Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          dm2JtqKNHVUAzDn8Dxwf1BGVZOoBalxyWz3ElUYv89U=
Subject key identifier:   BC:B4:80:72:B0:EB:5B:D6:B7:9D:4E:C1:F8:C7:49:2F:73:35:01:6A
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019873E382054BEA4F113596C0C8F3B4FCF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          1612
Signing time:             Mon 04 Aug 2025 07:02:26 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:26 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:26 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: 8ZV/BBa0ercNRsBdB2hVl0QRw+vc3a9kuAsFRi4VvmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:82:05:4b:ea:4f:11:35:96:c0:c8:f3:b4:fc:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Aug  4 07:02:26 2025 GMT
            Not After : Aug  5 07:02:26 2025 GMT
        Subject: CN=bcb48072b0eb5bd6b79d4ec1f8c7492f7335016a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:89:b5:1a:1e:67:75:30:5c:1d:fe:16:52:54:
                    0d:72:8d:ce:46:f5:1e:d5:14:7b:85:8f:c2:44:07:
                    ac:15:bf:7f:ec:1d:ff:03:1c:4c:18:3c:cc:63:d2:
                    d1:d7:97:ef:f9:fd:93:4b:04:18:c0:0f:0b:be:5c:
                    23:ae:d7:23:c5:f9:89:5d:f0:08:39:e3:fb:f1:e4:
                    7c:76:23:65:18:47:cd:6f:50:f2:86:28:1f:16:a7:
                    91:7a:5b:cf:a9:54:36:51:45:13:35:b4:56:b5:22:
                    25:de:59:30:9a:e9:d8:48:26:83:7f:a5:b2:c5:e8:
                    20:f7:16:a9:6f:39:6f:b5:14:b6:a8:39:8b:d9:0b:
                    4b:b6:ab:9f:5d:ba:4d:6f:2b:b4:86:99:a9:3d:90:
                    10:36:a0:b3:cd:fd:06:fe:6e:69:77:fc:4c:57:7a:
                    72:b7:a1:7e:29:a3:8b:ef:eb:bc:d8:ec:00:00:7e:
                    ec:bb:5b:67:b8:84:ab:31:18:94:bd:27:8f:81:cf:
                    34:26:09:18:cb:4f:0f:ac:be:e1:11:ae:e1:76:56:
                    43:fa:25:c8:73:e2:3f:33:56:91:99:0a:82:14:b9:
                    d8:f2:e6:62:af:ed:14:b4:64:76:51:b5:b7:87:a5:
                    ba:b5:b0:74:05:ac:54:09:30:53:c4:55:10:67:e3:
                    3a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:B4:80:72:B0:EB:5B:D6:B7:9D:4E:C1:F8:C7:49:2F:73:35:01:6A
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:24:4b:4b:8c:50:5d:8c:e9:b2:93:91:2f:f0:1a:24:89:b1:
         20:e5:51:f1:34:2e:e3:b8:8f:4e:33:13:73:95:e8:19:95:07:
         d2:0a:eb:65:d2:ed:46:d4:8f:3f:c8:82:dd:ce:73:a4:37:0d:
         63:b1:a5:b7:d4:7c:9b:aa:45:7d:45:5b:bc:74:6f:05:46:79:
         c1:05:22:e8:4e:c4:f2:25:78:6a:fd:2e:0e:d4:88:af:d6:1b:
         03:49:c8:7d:69:7d:e9:52:3d:29:c2:06:38:81:5a:0c:9c:ec:
         ee:3f:c4:5b:de:0d:13:57:4a:de:bd:10:0d:5f:6c:fd:17:17:
         8a:40:68:1e:d2:b2:f4:94:73:8f:0e:87:4a:b9:52:02:98:70:
         92:2d:95:35:61:d4:58:5a:f2:d2:08:c8:fe:f0:7e:86:45:4a:
         92:31:88:c7:e2:fc:22:5b:f5:a4:d4:05:f1:dd:00:f8:0c:f9:
         21:b7:43:31:2d:68:b3:a2:3d:f2:c9:cf:ea:42:6f:f4:31:68:
         c5:49:27:27:3f:a7:ac:48:2e:a8:df:88:1f:5c:37:65:66:98:
         da:e7:bd:7a:ea:95:64:43:00:6b:8f:1f:83:a7:1b:9b:52:af:
         57:3a:2a:26:bd:e5:1e:8f:22:60:db:05:46:98:5e:45:e6:2a:
         0a:82:9c:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz44IFS+pPETWWwMjztPz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUwODA0MDcwMjI2WhcNMjUwODA1MDcwMjI2WjAzMTEwLwYDVQQD
EyhiY2I0ODA3MmIwZWI1YmQ2Yjc5ZDRlYzFmOGM3NDkyZjczMzUwMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsom1Gh5ndTBcHf4WUlQNco3ORvUe
1RR7hY/CRAesFb9/7B3/AxxMGDzMY9LR15fv+f2TSwQYwA8LvlwjrtcjxfmJXfAI
OeP78eR8diNlGEfNb1DyhigfFqeRelvPqVQ2UUUTNbRWtSIl3lkwmunYSCaDf6Wy
xegg9xapbzlvtRS2qDmL2QtLtqufXbpNbyu0hpmpPZAQNqCzzf0G/m5pd/xMV3py
t6F+KaOL7+u82OwAAH7su1tnuISrMRiUvSePgc80JgkYy08PrL7hEa7hdlZD+iXI
c+I/M1aRmQqCFLnY8uZir+0UtGR2UbW3h6W6tbB0BaxUCTBTxFUQZ+M6VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLy0gHKw61vWt51OwfjHSS9zNQFqMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGCRLS4xQ
XYzpspORL/AaJImxIOVR8TQu47iPTjMTc5XoGZUH0grrZdLtRtSPP8iC3c5zpDcN
Y7Glt9R8m6pFfUVbvHRvBUZ5wQUi6E7E8iV4av0uDtSIr9YbA0nIfWl96VI9KcIG
OIFaDJzs7j/EW94NE1dK3r0QDV9s/RcXikBoHtKy9JRzjw6HSrlSAphwki2VNWHU
WFry0gjI/vB+hkVKkjGIx+L8Ilv1pNQF8d0A+Az5IbdDMS1os6I98snP6kJv9DFo
xUknJz+nrEguqN+IH1w3ZWaY2ue9euqVZEMAa48fg6cbm1KvVzoqJr3lHo8iYNsF
RpheReYqCoKc8A==
-----END CERTIFICATE-----