1: CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl (hash: ucujcVexx7zcsRxzU5mLj7oCBcFMfqqJysEy3rN7PDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:b0:02:50:be:23:39:67:35:47:ca:cb:e2:1a:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
        Validity
            Not Before: Nov 11 07:02:00 2025 GMT
            Not After : Nov 12 07:02:00 2025 GMT
        Subject: CN=a1937afe16a9063c5fdf5674074d36de6b642c12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ae:71:c3:72:b4:cf:41:12:4a:06:04:c9:e8:
                    96:26:3e:da:c1:f6:80:5f:a0:f9:f3:55:ee:f5:12:
                    9b:d3:c9:5a:fc:44:27:6c:7d:6f:af:55:06:72:e0:
                    58:01:d0:7e:34:27:5e:3d:d0:01:ec:3a:4c:a0:44:
                    e2:76:2c:1f:e9:00:81:12:fd:23:23:02:dc:ef:d4:
                    bc:b6:cb:1c:a4:e9:ca:10:1d:d8:6b:a9:4b:c6:4f:
                    c4:8d:ba:52:9d:30:4a:57:9d:cf:64:73:9f:fe:52:
                    2b:1b:b6:51:f4:56:30:9b:4e:7d:68:d2:41:2a:d4:
                    7a:6f:27:90:92:a9:b3:11:78:3e:dd:8e:91:ec:ad:
                    ac:d3:ae:e2:8a:a3:e0:69:c6:73:5a:7c:35:fb:1d:
                    38:0d:75:eb:78:3f:dd:48:c6:fb:7f:5c:d3:0f:e5:
                    5e:b5:7a:b7:13:3f:89:d1:b4:e6:88:57:d1:2c:f8:
                    f6:7d:25:e8:02:07:7e:2a:32:ea:c2:57:aa:74:f7:
                    00:12:c7:ed:4a:4d:0e:2d:ac:26:bb:c5:30:5c:d8:
                    4f:75:a7:18:23:a7:d5:b4:22:7d:3a:d4:c1:b7:69:
                    c8:71:6f:03:af:f2:cf:11:02:f1:f0:40:e7:75:63:
                    0d:f1:74:dc:85:4d:97:47:58:32:54:1c:7f:db:fa:
                    fe:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:93:7A:FE:16:A9:06:3C:5F:DF:56:74:07:4D:36:DE:6B:64:2C:12
            X509v3 Authority Key Identifier:
                keyid:08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:c4:96:66:36:76:86:9f:1a:32:fd:1e:e8:ee:cc:e2:25:cf:
         41:f8:43:af:ae:fb:cb:38:62:12:dc:1a:1e:66:df:21:02:df:
         5d:13:ce:c5:ee:c2:41:89:32:8d:8f:a7:9b:21:4b:c5:84:25:
         94:bc:0a:2c:b1:8e:3a:6c:79:ea:44:76:19:bf:bf:a3:c8:6e:
         f2:88:d3:e7:01:34:e5:82:f3:65:a9:e4:8c:c6:55:85:bd:2a:
         91:f2:23:a0:d0:82:3f:10:3a:ef:06:15:7e:24:88:2d:d3:d2:
         34:83:c2:d4:ba:84:70:bc:6d:de:c0:7d:45:27:bb:a0:6b:76:
         e5:dc:6b:84:bd:3b:52:db:fc:5c:1f:da:92:2c:ca:4a:1f:f3:
         61:4b:e2:8b:5b:8e:a0:63:b8:1a:01:af:94:41:9f:df:1d:a3:
         11:26:5b:f1:ca:d6:c5:0e:82:22:e2:79:ff:9f:b8:eb:77:e3:
         9d:64:85:8d:69:79:38:7f:b6:ec:84:0b:f1:7a:7d:cc:bc:5e:
         88:a2:eb:cd:32:79:0c:ca:cf:74:e1:a6:e0:69:23:99:83:d0:
         4a:74:b2:dc:34:79:3b:b1:3d:bf:20:7d:d1:b7:26:11:51:ff:
         2a:80:75:5c:df:79:73:4f:9f:4a:db:40:f0:b0:97:82:de:3e:
         9b:5a:bb:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLACUL4jOWc1R8rL4hruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDI3ZmRjOTBmODBmODA5NzJjMTI1YmQ0MWVkYjBhZTgz
MzRhYTAwHhcNMjUxMTExMDcwMjAwWhcNMjUxMTEyMDcwMjAwWjAzMTEwLwYDVQQD
EyhhMTkzN2FmZTE2YTkwNjNjNWZkZjU2NzQwNzRkMzZkZTZiNjQyYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy65xw3K0z0ESSgYEyeiWJj7awfaA
X6D581Xu9RKb08la/EQnbH1vr1UGcuBYAdB+NCdePdAB7DpMoETidiwf6QCBEv0j
IwLc79S8tsscpOnKEB3Ya6lLxk/EjbpSnTBKV53PZHOf/lIrG7ZR9FYwm059aNJB
KtR6byeQkqmzEXg+3Y6R7K2s067iiqPgacZzWnw1+x04DXXreD/dSMb7f1zTD+Ve
tXq3Ez+J0bTmiFfRLPj2fSXoAgd+KjLqwleqdPcAEsftSk0OLawmu8UwXNhPdacY
I6fVtCJ9OtTBt2nIcW8Dr/LPEQLx8EDndWMN8XTchU2XR1gyVBx/2/r+iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGTev4WqQY8X99WdAdNNt5rZCwSMB8GA1UdIwQY
MBaAFAjSf9yQ+A+AlywSW9Qe2wroM0qgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYt
OTEwNTQxMTU1ZmVmLzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYtOTEwNTQxMTU1ZmVm
LzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfcSWZjZ2
hp8aMv0e6O7M4iXPQfhDr677yzhiEtwaHmbfIQLfXRPOxe7CQYkyjY+nmyFLxYQl
lLwKLLGOOmx56kR2Gb+/o8hu8ojT5wE05YLzZankjMZVhb0qkfIjoNCCPxA67wYV
fiSILdPSNIPC1LqEcLxt3sB9RSe7oGt25dxrhL07Utv8XB/akizKSh/zYUvii1uO
oGO4GgGvlEGf3x2jESZb8crWxQ6CIuJ5/5+463fjnWSFjWl5OH+27IQL8Xp9zLxe
iKLrzTJ5DMrPdOGm4GkjmYPQSnSy3DR5O7E9vyB90bcmEVH/KoB1XN95c0+fSttA
8LCXgt4+m1q7Fg==
-----END CERTIFICATE-----