Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
File:                     nphC_lRy5id-eSB2x9OHcALi4lE.mft (raw, json)
Hash identifier:          GvTDngCdyqyNW/WbEcMuPJaZ+61f+Z4R9iCGqDmR/WI=
Subject key identifier:   5E:33:5E:0A:11:1F:34:CF:A7:BE:F7:94:9B:ED:AF:7A:B2:92:19:13
Authority key identifier: 9E:98:42:FE:54:72:E6:27:7E:79:20:76:C7:D3:87:70:02:E2:E2:51
Certificate issuer:       /CN=9e9842fe5472e6277e792076c7d3877002e2e251
Certificate serial:       01987486B3BA1BE9120516F88A5E9DE5585E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
Manifest number:          0116
Signing time:             Mon 04 Aug 2025 10:00:41 +0000
Manifest this update:     Mon 04 Aug 2025 10:00:41 +0000
Manifest next update:     Tue 05 Aug 2025 10:00:41 +0000
Files and hashes:         1: nphC_lRy5id-eSB2x9OHcALi4lE.crl (hash: /iyfk4ADIltczfenPfHScyWfu3hppGREkdRqA5fi8T8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:86:b3:ba:1b:e9:12:05:16:f8:8a:5e:9d:e5:58:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e9842fe5472e6277e792076c7d3877002e2e251
        Validity
            Not Before: Aug  4 10:00:41 2025 GMT
            Not After : Aug  5 10:00:41 2025 GMT
        Subject: CN=5e335e0a111f34cfa7bef7949bedaf7ab2921913
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:34:6d:4d:52:f5:8c:97:66:8d:2a:fb:c3:39:
                    f4:c5:3c:42:43:52:de:fa:8b:99:25:9b:bd:5c:9e:
                    99:d5:f8:f7:a0:2a:40:c3:be:e2:12:6f:37:33:3b:
                    e1:ed:a0:d2:64:8d:e6:70:3a:71:7f:11:4a:b1:49:
                    01:b4:bf:a1:d6:e4:1e:0f:20:71:e1:ea:15:38:ce:
                    33:63:c7:e5:cb:16:89:13:68:5d:02:c3:d3:3b:ad:
                    64:3f:e2:cb:3b:33:d3:6d:e8:c5:0a:88:3f:e4:f6:
                    95:31:f4:69:55:4f:29:7f:46:15:10:c1:ed:de:11:
                    e3:4b:e8:a7:17:f0:c9:53:12:f5:d4:cc:fe:9e:5a:
                    d1:7e:31:f1:ac:48:e9:fd:14:b0:27:8d:8f:49:da:
                    fd:3a:b4:35:f6:f6:65:52:85:4c:e8:04:43:3d:01:
                    2e:7c:17:a2:cd:f1:78:40:48:75:f6:27:c0:35:51:
                    11:82:75:a8:f7:b2:39:ad:70:1b:53:a2:7d:4b:d2:
                    23:de:1d:f8:01:4a:b6:0d:a6:ff:fa:08:cd:4a:ee:
                    b9:cd:76:18:2d:07:bc:4f:0f:47:f0:44:2e:88:63:
                    72:e2:ad:35:f7:d2:08:75:f8:52:b3:4c:c2:bb:db:
                    2d:b1:7c:b2:c0:89:dd:f6:6c:58:29:a5:d8:46:53:
                    c7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:33:5E:0A:11:1F:34:CF:A7:BE:F7:94:9B:ED:AF:7A:B2:92:19:13
