Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          DLiR0aG/w/P4iHPjqWuzRXdeGobIFSApGO4GKPuhavY=
Subject key identifier:   4D:D6:44:59:08:BA:30:30:B9:20:E6:11:09:78:06:F7:04:9D:BC:26
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       019923A05DAB76260A3A19DF4DDC77EBAC47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:02:16 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:16 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:16 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: An/joe0+8unw8UrwbXbOFxtSBtatFMBphIOdyLvCqMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:5d:ab:76:26:0a:3a:19:df:4d:dc:77:eb:ac:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Sep  7 10:02:16 2025 GMT
            Not After : Sep  8 10:02:16 2025 GMT
        Subject: CN=4dd6445908ba3030b920e611097806f7049dbc26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6d:c6:28:0a:ac:2f:2f:29:4a:f7:f3:14:4c:
                    83:92:b7:77:e3:48:6d:57:72:dd:fe:a6:07:e9:38:
                    f2:a2:80:be:b0:35:5d:66:51:48:64:09:99:f2:07:
                    ce:b4:d2:61:e7:29:79:b6:5a:c7:54:cb:1b:f6:6f:
                    5b:dd:9d:75:5f:fd:e2:48:d8:e6:f7:03:f3:76:99:
                    d1:c7:4f:fa:e5:b4:51:b9:c6:09:0d:a0:b3:7d:66:
                    78:3b:f2:49:fb:e1:84:59:3e:20:83:b0:26:21:44:
                    e7:e0:c4:48:6c:39:e1:20:e4:e7:3a:11:8f:a6:40:
                    d4:f3:2a:bf:f3:92:16:a5:f7:f0:d3:d5:79:9e:c9:
                    2b:7e:2d:4e:27:29:0d:43:a6:e0:74:22:72:1d:92:
                    2e:0e:18:e5:9b:b9:c4:8e:67:09:31:54:f6:7c:9d:
                    a5:dd:6c:37:44:f2:44:09:2e:dd:a2:ef:e7:3c:94:
                    99:37:61:3b:83:d1:4e:d6:7c:fd:0c:81:89:9d:a2:
                    1d:dc:a6:42:f6:46:04:e1:be:c3:7c:45:f0:39:c9:
                    fc:4e:19:f7:dc:d2:45:62:0c:b3:3b:c3:db:7b:d6:
                    12:ca:7e:57:58:68:f3:ef:98:7a:99:08:ee:a9:90:
                    2e:de:e8:b9:09:48:7b:e0:d8:08:a5:d7:99:80:c3:
                    eb:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:D6:44:59:08:BA:30:30:B9:20:E6:11:09:78:06:F7:04:9D:BC:26
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:94:94:c8:db:89:3e:f5:3c:dd:21:43:43:58:4a:18:16:c3:
         a4:bb:fa:de:10:30:fc:f2:b0:7c:3a:bd:93:7d:66:0d:87:5d:
         ee:d2:c8:77:b2:c7:97:4b:f5:94:a7:eb:c1:27:ed:ca:e8:5b:
         99:ab:72:d6:9f:41:7f:d4:c2:e2:f1:d9:5e:5a:c5:51:79:49:
         b9:b0:0a:04:32:5a:29:24:bb:d0:c6:29:6d:42:23:d4:7d:f3:
         60:f0:98:a1:ef:aa:44:da:7a:bb:45:af:76:cf:1a:4a:22:57:
         7e:b3:39:ed:44:28:40:79:7d:6c:af:94:e1:e9:95:29:23:ed:
         01:9f:de:0c:8e:24:e5:47:55:be:09:58:98:05:02:5b:66:b8:
         36:7d:34:35:e8:07:11:88:0f:1b:79:38:10:95:aa:02:1f:ae:
         80:bc:57:59:14:fa:16:69:27:16:52:c5:cd:5d:34:84:86:75:
         6f:4a:b1:ff:b9:ca:fb:fb:f6:c2:b4:78:56:0c:ca:f7:09:5c:
         85:7b:18:0d:2f:1a:3d:d7:04:5b:7a:8f:4b:fa:74:46:7c:5e:
         19:eb:e9:f8:54:85:2f:5d:2d:ab:b7:47:4f:e1:00:46:02:a2:
         96:4c:5b:11:ff:c5:27:3b:3b:c5:55:ef:74:02:1e:49:e7:ce:
         3e:2b:28:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoF2rdiYKOhnfTdx366xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjUwOTA3MTAwMjE2WhcNMjUwOTA4MTAwMjE2WjAzMTEwLwYDVQQD
Eyg0ZGQ2NDQ1OTA4YmEzMDMwYjkyMGU2MTEwOTc4MDZmNzA0OWRiYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm3GKAqsLy8pSvfzFEyDkrd340ht
V3Ld/qYH6TjyooC+sDVdZlFIZAmZ8gfOtNJh5yl5tlrHVMsb9m9b3Z11X/3iSNjm
9wPzdpnRx0/65bRRucYJDaCzfWZ4O/JJ++GEWT4gg7AmIUTn4MRIbDnhIOTnOhGP
pkDU8yq/85IWpffw09V5nskrfi1OJykNQ6bgdCJyHZIuDhjlm7nEjmcJMVT2fJ2l
3Ww3RPJECS7dou/nPJSZN2E7g9FO1nz9DIGJnaId3KZC9kYE4b7DfEXwOcn8Thn3
3NJFYgyzO8Pbe9YSyn5XWGjz75h6mQjuqZAu3ui5CUh74NgIpdeZgMPrmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3WRFkIujAwuSDmEQl4BvcEnbwmMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOpSUyNuJ
PvU83SFDQ1hKGBbDpLv63hAw/PKwfDq9k31mDYdd7tLId7LHl0v1lKfrwSftyuhb
maty1p9Bf9TC4vHZXlrFUXlJubAKBDJaKSS70MYpbUIj1H3zYPCYoe+qRNp6u0Wv
ds8aSiJXfrM57UQoQHl9bK+U4emVKSPtAZ/eDI4k5UdVvglYmAUCW2a4Nn00NegH
EYgPG3k4EJWqAh+ugLxXWRT6FmknFlLFzV00hIZ1b0qx/7nK+/v2wrR4VgzK9wlc
hXsYDS8aPdcEW3qPS/p0RnxeGevp+FSFL10tq7dHT+EARgKilkxbEf/FJzs7xVXv
dAIeSefOPisoNA==
-----END CERTIFICATE-----