Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
File:                     cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft (raw, json)
Hash identifier:          7pok43BoAi5WVC4pCdAXqOcK0+8xW/RMW7kLP1/scLQ=
Subject key identifier:   AA:3C:75:F6:23:EA:19:02:A7:D3:0C:F9:36:C0:3C:B2:E2:E1:73:00
Authority key identifier: 72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6
Certificate issuer:       /CN=726f9448a910d2574157a30403f46c1172aeedb6
Certificate serial:       019922FAA6B6F2176C4CE87AF808B8BB4C49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 07:01:15 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:15 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:15 +0000
Files and hashes:         1: cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl (hash: EHKHxUoeJErCcVSRWRnn0yrUuFlxzzpDa6YjA8wz6HA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:a6:b6:f2:17:6c:4c:e8:7a:f8:08:b8:bb:4c:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=726f9448a910d2574157a30403f46c1172aeedb6
        Validity
            Not Before: Sep  7 07:01:15 2025 GMT
            Not After : Sep  8 07:01:15 2025 GMT
        Subject: CN=aa3c75f623ea1902a7d30cf936c03cb2e2e17300
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:34:f8:7b:eb:ca:ec:df:b5:37:81:9d:ff:44:
                    37:e4:96:c0:b1:a3:21:18:4c:4a:f9:ec:ed:27:56:
                    e5:cf:eb:da:36:dc:94:92:fb:07:70:88:4b:82:63:
                    51:f5:b8:f4:d4:2e:10:63:fd:1a:0a:c2:f7:8d:78:
                    5c:d5:90:b1:23:06:3e:65:70:d6:7c:d9:8e:d3:60:
                    7f:7f:e9:ab:a1:07:ae:b0:9c:d6:7e:43:89:2a:2e:
                    06:a4:c8:40:e2:49:3d:ca:00:06:07:29:a0:0a:b3:
                    20:86:e7:ab:80:68:50:3d:5e:80:55:1e:7c:48:48:
                    24:3b:de:6a:84:3d:b1:b1:82:10:9a:a9:0a:6b:7e:
                    33:31:5e:1c:96:c0:ff:05:14:b4:c4:c0:c4:c5:f9:
                    04:ba:3d:4f:05:cc:df:6b:34:d8:89:82:b4:39:e6:
                    21:15:37:e8:d9:d9:7f:1a:65:7e:96:b1:d7:74:6a:
                    fb:32:9e:71:95:7f:07:81:f2:5a:99:b6:3c:8f:db:
                    c3:c3:44:64:80:07:02:ae:34:a5:68:bc:0b:84:51:
                    41:fb:d5:ac:9e:fa:a3:c5:f2:77:d2:5f:9d:49:f7:
                    b7:1a:fe:3a:b7:c8:a0:62:b1:8b:95:e4:9f:91:69:
                    eb:53:0a:bd:e4:02:f4:f9:0b:b7:c4:84:28:75:e3:
                    f5:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:3C:75:F6:23:EA:19:02:A7:D3:0C:F9:36:C0:3C:B2:E2:E1:73:00
            X509v3 Authority Key Identifier:
                keyid:72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:7f:ff:3f:a5:a7:a2:57:cc:36:77:cd:95:7a:4d:59:9c:68:
         ef:5d:bf:48:1e:c2:e8:5e:01:f8:5f:07:46:12:c1:fb:99:09:
         16:41:c6:e1:51:a4:b1:f8:12:63:2d:6c:30:b8:f0:1c:54:d4:
         72:65:b2:a4:a3:53:e3:cd:a0:fd:d9:ee:0a:2f:2c:c2:53:f1:
         51:46:e9:43:a1:78:8d:1a:ed:62:2e:68:be:e9:78:66:62:e7:
         e3:9e:6b:fe:21:07:07:2f:60:b8:b6:a0:97:3c:d9:61:90:b1:
         0b:75:8a:19:28:f6:0a:af:3e:9f:b2:d7:d1:be:c2:f7:48:fa:
         99:2a:ab:47:38:aa:b2:41:1c:37:22:8e:52:f9:d7:17:4d:30:
         b8:f1:ed:a4:bb:16:fa:af:6a:09:ef:73:4f:1e:e2:b7:28:f2:
         e8:01:50:0d:90:d5:85:87:20:19:e9:62:7e:e9:7e:5f:90:73:
         b3:0a:50:62:cc:b9:ad:d0:46:3e:1e:d8:3b:d0:d5:b3:dc:c6:
         7e:00:02:7a:33:12:2f:10:ac:12:9d:02:50:19:ea:c4:5f:b8:
         80:54:8c:87:11:22:84:09:3f:91:9b:2f:cb:1b:26:5c:93:23:
         34:3b:c0:aa:f9:59:27:4f:16:f9:9f:c3:b4:50:e0:bb:57:1f:
         4b:8c:f4:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+qa28hdsTOh6+Ai4u0xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNmY5NDQ4YTkxMGQyNTc0MTU3YTMwNDAzZjQ2YzExNzJh
ZWVkYjYwHhcNMjUwOTA3MDcwMTE1WhcNMjUwOTA4MDcwMTE1WjAzMTEwLwYDVQQD
EyhhYTNjNzVmNjIzZWExOTAyYTdkMzBjZjkzNmMwM2NiMmUyZTE3MzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTT4e+vK7N+1N4Gd/0Q35JbAsaMh
GExK+eztJ1blz+vaNtyUkvsHcIhLgmNR9bj01C4QY/0aCsL3jXhc1ZCxIwY+ZXDW
fNmO02B/f+mroQeusJzWfkOJKi4GpMhA4kk9ygAGBymgCrMghuergGhQPV6AVR58
SEgkO95qhD2xsYIQmqkKa34zMV4clsD/BRS0xMDExfkEuj1PBczfazTYiYK0OeYh
FTfo2dl/GmV+lrHXdGr7Mp5xlX8HgfJambY8j9vDw0RkgAcCrjSlaLwLhFFB+9Ws
nvqjxfJ30l+dSfe3Gv46t8igYrGLleSfkWnrUwq95AL0+Qu3xIQodeP1yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKo8dfYj6hkCp9MM+TbAPLLi4XMAMB8GA1UdIwQY
MBaAFHJvlEipENJXQVejBAP0bBFyru22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYt
NjZiMTQxMTk0ZmQyLzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYtNjZiMTQxMTk0ZmQy
LzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC3//P6Wn
olfMNnfNlXpNWZxo712/SB7C6F4B+F8HRhLB+5kJFkHG4VGksfgSYy1sMLjwHFTU
cmWypKNT482g/dnuCi8swlPxUUbpQ6F4jRrtYi5ovul4ZmLn455r/iEHBy9guLag
lzzZYZCxC3WKGSj2Cq8+n7LX0b7C90j6mSqrRziqskEcNyKOUvnXF00wuPHtpLsW
+q9qCe9zTx7ityjy6AFQDZDVhYcgGeliful+X5BzswpQYsy5rdBGPh7YO9DVs9zG
fgACejMSLxCsEp0CUBnqxF+4gFSMhxEihAk/kZsvyxsmXJMjNDvAqvlZJ08W+Z/D
tFDgu1cfS4z07g==
-----END CERTIFICATE-----