Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          Y4znkmUpmg8sHs3NU3+o4AIQHF23RWUTfptIcCVeDe4=
Subject key identifier:   F8:BA:EC:90:8D:28:68:8B:1B:45:12:25:29:21:CE:F6:16:1E:F6:84
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       019A571C26236052B49A2C332D427B902F36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          170E
Signing time:             Thu 06 Nov 2025 03:00:53 +0000
Manifest this update:     Thu 06 Nov 2025 03:00:53 +0000
Manifest next update:     Fri 07 Nov 2025 03:00:53 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: VlJ8JPbwvxtKrfTjal9jIZoRPHDQ+HfKDexSs+nAab0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 21:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:57:1c:26:23:60:52:b4:9a:2c:33:2d:42:7b:90:2f:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Nov  6 03:00:53 2025 GMT
            Not After : Nov  7 03:00:53 2025 GMT
        Subject: CN=f8baec908d28688b1b4512252921cef6161ef684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:86:41:c0:01:40:5f:0f:8b:58:fc:7a:99:04:
                    05:fb:31:fd:13:19:73:74:94:a6:d9:9a:70:33:26:
                    11:89:db:66:1f:21:ba:c9:45:d0:1c:4d:74:69:16:
                    15:0d:b8:6d:18:74:7c:64:4b:89:15:dc:1f:23:a0:
                    12:07:4e:2b:ac:b1:9a:c5:03:f4:cc:c3:cb:80:48:
                    07:b8:61:ed:60:fc:c7:87:eb:53:38:62:cd:99:c5:
                    97:08:8c:89:b2:16:52:4d:65:5b:d7:0b:ef:c7:7c:
                    e3:b6:a9:ad:68:38:91:d9:80:ae:2d:5f:cd:28:8e:
                    c8:3b:3e:60:0d:bf:2a:60:52:8d:0f:53:ad:e9:47:
                    79:f8:54:5d:e7:1a:36:82:06:0b:37:8f:d9:80:36:
                    ed:21:3f:a5:ba:5a:df:b2:a7:8b:de:dc:ac:45:3d:
                    e7:86:96:43:78:97:30:f5:5e:bf:0b:26:68:50:c8:
                    9f:b3:59:95:d3:1e:62:a8:ca:dd:1e:c4:66:eb:9b:
                    27:b5:a8:5a:14:d9:b9:f4:d0:ea:fd:e9:6a:6b:ce:
                    3d:67:55:0d:5e:ae:e1:06:a5:64:36:b0:7b:2b:03:
                    84:01:b7:9c:21:11:a2:ef:0e:8b:3d:ae:79:52:90:
                    9f:47:f7:b5:e2:d7:21:cd:41:29:46:d5:92:34:bf:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:BA:EC:90:8D:28:68:8B:1B:45:12:25:29:21:CE:F6:16:1E:F6:84
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:71:cd:bb:b3:42:56:ce:df:15:67:cb:da:b1:40:89:c4:51:
         83:1a:c8:1a:58:85:e5:b5:5b:3c:ad:f2:77:11:69:a7:05:4a:
         d0:7c:67:96:4e:2a:de:8d:4c:a6:3f:1a:4d:cd:75:93:c6:fe:
         3f:84:73:ec:46:ac:5b:e8:5d:66:06:18:8e:82:e9:44:43:99:
         6a:77:71:24:ec:80:3e:cb:0f:46:e5:30:66:51:99:ce:b6:ab:
         ba:7c:3f:c1:0b:08:2f:34:35:19:28:58:9d:37:01:af:ab:9e:
         83:79:fd:a8:10:29:64:20:a5:ee:cc:63:0e:dc:93:c2:cb:d1:
         53:99:fe:c5:92:3c:75:e7:e4:7b:73:98:86:3e:68:b1:9a:4e:
         f0:89:d5:c6:92:a9:b3:f1:e2:c7:c4:38:3f:f7:a9:e2:07:89:
         0e:fa:33:b7:b5:46:fc:e1:1f:5f:e1:04:b1:13:0a:ff:7f:d2:
         0b:e6:78:c0:88:58:32:c0:b4:bb:85:d5:b9:7b:39:39:ea:b1:
         0b:b2:f2:e9:2d:be:b6:fc:0c:bf:bc:16:a2:d4:a8:bc:52:9f:
         96:98:15:97:04:42:0d:81:b1:ae:10:4a:64:1f:b8:e4:b6:72:
         8a:16:1e:68:e5:19:c7:92:38:0e:c8:ba:86:10:98:8a:f5:05:
         98:51:73:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpXHCYjYFK0miwzLUJ7kC82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUxMTA2MDMwMDUzWhcNMjUxMTA3MDMwMDUzWjAzMTEwLwYDVQQD
EyhmOGJhZWM5MDhkMjg2ODhiMWI0NTEyMjUyOTIxY2VmNjE2MWVmNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4ZBwAFAXw+LWPx6mQQF+zH9Exlz
dJSm2ZpwMyYRidtmHyG6yUXQHE10aRYVDbhtGHR8ZEuJFdwfI6ASB04rrLGaxQP0
zMPLgEgHuGHtYPzHh+tTOGLNmcWXCIyJshZSTWVb1wvvx3zjtqmtaDiR2YCuLV/N
KI7IOz5gDb8qYFKND1Ot6Ud5+FRd5xo2ggYLN4/ZgDbtIT+lulrfsqeL3tysRT3n
hpZDeJcw9V6/CyZoUMifs1mV0x5iqMrdHsRm65sntahaFNm59NDq/elqa849Z1UN
Xq7hBqVkNrB7KwOEAbecIRGi7w6LPa55UpCfR/e14tchzUEpRtWSNL/foQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPi67JCNKGiLG0USJSkhzvYWHvaEMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl3HNu7NC
Vs7fFWfL2rFAicRRgxrIGliF5bVbPK3ydxFppwVK0Hxnlk4q3o1Mpj8aTc11k8b+
P4Rz7EasW+hdZgYYjoLpREOZandxJOyAPssPRuUwZlGZzrarunw/wQsILzQ1GShY
nTcBr6ueg3n9qBApZCCl7sxjDtyTwsvRU5n+xZI8defke3OYhj5osZpO8InVxpKp
s/Hix8Q4P/ep4geJDvozt7VG/OEfX+EEsRMK/3/SC+Z4wIhYMsC0u4XVuXs5Oeqx
C7Ly6S2+tvwMv7wWotSovFKflpgVlwRCDYGxrhBKZB+45LZyihYeaOUZx5I4Dsi6
hhCYivUFmFFzxw==
-----END CERTIFICATE-----