Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
File:                     Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json)
Hash identifier:          LI4ISjFxPdNfo2VdMGu70PVEGhL12TxHmW18Zjzg6Lo=
Subject key identifier:   4B:71:98:88:6E:18:A2:2F:57:5E:8A:04:1B:A1:89:02:39:49:F2:DF
Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F
Certificate issuer:       /CN=6773703eb4eab367ab9de91a2ac41ee32014030f
Certificate serial:       019923A035ECD55DE5BF17EB1BCC3E20550F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
Manifest number:          093A
Signing time:             Sun 07 Sep 2025 10:02:06 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:06 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:06 +0000
Files and hashes:         1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: ivtS2ynEBjn9dwz7PyynT/OcBb9CRnWiWX8epORvxmA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:35:ec:d5:5d:e5:bf:17:eb:1b:cc:3e:20:55:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f
        Validity
            Not Before: Sep  7 10:02:06 2025 GMT
            Not After : Sep  8 10:02:06 2025 GMT
        Subject: CN=4b7198886e18a22f575e8a041ba189023949f2df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a1:38:3f:c7:d0:76:3e:74:1f:8e:f4:c0:71:
                    55:78:52:97:3c:00:bb:52:94:25:69:88:06:f5:a0:
                    30:10:40:31:eb:d8:ae:2e:76:c8:a4:ed:5b:5f:c7:
                    89:b4:bf:6d:e2:d0:aa:27:3b:70:e7:23:d7:ba:52:
                    0a:3c:10:69:59:3a:38:63:98:30:8b:70:11:89:7c:
                    e7:99:c2:47:30:6d:ad:b3:7a:70:ca:39:dd:e6:9c:
                    53:f0:7f:25:20:35:17:c0:cc:b0:16:4f:00:44:b2:
                    52:ce:3c:0a:29:f7:6c:e3:d9:19:7c:3d:d2:56:69:
                    57:11:72:cf:e9:1d:97:97:44:77:f2:5d:88:16:ff:
                    37:c3:43:9f:70:97:72:9b:97:77:70:31:2e:99:a1:
                    0f:58:20:e1:02:50:6f:b5:93:35:70:3e:98:87:f9:
                    c4:1e:e9:ce:2c:1a:5e:3a:10:57:e2:92:77:4a:d5:
                    f3:bc:51:a5:38:79:e0:e7:34:ef:f7:d8:83:bc:b6:
                    d4:cd:42:1e:63:d6:a5:53:66:d4:aa:4a:17:12:c5:
                    e3:64:93:8d:5f:e5:ff:36:2f:7b:1e:d3:05:53:ac:
                    ed:3e:ac:b7:3e:86:ef:9b:4e:ba:40:e9:ff:c1:47:
                    a1:69:15:59:68:c1:ac:78:59:e4:ca:08:d3:16:9e:
                    b0:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:71:98:88:6E:18:A2:2F:57:5E:8A:04:1B:A1:89:02:39:49:F2:DF
            X509v3 Authority Key Identifier:
                keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:26:06:ae:52:a3:cb:48:5e:b8:01:14:89:d4:45:b5:d3:89:
         b0:04:a2:fb:b1:f3:27:c1:c0:35:a6:e9:5d:bc:8c:ca:d2:3c:
         84:18:d0:f5:25:92:5c:fc:c8:63:48:56:d6:ef:a8:49:ad:5e:
         40:d0:e3:c9:f5:4c:97:62:b0:7d:4f:f3:3b:25:fd:e2:6f:f3:
         1f:c0:09:a2:7e:66:57:ed:ff:9e:81:73:b7:df:68:7a:95:30:
         3f:3f:ae:66:35:e0:b2:c6:cf:2e:25:2e:21:d0:11:e1:66:52:
         6f:a3:4f:2c:40:a2:18:91:ab:61:37:9e:0c:e0:24:d9:64:12:
         97:b2:0b:e8:d9:b2:d4:d2:51:b1:c1:c8:df:42:52:5a:d6:4c:
         a1:f2:b9:14:a3:1e:b7:89:89:3a:17:d0:f2:9b:f1:a4:c4:9a:
         10:3c:d9:ee:8d:4b:dd:00:ff:b5:65:4f:85:49:60:13:67:b3:
         5b:77:65:4d:28:fe:63:07:8f:ef:f0:98:ea:01:7b:ce:d0:c0:
         b0:9b:d6:01:83:52:1d:23:c2:35:d6:cc:d9:a5:c1:40:c9:79:
         a8:b5:ac:ca:65:69:c2:47:66:9c:0c:d2:06:46:43:83:41:4b:
         ce:a9:99:f3:d7:95:8a:b0:d8:b9:8e:06:49:d8:47:c0:2c:af:
         c8:c5:50:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoDXs1V3lvxfrG8w+IFUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx
NDAzMGYwHhcNMjUwOTA3MTAwMjA2WhcNMjUwOTA4MTAwMjA2WjAzMTEwLwYDVQQD
Eyg0YjcxOTg4ODZlMThhMjJmNTc1ZThhMDQxYmExODkwMjM5NDlmMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqE4P8fQdj50H470wHFVeFKXPAC7
UpQlaYgG9aAwEEAx69iuLnbIpO1bX8eJtL9t4tCqJztw5yPXulIKPBBpWTo4Y5gw
i3ARiXznmcJHMG2ts3pwyjnd5pxT8H8lIDUXwMywFk8ARLJSzjwKKfds49kZfD3S
VmlXEXLP6R2Xl0R38l2IFv83w0OfcJdym5d3cDEumaEPWCDhAlBvtZM1cD6Yh/nE
HunOLBpeOhBX4pJ3StXzvFGlOHng5zTv99iDvLbUzUIeY9alU2bUqkoXEsXjZJON
X+X/Ni97HtMFU6ztPqy3Pobvm066QOn/wUehaRVZaMGseFnkygjTFp6wFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtxmIhuGKIvV16KBBuhiQI5SfLfMB8GA1UdIwQY
MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt
NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5
LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWiYGrlKj
y0heuAEUidRFtdOJsASi+7HzJ8HANabpXbyMytI8hBjQ9SWSXPzIY0hW1u+oSa1e
QNDjyfVMl2KwfU/zOyX94m/zH8AJon5mV+3/noFzt99oepUwPz+uZjXgssbPLiUu
IdAR4WZSb6NPLECiGJGrYTeeDOAk2WQSl7IL6Nmy1NJRscHI30JSWtZMofK5FKMe
t4mJOhfQ8pvxpMSaEDzZ7o1L3QD/tWVPhUlgE2ezW3dlTSj+YweP7/CY6gF7ztDA
sJvWAYNSHSPCNdbM2aXBQMl5qLWsymVpwkdmnAzSBkZDg0FLzqmZ89eVirDYuY4G
SdhHwCyvyMVQdw==
-----END CERTIFICATE-----