Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          VwJ+RXTm57+PwOieo50PulsAGcwAyooEs/1lPosLbcQ=
Subject key identifier:   3F:A0:B4:4A:D1:F8:4B:27:DD:49:43:5F:B8:7D:4C:FA:24:8C:01:FE
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       0199239FB35F8DEEFE878E54121DAA556E3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          1673
Signing time:             Sun 07 Sep 2025 10:01:32 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:32 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:32 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: 27+Jg9AlLE2HEk+5bQ1m9YiAPbQz7RXS9D9SMKWe6Ro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:b3:5f:8d:ee:fe:87:8e:54:12:1d:aa:55:6e:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Sep  7 10:01:32 2025 GMT
            Not After : Sep  8 10:01:32 2025 GMT
        Subject: CN=3fa0b44ad1f84b27dd49435fb87d4cfa248c01fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:19:43:bf:cc:8d:17:06:54:bc:dd:ab:39:23:
                    26:c9:31:e2:8c:14:45:8d:7c:f2:34:d2:86:d7:ca:
                    66:7e:64:e4:0b:e2:ab:f6:c5:34:b9:3e:88:57:7b:
                    f7:eb:96:26:d2:c4:c0:dd:d5:80:bb:14:24:fa:d7:
                    49:1f:b0:19:04:3e:e6:3f:ac:8a:1d:0c:ef:0c:25:
                    4b:0a:69:7d:32:ab:b6:5f:4c:3f:99:7a:1e:76:ac:
                    76:18:2a:3c:52:a7:1a:b2:1d:f1:b6:f1:92:d4:4b:
                    60:c0:4d:0a:01:39:4e:06:6d:de:ce:d7:cc:02:29:
                    09:92:97:02:c7:c4:44:50:08:9c:3b:f7:1d:2b:45:
                    fd:83:33:31:9c:2e:06:e7:25:97:8f:4b:18:d2:bc:
                    2f:d9:36:75:db:bd:fd:e1:d5:90:81:6a:b7:09:25:
                    17:d7:e3:39:49:06:07:83:e9:09:73:a9:38:69:db:
                    b3:d6:70:6f:4b:90:ea:a6:91:9a:e5:5e:20:19:27:
                    b7:94:b3:00:11:dd:50:0d:f4:9f:7c:b6:59:a3:be:
                    82:79:02:f1:7b:35:a8:b3:28:26:2d:d6:59:ae:23:
                    7f:94:2b:51:f4:f0:7f:5a:c0:ad:ae:ad:23:76:ee:
                    80:7d:eb:c6:c9:44:48:2d:79:d3:eb:46:7f:53:8a:
                    a9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A0:B4:4A:D1:F8:4B:27:DD:49:43:5F:B8:7D:4C:FA:24:8C:01:FE
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:12:97:b7:e4:cf:2f:e4:f6:52:95:3d:a3:19:a6:51:84:af:
         63:cb:35:78:d5:0b:a6:50:93:83:8f:59:b8:ae:7d:71:20:6f:
         bb:86:5c:14:52:9c:99:19:b1:c2:38:7c:a6:73:f5:22:ed:43:
         30:65:10:2d:65:63:cd:73:b9:bd:7e:0b:73:19:e2:05:fb:de:
         77:dc:46:8d:c0:d7:ca:bb:40:29:df:4a:27:fc:87:dd:62:d9:
         44:8b:4b:a9:b1:06:2b:14:f5:6e:b1:df:9c:e9:88:06:7e:c3:
         32:15:a7:c6:be:d0:ba:08:56:65:ef:e3:bf:28:ef:1c:59:d4:
         da:07:87:0c:80:65:ed:20:8e:95:ff:fb:76:73:49:e7:12:a3:
         48:4f:93:0d:9e:50:89:af:da:7c:63:6a:db:7d:73:17:1d:70:
         46:9e:d3:ec:56:78:43:14:d9:2c:85:f2:db:74:65:e7:65:04:
         4d:44:93:69:01:b1:3e:27:eb:83:a8:0e:df:01:c2:59:e9:38:
         76:33:07:de:a9:23:d7:d1:d9:cb:3b:32:e5:af:73:2b:67:2c:
         05:4b:9c:52:f2:29:4c:c9:3d:26:b3:87:64:73:f0:82:44:b2:
         82:cd:bb:9f:b4:22:69:e4:8e:f1:d9:47:95:ef:f7:1e:39:7e:
         e7:3f:88:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn7Nfje7+h45UEh2qVW4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjUwOTA3MTAwMTMyWhcNMjUwOTA4MTAwMTMyWjAzMTEwLwYDVQQD
EygzZmEwYjQ0YWQxZjg0YjI3ZGQ0OTQzNWZiODdkNGNmYTI0OGMwMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxlDv8yNFwZUvN2rOSMmyTHijBRF
jXzyNNKG18pmfmTkC+Kr9sU0uT6IV3v365Ym0sTA3dWAuxQk+tdJH7AZBD7mP6yK
HQzvDCVLCml9Mqu2X0w/mXoedqx2GCo8Uqcash3xtvGS1EtgwE0KATlOBm3eztfM
AikJkpcCx8REUAicO/cdK0X9gzMxnC4G5yWXj0sY0rwv2TZ127394dWQgWq3CSUX
1+M5SQYHg+kJc6k4aduz1nBvS5DqppGa5V4gGSe3lLMAEd1QDfSffLZZo76CeQLx
ezWosygmLdZZriN/lCtR9PB/WsCtrq0jdu6AfevGyURILXnT60Z/U4qpvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+gtErR+Esn3UlDX7h9TPokjAH+MB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhKXt+TP
L+T2UpU9oxmmUYSvY8s1eNULplCTg49ZuK59cSBvu4ZcFFKcmRmxwjh8pnP1Iu1D
MGUQLWVjzXO5vX4LcxniBfved9xGjcDXyrtAKd9KJ/yH3WLZRItLqbEGKxT1brHf
nOmIBn7DMhWnxr7QughWZe/jvyjvHFnU2geHDIBl7SCOlf/7dnNJ5xKjSE+TDZ5Q
ia/afGNq231zFx1wRp7T7FZ4QxTZLIXy23Rl52UETUSTaQGxPifrg6gO3wHCWek4
djMH3qkj19HZyzsy5a9zK2csBUucUvIpTMk9JrOHZHPwgkSygs27n7QiaeSO8dlH
le/3Hjl+5z+Isw==
-----END CERTIFICATE-----