Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          M3VgzP7npVa9VkllRs1j82AHJ117Iu/XFCmVKkwUYo4=
Subject key identifier:   73:1E:FA:0B:92:41:CA:A6:1F:D6:E3:28:74:8E:F4:11:71:65:DF:94
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019923A0CB336B85B64CDACA508A8767A061
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          093E
Signing time:             Sun 07 Sep 2025 10:02:44 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:44 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:44 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: TfvI80D/mo84Nem4XTYN/6X9+rvYkTD51g8UXTYXZk4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:cb:33:6b:85:b6:4c:da:ca:50:8a:87:67:a0:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Sep  7 10:02:44 2025 GMT
            Not After : Sep  8 10:02:44 2025 GMT
        Subject: CN=731efa0b9241caa61fd6e328748ef4117165df94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:84:85:d8:f2:c6:cd:b7:a9:29:9d:5d:00:c7:
                    1b:69:b8:b4:af:1b:83:81:8b:2b:37:b5:18:6d:10:
                    22:5a:e9:7b:61:1c:10:db:9d:31:19:3f:35:65:c7:
                    15:3c:64:cb:fe:6b:40:55:9b:d4:cc:6d:c5:c0:b9:
                    1a:40:94:70:01:78:1f:4c:f2:91:43:2e:2e:ad:65:
                    64:a5:d7:a4:b2:19:c4:de:14:4c:bc:d7:68:2f:ca:
                    2b:3d:33:08:60:c2:31:a5:c3:24:ca:b6:b6:b5:e3:
                    80:b0:cb:47:c4:cb:b2:4f:82:4f:82:f6:ee:33:78:
                    cb:ca:48:df:37:94:d2:4b:e7:e1:04:44:72:fd:62:
                    45:af:77:07:14:59:33:91:15:20:5c:e5:53:4e:fd:
                    b6:19:75:ee:b4:6e:9c:9f:84:1c:6a:e0:81:ba:f7:
                    a0:b3:15:df:2d:27:5e:2a:ac:a9:88:e0:22:fb:aa:
                    c9:38:13:2f:26:6e:3d:fb:7d:77:dc:66:a6:d3:52:
                    28:4b:dd:a5:2e:20:6d:b9:49:e4:a3:73:11:f2:12:
                    1e:33:0e:e6:e4:51:00:68:e7:07:d6:77:40:9b:59:
                    1f:b6:af:7e:69:f9:2d:fe:fa:4f:0c:6a:21:ea:eb:
                    89:67:f1:07:31:42:ca:38:f0:5a:73:ed:86:6a:82:
                    6d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:1E:FA:0B:92:41:CA:A6:1F:D6:E3:28:74:8E:F4:11:71:65:DF:94
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:8e:22:1a:f2:7b:34:8a:1a:57:8e:75:a1:0b:51:a7:d6:44:
         40:2e:74:a8:04:c6:dd:89:ef:d3:91:3e:63:b3:93:67:a4:c8:
         57:a2:b1:ec:4d:fa:a0:61:4d:52:60:9b:dd:80:78:87:fb:1d:
         c7:24:66:6e:96:56:50:d7:1c:44:58:cc:6a:90:03:e5:51:d3:
         27:0d:52:2a:cb:84:e4:e7:f9:d9:c5:3b:5c:5d:19:ca:b5:3a:
         5e:d3:ea:d8:f2:59:96:49:57:99:b4:73:d4:70:5c:41:90:11:
         c9:79:8c:fc:2e:47:ec:dc:c7:8e:17:e1:dc:8b:61:e3:cd:7d:
         90:9b:e7:c5:3a:74:ab:b4:79:81:6f:bd:09:7f:03:52:af:7f:
         d9:31:4b:d5:d7:43:5e:17:5b:69:e5:f5:f4:ad:d9:f2:18:4c:
         9b:db:de:af:98:2a:81:6d:9c:4f:6d:52:e7:4b:f0:54:da:fe:
         31:08:63:14:ed:4e:1e:97:c2:a3:90:5f:70:e7:af:42:b8:93:
         2f:1e:65:a4:56:f0:4a:ca:0d:29:ec:0e:25:8d:e5:1b:f0:d0:
         2c:3e:58:f7:94:14:93:5c:8f:5f:f4:c3:5a:08:b1:fa:9f:ac:
         07:e0:14:0c:f6:0f:29:3a:38:ba:55:73:d7:00:93:79:a7:dd:
         41:76:58:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoMsza4W2TNrKUIqHZ6BhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUwOTA3MTAwMjQ0WhcNMjUwOTA4MTAwMjQ0WjAzMTEwLwYDVQQD
Eyg3MzFlZmEwYjkyNDFjYWE2MWZkNmUzMjg3NDhlZjQxMTcxNjVkZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4SF2PLGzbepKZ1dAMcbabi0rxuD
gYsrN7UYbRAiWul7YRwQ250xGT81ZccVPGTL/mtAVZvUzG3FwLkaQJRwAXgfTPKR
Qy4urWVkpdekshnE3hRMvNdoL8orPTMIYMIxpcMkyra2teOAsMtHxMuyT4JPgvbu
M3jLykjfN5TSS+fhBERy/WJFr3cHFFkzkRUgXOVTTv22GXXutG6cn4QcauCBuveg
sxXfLSdeKqypiOAi+6rJOBMvJm49+3133Gam01IoS92lLiBtuUnko3MR8hIeMw7m
5FEAaOcH1ndAm1kftq9+afkt/vpPDGoh6uuJZ/EHMULKOPBac+2GaoJt6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMe+guSQcqmH9bjKHSO9BFxZd+UMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEY4iGvJ7
NIoaV451oQtRp9ZEQC50qATG3Ynv05E+Y7OTZ6TIV6Kx7E36oGFNUmCb3YB4h/sd
xyRmbpZWUNccRFjMapAD5VHTJw1SKsuE5Of52cU7XF0ZyrU6XtPq2PJZlklXmbRz
1HBcQZARyXmM/C5H7NzHjhfh3Ith4819kJvnxTp0q7R5gW+9CX8DUq9/2TFL1ddD
XhdbaeX19K3Z8hhMm9ver5gqgW2cT21S50vwVNr+MQhjFO1OHpfCo5BfcOevQriT
Lx5lpFbwSsoNKewOJY3lG/DQLD5Y95QUk1yPX/TDWgix+p+sB+AUDPYPKTo4ulVz
1wCTeafdQXZYtQ==
-----END CERTIFICATE-----