            X509v3 Authority Key Identifier:
                keyid:9E:98:42:FE:54:72:E6:27:7E:79:20:76:C7:D3:87:70:02:E2:E2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:e2:2e:66:84:a7:cb:0f:b7:2c:45:15:30:c3:ad:d9:61:3d:
         21:13:8e:cc:0f:bc:90:a8:b4:ec:cc:4c:26:ab:d3:b7:48:a0:
         8d:47:9c:15:ba:9d:79:03:ed:b6:8c:91:90:35:97:4f:99:35:
         42:12:e2:c6:9e:4c:81:db:10:12:7c:8a:35:02:9c:1c:36:c5:
         83:7e:2d:ca:96:36:f8:2c:8e:ba:d9:70:df:db:41:4a:a6:09:
         d7:4a:59:3c:eb:2e:ee:e9:73:40:43:54:bf:69:a2:01:06:68:
         0a:89:df:58:93:4a:a4:16:43:05:d1:7b:0e:ef:d8:1d:ce:55:
         54:b2:a9:22:69:e1:06:37:95:5f:53:ae:ee:82:2b:d1:f8:82:
         c5:2f:4e:6e:ab:36:d6:64:e0:74:7a:47:0d:fb:41:ab:ae:d6:
         a5:0c:db:2f:5b:c9:23:f4:19:58:a6:b9:a0:a6:4b:83:f6:50:
         ec:ac:1e:04:a1:da:8e:f6:b3:54:1b:d2:c5:36:5e:e0:bc:0c:
         84:28:96:33:ee:9d:d4:bd:df:78:97:4d:45:07:d5:48:a7:04:
         6a:c2:2f:ba:c1:40:e8:8b:9d:8d:d8:ad:38:3a:72:81:b8:e5:
         cd:3b:72:09:87:f9:0c:ef:fe:c9:2f:14:d1:49:eb:3b:a9:78:
         34:e8:d8:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0hrO6G+kSBRb4il6d5VheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTg0MmZlNTQ3MmU2Mjc3ZTc5MjA3NmM3ZDM4NzcwMDJl
MmUyNTEwHhcNMjUwODA0MTAwMDQxWhcNMjUwODA1MTAwMDQxWjAzMTEwLwYDVQQD
Eyg1ZTMzNWUwYTExMWYzNGNmYTdiZWY3OTQ5YmVkYWY3YWIyOTIxOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DRtTVL1jJdmjSr7wzn0xTxCQ1Le
+ouZJZu9XJ6Z1fj3oCpAw77iEm83Mzvh7aDSZI3mcDpxfxFKsUkBtL+h1uQeDyBx
4eoVOM4zY8flyxaJE2hdAsPTO61kP+LLOzPTbejFCog/5PaVMfRpVU8pf0YVEMHt
3hHjS+inF/DJUxL11Mz+nlrRfjHxrEjp/RSwJ42PSdr9OrQ19vZlUoVM6ARDPQEu
fBeizfF4QEh19ifANVERgnWo97I5rXAbU6J9S9Ij3h34AUq2Dab/+gjNSu65zXYY
LQe8Tw9H8EQuiGNy4q0199IIdfhSs0zCu9stsXyywInd9mxYKaXYRlPHXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4zXgoRHzTPp773lJvtr3qykhkTMB8GA1UdIwQY
MBaAFJ6YQv5UcuYnfnkgdsfTh3AC4uJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84ZjExYjMtODljNS00YjExLTljMDkt
M2EwN2Y5MjI0ZTIxLzEvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84ZjExYjMtODljNS00YjExLTljMDktM2EwN2Y5MjI0ZTIx
LzEvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADeIuZoSn
yw+3LEUVMMOt2WE9IROOzA+8kKi07MxMJqvTt0igjUecFbqdeQPttoyRkDWXT5k1
QhLixp5MgdsQEnyKNQKcHDbFg34typY2+CyOutlw39tBSqYJ10pZPOsu7ulzQENU
v2miAQZoConfWJNKpBZDBdF7Du/YHc5VVLKpImnhBjeVX1Ou7oIr0fiCxS9Obqs2
1mTgdHpHDftBq67WpQzbL1vJI/QZWKa5oKZLg/ZQ7KweBKHajvazVBvSxTZe4LwM
hCiWM+6d1L3feJdNRQfVSKcEasIvusFA6IudjditODpygbjlzTtyCYf5DO/+yS8U
0UnrO6l4NOjY1A==
-----END CERTIFICATE-----