Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          2xhyRgjrdqevW5Pt/dme705w93EOf1wNGLEy6H/BE64=
Subject key identifier:   F5:74:87:F7:AD:55:B0:68:58:0D:52:0A:22:79:10:5F:4A:CB:0E:26
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       0199225596AF274CD6F31BDA860FDC3BD10E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0A43
Signing time:             Sun 07 Sep 2025 04:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:58 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: c4QFVW8ZrsFPTxW7lHaOv+emKb6oVY22oNCWrmXpO/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:96:af:27:4c:d6:f3:1b:da:86:0f:dc:3b:d1:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Sep  7 04:00:58 2025 GMT
            Not After : Sep  8 04:00:58 2025 GMT
        Subject: CN=f57487f7ad55b068580d520a2279105f4acb0e26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d3:b1:8d:d5:f7:ab:50:f4:ed:92:2a:00:80:
                    bb:95:39:82:ea:ce:a5:47:00:68:b6:ae:ce:9b:33:
                    2c:13:8d:27:eb:da:43:55:45:dc:3d:18:48:44:f5:
                    95:ff:4c:73:81:ef:c8:c5:c9:ed:10:2b:21:4e:9d:
                    9c:70:fd:85:71:45:5b:53:10:ce:8b:45:04:f3:65:
                    31:ff:0a:5b:6c:f4:88:26:0d:c9:dc:0f:1e:af:17:
                    ac:39:30:f6:56:66:f3:dc:17:47:47:82:e7:22:3a:
                    b0:1a:3f:8d:01:76:91:8d:7d:c8:d4:b3:65:5f:1a:
                    10:59:bb:b9:6a:33:88:68:a6:11:c1:d8:1c:46:c8:
                    75:c7:5a:f6:35:a0:b7:33:2e:be:75:b5:2f:d0:b3:
                    30:49:c2:ff:d2:69:22:09:2a:d2:e9:7e:07:f8:d4:
                    15:0c:f0:bb:49:07:da:b5:ef:2d:36:c9:a9:8a:1e:
                    2e:bb:49:b3:9a:fc:1c:6c:0a:7c:35:1b:6c:81:4a:
                    08:5b:7b:33:ea:d2:f7:df:f2:69:a6:75:b7:98:2f:
                    77:16:54:21:b5:f5:02:4b:5f:87:ee:b1:5b:79:b8:
                    f3:c3:a6:79:98:14:4a:1b:eb:94:35:63:4f:8e:26:
                    ce:ba:b8:33:52:a8:53:31:07:7a:89:c0:e5:e9:b3:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:74:87:F7:AD:55:B0:68:58:0D:52:0A:22:79:10:5F:4A:CB:0E:26
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:81:41:f5:c2:73:28:c1:6f:c9:8d:17:23:96:d1:d1:f0:5c:
         ee:7c:39:d6:02:0a:f1:21:7e:f2:d3:8a:bb:0d:cc:0e:12:e2:
         61:55:ec:fd:b5:d1:5e:33:f2:cd:eb:38:68:55:1b:8b:9f:d3:
         dd:bd:4a:d3:fd:da:0b:aa:9a:9c:57:9d:8a:cb:c9:45:80:00:
         81:c9:19:8e:bb:36:5c:c5:c8:b6:6d:4e:09:0f:0e:1a:e2:f4:
         a8:e9:10:b0:fc:be:ea:e2:04:26:7d:da:67:e7:c0:04:4d:b5:
         27:2b:0a:c5:16:0e:6f:a9:04:08:39:f1:3c:d2:0e:01:66:68:
         b4:40:b6:ca:2b:02:59:38:1a:03:88:21:aa:b7:bd:2e:25:38:
         f7:a6:af:29:51:2b:9b:7a:56:5e:71:95:d6:27:4e:8a:3a:76:
         b4:9b:2b:29:67:5b:b5:50:21:80:e9:88:a0:de:7d:4d:4f:38:
         c6:f6:68:64:87:ba:e7:11:af:07:e4:b7:58:c0:5b:fa:54:a5:
         0d:7b:39:2b:d5:91:5c:e9:3a:a9:18:f1:0b:1d:0d:24:5b:ae:
         ab:77:1a:bf:02:1a:2a:df:60:1e:7d:78:c3:08:f7:96:5a:da:
         d6:f7:b9:6e:88:4c:82:63:ef:07:6c:17:da:ba:22:eb:9a:f3:
         30:8a:62:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVZavJ0zW8xvahg/cO9EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUwOTA3MDQwMDU4WhcNMjUwOTA4MDQwMDU4WjAzMTEwLwYDVQQD
EyhmNTc0ODdmN2FkNTViMDY4NTgwZDUyMGEyMjc5MTA1ZjRhY2IwZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9OxjdX3q1D07ZIqAIC7lTmC6s6l
RwBotq7OmzMsE40n69pDVUXcPRhIRPWV/0xzge/IxcntECshTp2ccP2FcUVbUxDO
i0UE82Ux/wpbbPSIJg3J3A8erxesOTD2Vmbz3BdHR4LnIjqwGj+NAXaRjX3I1LNl
XxoQWbu5ajOIaKYRwdgcRsh1x1r2NaC3My6+dbUv0LMwScL/0mkiCSrS6X4H+NQV
DPC7SQfate8tNsmpih4uu0mzmvwcbAp8NRtsgUoIW3sz6tL33/JppnW3mC93FlQh
tfUCS1+H7rFbebjzw6Z5mBRKG+uUNWNPjibOurgzUqhTMQd6icDl6bNFoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPV0h/etVbBoWA1SCiJ5EF9Kyw4mMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4FB9cJz
KMFvyY0XI5bR0fBc7nw51gIK8SF+8tOKuw3MDhLiYVXs/bXRXjPyzes4aFUbi5/T
3b1K0/3aC6qanFedisvJRYAAgckZjrs2XMXItm1OCQ8OGuL0qOkQsPy+6uIEJn3a
Z+fABE21JysKxRYOb6kECDnxPNIOAWZotEC2yisCWTgaA4ghqre9LiU496avKVEr
m3pWXnGV1idOijp2tJsrKWdbtVAhgOmIoN59TU84xvZoZIe65xGvB+S3WMBb+lSl
DXs5K9WRXOk6qRjxCx0NJFuuq3cavwIaKt9gHn14wwj3llra1ve5bohMgmPvB2wX
2roi65rzMIpilQ==
-----END CERTIFICATE-----