Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          0Gq2Asyj919tvAOKIGsX5UX5Y639w06gPquCUUuuBcc=
Subject key identifier:   AC:B2:C0:9D:D0:E2:71:D5:52:6D:81:A1:0B:9E:D8:1D:E4:CD:D2:CB
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019769CF2E27B58932308CDAEDAE9D18EC83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          09EF
Signing time:             Fri 13 Jun 2025 15:01:14 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:14 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:14 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: a+gaLRYEJC0ERoRCKom1BD8+GS08mq1PZKk8deSuDo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:2e:27:b5:89:32:30:8c:da:ed:ae:9d:18:ec:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Jun 13 15:01:14 2025 GMT
            Not After : Jun 14 15:01:14 2025 GMT
        Subject: CN=acb2c09dd0e271d5526d81a10b9ed81de4cdd2cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:61:21:54:99:cd:70:4d:f3:c9:e1:83:72:06:
                    01:af:5f:98:ec:68:b7:23:40:4e:71:2d:2b:09:ca:
                    ae:c4:df:a0:6f:81:cf:69:34:ae:43:fd:e5:7e:11:
                    2d:fd:ec:cf:c6:db:9d:0b:8f:73:8f:56:7c:ae:86:
                    9f:20:38:7a:2f:60:c1:97:f9:47:c6:b1:87:3a:63:
                    42:df:e5:2c:ce:76:62:87:0f:f1:d3:5f:04:4b:c1:
                    75:a2:5f:78:56:f0:d5:e2:5b:26:c2:1c:b1:7a:d4:
                    ae:ca:a8:61:a7:83:dc:08:00:25:f6:53:90:fc:ba:
                    e8:97:d9:77:0a:a7:7d:60:b2:25:e1:55:01:e0:d2:
                    dd:d1:4a:d9:74:b8:27:08:d1:7c:0f:f1:62:a0:7c:
                    a7:26:a1:17:00:dc:0d:64:6c:db:1c:38:1c:7e:85:
                    76:b0:35:39:f8:d3:eb:cc:5c:b9:ba:5c:72:30:54:
                    8c:ff:82:d3:37:6b:a3:57:53:79:a4:3d:52:a7:5f:
                    f9:5a:9c:d6:e7:59:12:1d:1b:f1:93:10:68:53:ad:
                    c2:c6:77:7e:9a:47:11:47:fc:9d:60:f0:09:34:02:
                    92:75:3b:c5:98:3f:1c:ff:ef:66:16:8a:8e:d0:b2:
                    ba:81:ff:fc:ee:5b:f6:79:af:51:40:35:65:4c:94:
                    cd:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B2:C0:9D:D0:E2:71:D5:52:6D:81:A1:0B:9E:D8:1D:E4:CD:D2:CB
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:7d:f0:a0:a2:16:ad:51:17:83:3e:16:57:d4:0c:1b:22:c8:
         b6:07:c3:89:5e:65:67:70:16:2d:0e:de:9c:9a:c5:b8:56:18:
         3d:06:cb:37:1d:d6:05:52:a6:66:a2:f4:6a:bc:78:91:51:a4:
         a5:73:90:a5:71:13:a1:9c:4c:df:48:a0:18:ef:f1:fc:e7:fb:
         af:e1:06:62:6f:25:c5:31:28:52:24:8b:2a:e1:92:21:b6:4d:
         6d:be:98:d7:95:4d:90:ca:ef:94:7c:b9:fe:75:c0:84:e8:a2:
         02:27:ab:1c:17:c3:45:ea:47:c0:1f:fd:e8:83:2c:2a:ff:e6:
         ea:20:1c:7e:db:b8:00:d6:9c:a1:45:c3:01:1e:15:55:0b:0a:
         2c:80:6b:c0:28:5c:e1:b6:67:8d:cf:9d:57:95:06:7a:88:5a:
         a4:a3:20:d2:f8:5f:ab:d6:51:e9:6b:97:39:21:fa:7a:46:60:
         1b:78:36:79:7c:2d:6d:b1:dd:c5:d5:cb:eb:fa:3f:af:19:c2:
         15:8a:c6:62:3d:46:83:f4:16:2f:74:b0:b7:8b:cd:d6:aa:48:
         ed:3c:6b:87:c0:42:c1:1c:a6:27:73:38:d5:09:73:92:f3:18:
         bd:27:bc:84:c9:12:a9:31:0c:27:e8:89:2a:f6:76:e4:37:43:
         f8:be:25:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzy4ntYkyMIza7a6dGOyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUwNjEzMTUwMTE0WhcNMjUwNjE0MTUwMTE0WjAzMTEwLwYDVQQD
EyhhY2IyYzA5ZGQwZTI3MWQ1NTI2ZDgxYTEwYjllZDgxZGU0Y2RkMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12EhVJnNcE3zyeGDcgYBr1+Y7Gi3
I0BOcS0rCcquxN+gb4HPaTSuQ/3lfhEt/ezPxtudC49zj1Z8roafIDh6L2DBl/lH
xrGHOmNC3+UsznZihw/x018ES8F1ol94VvDV4lsmwhyxetSuyqhhp4PcCAAl9lOQ
/Lrol9l3Cqd9YLIl4VUB4NLd0UrZdLgnCNF8D/FioHynJqEXANwNZGzbHDgcfoV2
sDU5+NPrzFy5ulxyMFSM/4LTN2ujV1N5pD1Sp1/5WpzW51kSHRvxkxBoU63Cxnd+
mkcRR/ydYPAJNAKSdTvFmD8c/+9mFoqO0LK6gf/87lv2ea9RQDVlTJTNVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyywJ3Q4nHVUm2BoQue2B3kzdLLMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb33woKIW
rVEXgz4WV9QMGyLItgfDiV5lZ3AWLQ7enJrFuFYYPQbLNx3WBVKmZqL0arx4kVGk
pXOQpXEToZxM30igGO/x/Of7r+EGYm8lxTEoUiSLKuGSIbZNbb6Y15VNkMrvlHy5
/nXAhOiiAierHBfDRepHwB/96IMsKv/m6iAcftu4ANacoUXDAR4VVQsKLIBrwChc
4bZnjc+dV5UGeohapKMg0vhfq9ZR6WuXOSH6ekZgG3g2eXwtbbHdxdXL6/o/rxnC
FYrGYj1Gg/QWL3Swt4vN1qpI7Txrh8BCwRymJ3M41QlzkvMYvSe8hMkSqTEMJ+iJ
KvZ25DdD+L4l4g==
-----END CERTIFICATE-----