Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          DM3at8tHoJxeyIimAY27pax0xQN+PiBO7LEgEpKoTC8=
Subject key identifier:   B9:86:8E:15:B0:E3:C3:E1:66:63:3B:EB:53:42:B0:62:2C:16:21:F3
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       0198974A100316E3F65806CD377CEECEB94B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          15B7
Signing time:             Mon 11 Aug 2025 04:01:09 +0000
Manifest this update:     Mon 11 Aug 2025 04:01:09 +0000
Manifest next update:     Tue 12 Aug 2025 04:01:09 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: 3+Tjps3eXE/q0A6oxXl/xeiJ3xWziwsPK09PHqqKx14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:4a:10:03:16:e3:f6:58:06:cd:37:7c:ee:ce:b9:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Aug 11 04:01:09 2025 GMT
            Not After : Aug 12 04:01:09 2025 GMT
        Subject: CN=b9868e15b0e3c3e166633beb5342b0622c1621f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a8:80:a0:83:f4:f6:ac:89:43:77:ee:ab:1f:
                    a2:f4:45:7a:f8:63:e8:3b:42:de:a0:eb:9d:35:f3:
                    55:76:27:b9:4e:99:d7:08:83:ec:bc:2b:f1:c0:9b:
                    05:bb:b8:cd:8e:e1:72:66:18:80:9d:6b:d8:1c:ce:
                    01:37:e1:fc:de:1e:12:f6:2f:fc:bc:22:fe:5e:4c:
                    9c:db:be:33:16:46:b4:f6:99:f1:10:30:42:0d:bf:
                    cd:1a:19:8d:ed:d7:d9:b3:11:fb:9f:39:bc:10:6c:
                    24:8c:88:44:32:87:29:64:6c:9f:ca:be:b3:5f:40:
                    85:e2:9b:4a:16:63:42:1d:fc:d6:dd:dd:46:f8:57:
                    5f:f0:d3:f5:64:48:b9:eb:86:c9:fd:df:82:58:c9:
                    c7:c9:26:c0:bd:d3:73:af:f1:51:e9:2e:f2:f6:a4:
                    68:6e:49:c0:09:3d:31:1e:86:ac:3b:a2:a9:69:9f:
                    78:68:ed:04:3a:95:a3:73:33:13:39:dd:9c:61:8d:
                    46:5e:f3:eb:a7:98:54:01:4c:c6:3c:e2:91:76:38:
                    4a:56:9f:7f:f5:b7:6a:d6:c7:77:50:6b:7b:a0:72:
                    8a:f0:fb:2c:97:09:de:bb:de:db:8e:57:4b:c9:08:
                    9f:53:ed:80:65:8a:f6:cc:19:1a:33:1c:dd:8d:ae:
                    ad:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:86:8E:15:B0:E3:C3:E1:66:63:3B:EB:53:42:B0:62:2C:16:21:F3
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:42:67:ff:cb:e3:9b:10:ef:12:91:4d:24:ee:d0:26:f2:b0:
         8a:50:74:8f:c7:38:a8:7c:72:b3:e1:d4:1d:11:f3:52:c8:b7:
         5f:2f:4c:e1:98:73:8d:73:8e:42:96:bc:1e:5e:42:4f:47:ae:
         79:23:a1:3c:90:a8:4c:21:86:47:4a:32:24:7f:2d:15:30:76:
         bb:0e:97:90:95:8d:0b:89:5c:27:66:6c:cf:d7:a3:65:bd:57:
         da:cc:e1:a8:28:9a:57:6d:bf:12:36:14:00:4c:58:ee:10:c5:
         40:5a:e6:fe:02:d1:8e:89:2a:4d:c3:2d:01:73:57:be:f7:7f:
         9e:3d:fc:7d:87:5f:96:5b:01:41:2a:41:06:bc:a7:ea:b4:47:
         01:5c:57:95:a1:04:14:c0:ed:4a:c9:23:98:9e:76:4a:1f:37:
         d2:63:f4:9c:df:0e:c3:73:89:3c:6a:a6:52:f9:0f:f6:42:d2:
         f8:89:e2:25:49:20:2e:77:57:60:95:41:d2:3d:a7:39:45:63:
         9d:d1:66:22:c0:6e:37:d4:95:71:fc:6f:d8:98:94:58:6d:bb:
         1c:ad:da:b2:27:ae:b2:9d:2f:ca:25:65:2b:e8:6f:bf:79:9f:
         96:9b:27:6b:c0:a3:93:70:b9:e4:1e:ff:aa:0f:a0:35:17:f0:
         9d:53:af:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXShADFuP2WAbNN3zuzrlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjUwODExMDQwMTA5WhcNMjUwODEyMDQwMTA5WjAzMTEwLwYDVQQD
EyhiOTg2OGUxNWIwZTNjM2UxNjY2MzNiZWI1MzQyYjA2MjJjMTYyMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKiAoIP09qyJQ3fuqx+i9EV6+GPo
O0LeoOudNfNVdie5TpnXCIPsvCvxwJsFu7jNjuFyZhiAnWvYHM4BN+H83h4S9i/8
vCL+Xkyc274zFka09pnxEDBCDb/NGhmN7dfZsxH7nzm8EGwkjIhEMocpZGyfyr6z
X0CF4ptKFmNCHfzW3d1G+Fdf8NP1ZEi564bJ/d+CWMnHySbAvdNzr/FR6S7y9qRo
bknACT0xHoasO6KpaZ94aO0EOpWjczMTOd2cYY1GXvPrp5hUAUzGPOKRdjhKVp9/
9bdq1sd3UGt7oHKK8Psslwneu97bjldLyQifU+2AZYr2zBkaMxzdja6t3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmGjhWw48PhZmM761NCsGIsFiHzMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0Jn/8vj
mxDvEpFNJO7QJvKwilB0j8c4qHxys+HUHRHzUsi3Xy9M4ZhzjXOOQpa8Hl5CT0eu
eSOhPJCoTCGGR0oyJH8tFTB2uw6XkJWNC4lcJ2Zsz9ejZb1X2szhqCiaV22/EjYU
AExY7hDFQFrm/gLRjokqTcMtAXNXvvd/nj38fYdfllsBQSpBBryn6rRHAVxXlaEE
FMDtSskjmJ52Sh830mP0nN8Ow3OJPGqmUvkP9kLS+IniJUkgLndXYJVB0j2nOUVj
ndFmIsBuN9SVcfxv2JiUWG27HK3asieusp0vyiVlK+hvv3mflpsna8Cjk3C55B7/
qg+gNRfwnVOvGQ==
-----END CERTIFICATE-----