Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          4v91tRomuRbQhHD5K4GJc4JFVUu5LQ7e7+Q9/srNZ1o=
Subject key identifier:   2C:1F:A1:A1:B6:EB:F4:A7:F7:CE:74:E4:3F:5E:C3:3A:E5:AC:36:16
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       0198745062CEBE40C871CC9F847CB8C76C8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0A79
Signing time:             Mon 04 Aug 2025 09:01:21 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:21 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:21 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: b3ysF0M8XRyrS38eu4ElwbHX5TDxYl0sLhDgS0M7pSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:62:ce:be:40:c8:71:cc:9f:84:7c:b8:c7:6c:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Aug  4 09:01:21 2025 GMT
            Not After : Aug  5 09:01:21 2025 GMT
        Subject: CN=2c1fa1a1b6ebf4a7f7ce74e43f5ec33ae5ac3616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:64:19:59:e6:a1:b6:91:46:6d:23:ea:06:36:
                    18:8a:ab:21:36:e9:ba:d9:37:44:33:7c:0b:76:19:
                    25:f1:48:c1:d6:11:8e:17:f7:59:bc:86:93:42:df:
                    35:10:5b:08:85:da:4e:40:4d:24:62:0f:be:e8:c9:
                    41:c6:76:fa:21:98:b3:9d:fd:c2:48:db:4c:54:4d:
                    38:f6:e6:16:10:ff:ec:1c:ed:03:ba:1f:62:d0:70:
                    f6:19:f6:ca:50:75:af:54:77:7f:6c:f7:3a:e4:c0:
                    bf:24:c3:00:a9:a7:c6:08:9c:53:1b:a1:68:2f:22:
                    99:a0:01:ad:5c:11:76:59:0a:65:3a:b8:8b:07:25:
                    8e:c7:9a:5e:ae:8e:cf:83:5b:2a:48:ba:95:1a:22:
                    e9:2b:ff:06:fc:4e:44:e4:3a:03:e2:13:b7:5d:df:
                    86:9a:6c:63:0f:69:b5:cc:35:f2:21:ba:55:83:5c:
                    ec:8c:59:37:2f:13:09:cf:e3:88:71:9b:e4:a3:c9:
                    49:19:1f:d2:52:cb:59:3c:26:f5:16:52:72:e5:5b:
                    c9:0a:3c:07:a8:f9:7e:09:ad:37:cb:f1:eb:27:30:
                    ea:0f:46:4b:ea:47:f8:ec:57:62:45:e5:47:23:ae:
                    72:41:dd:70:9e:cb:21:80:4a:d4:3c:43:95:cb:6f:
                    5e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:1F:A1:A1:B6:EB:F4:A7:F7:CE:74:E4:3F:5E:C3:3A:E5:AC:36:16
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:2c:0a:c8:c5:58:3b:ac:d7:ab:45:ff:59:77:27:27:a4:dc:
         8d:6f:ed:1d:c6:80:96:b3:4a:26:88:51:e6:78:55:aa:c8:71:
         58:b9:a6:da:a8:81:06:c7:13:6f:c7:d5:3b:10:a4:3f:4d:b7:
         cb:86:d7:33:5e:b8:ac:93:cf:4a:cd:7b:0c:69:5e:24:81:60:
         58:22:dc:04:f3:15:40:bf:49:07:1f:fe:8e:bf:30:1c:c7:0d:
         22:b3:99:ba:6b:15:5f:e1:32:24:72:b1:c3:7e:f2:64:80:44:
         9e:dd:b3:60:34:55:70:83:b3:28:f0:25:04:fb:1d:91:bd:90:
         ec:38:4b:ea:5b:9c:55:ad:33:02:ea:78:89:07:5c:33:79:0e:
         fc:ad:55:b9:33:03:f2:f8:16:bb:ad:0d:07:fd:3f:a9:5b:7d:
         26:64:ff:1b:69:c8:ac:5e:9f:bb:25:31:97:a3:4c:0a:60:23:
         de:98:d9:bc:e0:6b:77:b6:da:e3:dc:c5:42:c5:71:a8:cc:0d:
         74:97:13:84:23:25:35:60:c6:b5:2c:69:40:6b:b9:bf:0e:63:
         49:41:19:d1:63:35:d4:8c:23:8f:59:b3:04:08:67:53:ba:0d:
         b5:e9:a7:42:b7:59:64:49:48:ec:5a:d5:a7:f4:c0:5a:8b:77:
         aa:27:9b:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UGLOvkDIccyfhHy4x2yOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUwODA0MDkwMTIxWhcNMjUwODA1MDkwMTIxWjAzMTEwLwYDVQQD
EygyYzFmYTFhMWI2ZWJmNGE3ZjdjZTc0ZTQzZjVlYzMzYWU1YWMzNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2QZWeahtpFGbSPqBjYYiqshNum6
2TdEM3wLdhkl8UjB1hGOF/dZvIaTQt81EFsIhdpOQE0kYg++6MlBxnb6IZiznf3C
SNtMVE049uYWEP/sHO0Duh9i0HD2GfbKUHWvVHd/bPc65MC/JMMAqafGCJxTG6Fo
LyKZoAGtXBF2WQplOriLByWOx5pero7Pg1sqSLqVGiLpK/8G/E5E5DoD4hO3Xd+G
mmxjD2m1zDXyIbpVg1zsjFk3LxMJz+OIcZvko8lJGR/SUstZPCb1FlJy5VvJCjwH
qPl+Ca03y/HrJzDqD0ZL6kf47FdiReVHI65yQd1wnsshgErUPEOVy29eIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwfoaG26/Sn98505D9ewzrlrDYWMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYiwKyMVY
O6zXq0X/WXcnJ6TcjW/tHcaAlrNKJohR5nhVqshxWLmm2qiBBscTb8fVOxCkP023
y4bXM164rJPPSs17DGleJIFgWCLcBPMVQL9JBx/+jr8wHMcNIrOZumsVX+EyJHKx
w37yZIBEnt2zYDRVcIOzKPAlBPsdkb2Q7DhL6lucVa0zAup4iQdcM3kO/K1VuTMD
8vgWu60NB/0/qVt9JmT/G2nIrF6fuyUxl6NMCmAj3pjZvOBrd7ba49zFQsVxqMwN
dJcThCMlNWDGtSxpQGu5vw5jSUEZ0WM11Iwjj1mzBAhnU7oNtemnQrdZZElI7FrV
p/TAWot3qiebLA==
-----END CERTIFICATE-----