Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
File:                     T03F1MB2_YQmOrcubxe1_0rLhEg.mft (raw, json)
Hash identifier:          7ZNbkhsmOZR27uoIscnWOrUV460sGJ/D9I5HC2bz0Sw=
Subject key identifier:   07:F3:7A:23:57:5D:24:DA:AF:55:72:1D:5B:57:EC:7D:3D:D8:CB:24
Authority key identifier: 4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48
Certificate issuer:       /CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
Certificate serial:       01992367C4B567C5B1D3944C6F2A4B862600
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
Manifest number:          098F
Signing time:             Sun 07 Sep 2025 09:00:27 +0000
Manifest this update:     Sun 07 Sep 2025 09:00:27 +0000
Manifest next update:     Mon 08 Sep 2025 09:00:27 +0000
Files and hashes:         1: T03F1MB2_YQmOrcubxe1_0rLhEg.crl (hash: qdpGp8g88L9GMHEWtbJmjWoC59ELxU6cKmvPcvdj9hQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:67:c4:b5:67:c5:b1:d3:94:4c:6f:2a:4b:86:26:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
        Validity
            Not Before: Sep  7 09:00:27 2025 GMT
            Not After : Sep  8 09:00:27 2025 GMT
        Subject: CN=07f37a23575d24daaf55721d5b57ec7d3dd8cb24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c7:50:b4:98:d5:5f:b5:67:7f:49:36:3d:de:
                    5a:4e:c8:36:c3:41:72:6e:f8:46:90:1b:c5:78:df:
                    29:81:a3:7e:16:38:e5:90:ca:fa:49:9a:37:52:46:
                    ed:d7:97:89:22:57:9b:91:93:a3:da:3f:7f:e7:cd:
                    41:cc:d7:97:2d:a6:30:5f:4c:a3:a1:d3:03:6e:31:
                    4c:d7:e2:9f:e5:4b:2c:75:68:ca:b4:0e:7a:ac:51:
                    48:03:69:64:e2:e9:7f:b9:53:1d:d7:75:9e:c6:14:
                    7e:45:28:c4:3e:62:5d:b3:e0:e5:3e:d1:a7:82:ba:
                    82:74:0c:13:b6:fd:ff:99:02:95:91:dd:ad:50:e3:
                    a0:ed:fb:38:5a:be:a8:7c:8f:4f:f0:74:bc:83:2d:
                    fe:b2:8d:9f:c0:3c:2f:45:de:7e:15:f6:64:ac:ee:
                    5c:26:cc:f4:c3:ac:22:da:cb:0c:c3:bd:8c:e2:58:
                    c4:bb:84:1a:b0:c5:18:3e:02:db:e8:dd:cf:77:a2:
                    e4:8c:56:d5:c4:7f:06:d5:05:0e:79:b9:64:43:db:
                    8c:bd:4b:2e:6c:50:d6:8c:f9:4e:c4:45:1e:1a:c3:
                    86:c8:c4:5a:ec:98:cf:39:34:13:a8:0e:d5:1c:12:
                    32:c5:9d:b3:79:a8:6d:c9:95:93:f6:f2:e8:32:c8:
                    4d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F3:7A:23:57:5D:24:DA:AF:55:72:1D:5B:57:EC:7D:3D:D8:CB:24
            X509v3 Authority Key Identifier:
                keyid:4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e9:d4:33:b4:cd:a4:5a:73:47:02:cf:17:d6:cc:2d:80:e7:db:
         a8:3f:b3:c5:63:53:06:3f:74:36:43:99:99:a1:5c:9e:6a:52:
         f2:62:59:09:ca:77:80:8d:b5:a4:18:96:b2:06:6d:c6:ed:81:
         79:aa:38:12:93:ef:60:fa:9a:ce:ba:0a:17:72:6e:57:4d:09:
         8d:19:fe:f0:28:29:d9:14:ca:5f:6c:4f:45:6a:cc:8b:40:04:
         81:59:71:86:14:07:77:93:0a:09:45:f8:d2:00:a5:bb:b2:fc:
         1f:c6:e5:a5:70:a8:c0:50:fb:8f:40:b7:cb:32:80:55:36:5e:
         ea:a8:fb:99:8b:8f:10:a9:c9:3e:73:d4:10:d6:08:9f:0e:9a:
         7b:e3:20:e0:97:35:10:29:92:c3:26:2f:21:86:6c:f3:d6:87:
         d0:b7:80:09:9b:27:35:10:62:df:18:99:fa:9f:be:9c:bd:d9:
         20:67:4a:4a:f0:05:2c:75:b9:0e:ab:a9:dc:c7:97:c0:ee:8e:
         eb:ad:69:75:44:da:8e:c9:7d:f2:88:e8:c3:e1:3a:12:23:1d:
         ec:89:b6:c6:da:4e:61:88:49:36:fc:56:46:1f:c0:5b:6e:e2:
         e3:ac:00:dc:d2:3b:fd:ed:aa:26:de:72:02:80:9c:f0:86:58:
         26:d2:de:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjZ8S1Z8Wx05RMbypLhiYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGRjNWQ0YzA3NmZkODQyNjNhYjcyZTZmMTdiNWZmNGFj
Yjg0NDgwHhcNMjUwOTA3MDkwMDI3WhcNMjUwOTA4MDkwMDI3WjAzMTEwLwYDVQQD
EygwN2YzN2EyMzU3NWQyNGRhYWY1NTcyMWQ1YjU3ZWM3ZDNkZDhjYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcdQtJjVX7Vnf0k2Pd5aTsg2w0Fy
bvhGkBvFeN8pgaN+FjjlkMr6SZo3Ukbt15eJIlebkZOj2j9/581BzNeXLaYwX0yj
odMDbjFM1+Kf5UssdWjKtA56rFFIA2lk4ul/uVMd13WexhR+RSjEPmJds+DlPtGn
grqCdAwTtv3/mQKVkd2tUOOg7fs4Wr6ofI9P8HS8gy3+so2fwDwvRd5+FfZkrO5c
Jsz0w6wi2ssMw72M4ljEu4QasMUYPgLb6N3Pd6LkjFbVxH8G1QUOeblkQ9uMvUsu
bFDWjPlOxEUeGsOGyMRa7JjPOTQTqA7VHBIyxZ2zeahtyZWT9vLoMshNOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfzeiNXXSTar1VyHVtX7H092MskMB8GA1UdIwQY
MBaAFE9NxdTAdv2EJjq3Lm8Xtf9Ky4RIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUt
ZmE5NmJkZDJmZmEzLzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUtZmE5NmJkZDJmZmEz
LzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6dQztM2k
WnNHAs8X1swtgOfbqD+zxWNTBj90NkOZmaFcnmpS8mJZCcp3gI21pBiWsgZtxu2B
eao4EpPvYPqazroKF3JuV00JjRn+8Cgp2RTKX2xPRWrMi0AEgVlxhhQHd5MKCUX4
0gClu7L8H8blpXCowFD7j0C3yzKAVTZe6qj7mYuPEKnJPnPUENYInw6ae+Mg4Jc1
ECmSwyYvIYZs89aH0LeACZsnNRBi3xiZ+p++nL3ZIGdKSvAFLHW5Dqup3MeXwO6O
661pdUTajsl98ojow+E6EiMd7Im2xtpOYYhJNvxWRh/AW27i46wA3NI7/e2qJt5y
AoCc8IZYJtLegg==
-----END CERTIFICATE-----