Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
File:                     3jCrARAqrvMOvUyJHAOAm6rQOeA.mft (raw, json)
Hash identifier:          k7VmrdgjWByRDAz4bMhkQTlsOXu059IEJJqcJfnaN10=
Subject key identifier:   F7:03:35:E0:6D:89:9D:CE:07:89:AA:96:DC:5B:74:B2:F1:78:43:9C
Authority key identifier: DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0
Certificate issuer:       /CN=de30ab01102aaef30ebd4c891c03809baad039e0
Certificate serial:       019922FAE8F6DDB9D6A253304A7BF315B54E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
Manifest number:          36
Signing time:             Sun 07 Sep 2025 07:01:32 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:32 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:32 +0000
Files and hashes:         1: 3jCrARAqrvMOvUyJHAOAm6rQOeA.crl (hash: QnuXD90u6C+Ho3l5It6zDkoTY5HI6AeKl07JgTH29Ns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:e8:f6:dd:b9:d6:a2:53:30:4a:7b:f3:15:b5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de30ab01102aaef30ebd4c891c03809baad039e0
        Validity
            Not Before: Sep  7 07:01:32 2025 GMT
            Not After : Sep  8 07:01:32 2025 GMT
        Subject: CN=f70335e06d899dce0789aa96dc5b74b2f178439c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8e:4c:bc:ec:48:1b:4f:1b:cb:90:24:9c:bd:
                    1c:0f:14:61:b1:3d:97:a4:77:45:7d:98:bc:ab:39:
                    f8:4c:2d:8b:e8:77:12:70:81:9e:fa:41:4a:23:3c:
                    31:cc:ce:51:12:2f:22:25:91:a7:09:4f:a4:e9:d6:
                    d7:2a:bb:35:a6:7c:21:46:56:3e:76:82:b4:81:c5:
                    9d:6a:85:0e:58:d4:b1:f5:61:08:ad:86:c2:df:16:
                    30:c4:5e:4a:e7:35:09:a1:2c:cd:d5:af:72:b2:57:
                    bd:bc:48:17:e2:83:c6:ab:17:d2:71:3e:a3:41:ef:
                    ea:5d:ae:8f:75:68:fa:b2:66:0b:7d:05:9d:fb:a1:
                    ba:d7:24:ef:7f:5e:b2:f4:24:78:92:40:a9:31:1b:
                    28:85:99:f3:10:7b:c4:1a:31:da:ec:65:20:d0:33:
                    de:b3:2e:f3:75:4e:80:99:d0:5c:f4:27:a6:83:69:
                    be:96:34:d1:be:26:05:87:60:4b:ee:c0:9c:df:30:
                    fb:05:0c:78:3d:8a:60:a9:4d:61:f5:78:43:5c:42:
                    9b:0b:b3:ec:a4:d9:6c:f2:57:3e:4d:42:3a:f8:b7:
                    1a:6d:7f:96:f7:51:b2:c7:94:e6:3d:ff:41:a6:f1:
                    26:35:20:14:32:bc:14:89:d5:a1:66:3a:48:6b:33:
                    5e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:03:35:E0:6D:89:9D:CE:07:89:AA:96:DC:5B:74:B2:F1:78:43:9C
            X509v3 Authority Key Identifier:
                keyid:DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:88:80:36:c7:ee:e1:9b:94:90:88:d1:ea:46:32:a3:c6:dd:
         1b:32:55:7e:74:6e:fe:3f:df:b5:55:56:68:dc:0a:2c:de:25:
         d9:c8:0d:4c:82:8e:36:d7:2f:9c:04:91:b9:2d:ba:00:40:08:
         1c:f0:62:30:8a:97:34:69:4a:1f:c7:1e:18:0f:ca:2d:43:5f:
         d4:c5:14:19:f9:ba:32:a4:72:15:41:2f:45:b2:b2:5c:33:b4:
         10:3c:30:d9:2c:9c:4a:c7:67:44:c9:c6:96:a3:6f:a2:7b:ff:
         57:08:d1:00:c2:a9:74:53:b1:d3:01:ef:3c:09:69:d8:b9:cf:
         3e:73:2d:92:b1:7d:79:d1:56:df:69:82:ad:b5:fb:59:ed:76:
         54:de:83:58:1e:93:a4:49:8c:5a:50:ff:3b:f9:b1:98:8e:f3:
         a6:6a:8d:cf:af:39:7d:1b:7a:d8:da:84:f7:05:ee:d8:4d:89:
         e2:25:b2:71:40:93:41:ee:70:66:d2:60:3d:26:5f:47:13:94:
         30:18:09:bf:79:fc:a7:26:b5:0d:d9:6c:2e:ec:dd:fb:6d:8e:
         5e:3d:69:e0:69:1c:6e:d2:ce:53:fa:b8:4a:68:70:ed:68:92:
         b7:a2:87:a9:7a:0b:d4:49:d5:97:4e:18:1d:b9:6d:9d:9d:f6:
         8c:fb:37:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+uj23bnWolMwSnvzFbVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzBhYjAxMTAyYWFlZjMwZWJkNGM4OTFjMDM4MDliYWFk
MDM5ZTAwHhcNMjUwOTA3MDcwMTMyWhcNMjUwOTA4MDcwMTMyWjAzMTEwLwYDVQQD
EyhmNzAzMzVlMDZkODk5ZGNlMDc4OWFhOTZkYzViNzRiMmYxNzg0MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo5MvOxIG08by5AknL0cDxRhsT2X
pHdFfZi8qzn4TC2L6HcScIGe+kFKIzwxzM5REi8iJZGnCU+k6dbXKrs1pnwhRlY+
doK0gcWdaoUOWNSx9WEIrYbC3xYwxF5K5zUJoSzN1a9ysle9vEgX4oPGqxfScT6j
Qe/qXa6PdWj6smYLfQWd+6G61yTvf16y9CR4kkCpMRsohZnzEHvEGjHa7GUg0DPe
sy7zdU6AmdBc9Cemg2m+ljTRviYFh2BL7sCc3zD7BQx4PYpgqU1h9XhDXEKbC7Ps
pNls8lc+TUI6+LcabX+W91Gyx5TmPf9BpvEmNSAUMrwUidWhZjpIazNeowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcDNeBtiZ3OB4mqltxbdLLxeEOcMB8GA1UdIwQY
MBaAFN4wqwEQKq7zDr1MiRwDgJuq0DngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAt
ZDQyNzY4Yzg0ZGY3LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAtZDQyNzY4Yzg0ZGY3
LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIiANsfu
4ZuUkIjR6kYyo8bdGzJVfnRu/j/ftVVWaNwKLN4l2cgNTIKONtcvnASRuS26AEAI
HPBiMIqXNGlKH8ceGA/KLUNf1MUUGfm6MqRyFUEvRbKyXDO0EDww2SycSsdnRMnG
lqNvonv/VwjRAMKpdFOx0wHvPAlp2LnPPnMtkrF9edFW32mCrbX7We12VN6DWB6T
pEmMWlD/O/mxmI7zpmqNz685fRt62NqE9wXu2E2J4iWycUCTQe5wZtJgPSZfRxOU
MBgJv3n8pya1DdlsLuzd+22OXj1p4GkcbtLOU/q4Smhw7WiSt6KHqXoL1EnVl04Y
HbltnZ32jPs3BA==
-----END CERTIFICATE-----