Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          Yx2fcZxPjX8Q1d7ZB4+Q+iZKUdPT/WBv8NEo6M8llFg=
Subject key identifier:   2C:10:BD:98:2C:83:BD:B6:80:C5:D1:95:54:D9:02:A0:FE:80:72:AC
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       019781326683CE36FDD77143AF97770797FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          1527
Signing time:             Wed 18 Jun 2025 04:00:53 +0000
Manifest this update:     Wed 18 Jun 2025 04:00:53 +0000
Manifest next update:     Thu 19 Jun 2025 04:00:53 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: 2avYbDeOrpWujf+BSHIwmml+S7owxbia/ARtCgiINzM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:81:32:66:83:ce:36:fd:d7:71:43:af:97:77:07:97:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Jun 18 04:00:53 2025 GMT
            Not After : Jun 19 04:00:53 2025 GMT
        Subject: CN=2c10bd982c83bdb680c5d19554d902a0fe8072ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a2:9a:e0:fa:39:23:73:d3:25:97:a1:1f:d6:
                    11:16:97:e0:71:a7:3a:10:eb:bc:36:55:d6:7f:19:
                    d9:64:43:57:f6:66:c7:e7:1d:47:b2:75:93:19:07:
                    48:07:13:82:0f:87:fc:83:28:20:93:d9:36:ca:2c:
                    c0:84:0b:b8:2a:67:08:f4:96:bf:5f:8b:82:ad:5b:
                    04:81:8c:af:50:a3:c8:79:bf:d3:80:e1:4f:d0:bb:
                    9e:b7:ad:e3:31:8d:8b:28:87:f4:22:98:ad:4d:36:
                    57:d8:2d:21:31:93:10:4f:45:bd:62:80:c1:a9:33:
                    7b:e2:73:81:95:a4:09:0d:6f:0f:56:1d:12:6d:58:
                    ca:d7:cb:e5:53:d4:36:4e:0a:92:b9:ba:c6:03:4e:
                    f9:e1:2d:45:4b:bd:78:e7:c1:8b:1c:13:8a:15:3d:
                    85:41:24:26:85:cb:bd:cf:ef:cf:d1:99:ac:f8:89:
                    ce:ca:8a:53:a5:72:f9:c4:a1:c7:45:0a:15:62:f9:
                    a0:49:50:67:b8:64:19:33:35:b7:30:87:f0:40:af:
                    57:b4:46:f0:26:b1:f0:b4:40:a2:ed:84:c6:1e:79:
                    41:0c:41:8f:67:72:b5:7a:b2:90:78:e2:80:99:c5:
                    b6:87:ce:70:1f:cf:94:3e:8f:2e:37:1c:e6:c1:aa:
                    db:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:10:BD:98:2C:83:BD:B6:80:C5:D1:95:54:D9:02:A0:FE:80:72:AC
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:ce:82:02:c0:14:8a:b0:b9:4e:6a:43:38:88:a9:dc:0f:a7:
         4f:e9:ac:97:87:b6:86:5a:9a:54:d3:1f:2e:da:c0:8b:cb:d3:
         0a:48:98:aa:fa:a4:42:fc:fa:23:ca:6f:d9:f6:13:29:65:44:
         31:da:9f:77:60:dd:14:b9:b5:9b:54:56:40:5b:a8:c9:92:9d:
         d8:42:3b:18:bf:47:29:68:35:1d:44:88:0b:a6:a2:82:07:05:
         13:d6:a8:7e:b7:62:30:cb:dc:f0:f2:31:47:89:e3:77:3d:3b:
         83:cd:5f:2b:27:a6:d1:7e:18:17:11:ea:f5:5f:34:eb:7b:9e:
         61:22:c3:42:4a:d5:3e:8a:3c:9e:59:00:80:c9:4b:0e:ed:8f:
         dd:68:ba:36:a5:50:8f:d1:cc:e5:ad:2a:f8:7b:2a:86:83:46:
         f4:3d:9f:62:9b:85:a1:cb:2d:ed:40:55:11:61:36:df:7c:b2:
         8e:70:97:4a:47:78:9f:0b:93:a1:7a:4b:a2:98:3d:cf:f0:11:
         47:6d:df:bb:7f:78:13:6a:08:78:fb:5e:8b:7e:cf:39:a6:de:
         de:be:07:65:1d:89:89:dd:94:e1:02:65:31:34:6e:42:70:fe:
         94:e8:93:dd:d3:25:34:49:2f:b0:40:1f:96:09:b8:92:fe:df:
         d4:fb:cf:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeBMmaDzjb913FDr5d3B5f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjUwNjE4MDQwMDUzWhcNMjUwNjE5MDQwMDUzWjAzMTEwLwYDVQQD
EygyYzEwYmQ5ODJjODNiZGI2ODBjNWQxOTU1NGQ5MDJhMGZlODA3MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKKa4Po5I3PTJZehH9YRFpfgcac6
EOu8NlXWfxnZZENX9mbH5x1HsnWTGQdIBxOCD4f8gyggk9k2yizAhAu4KmcI9Ja/
X4uCrVsEgYyvUKPIeb/TgOFP0Luet63jMY2LKIf0IpitTTZX2C0hMZMQT0W9YoDB
qTN74nOBlaQJDW8PVh0SbVjK18vlU9Q2TgqSubrGA0754S1FS71458GLHBOKFT2F
QSQmhcu9z+/P0Zms+InOyopTpXL5xKHHRQoVYvmgSVBnuGQZMzW3MIfwQK9XtEbw
JrHwtECi7YTGHnlBDEGPZ3K1erKQeOKAmcW2h85wH8+UPo8uNxzmwarbuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwQvZgsg722gMXRlVTZAqD+gHKsMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvs6CAsAU
irC5TmpDOIip3A+nT+msl4e2hlqaVNMfLtrAi8vTCkiYqvqkQvz6I8pv2fYTKWVE
Mdqfd2DdFLm1m1RWQFuoyZKd2EI7GL9HKWg1HUSIC6aiggcFE9aofrdiMMvc8PIx
R4njdz07g81fKyem0X4YFxHq9V8063ueYSLDQkrVPoo8nlkAgMlLDu2P3Wi6NqVQ
j9HM5a0q+HsqhoNG9D2fYpuFocst7UBVEWE233yyjnCXSkd4nwuToXpLopg9z/AR
R23fu394E2oIePtei37POabe3r4HZR2Jid2U4QJlMTRuQnD+lOiT3dMlNEkvsEAf
lgm4kv7f1PvPTQ==
-----END CERTIFICATE-----