Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          cuwHOg1rZa30x6sxA6gLhcrcFH29WKrXCcM1IaBBBuY=
Subject key identifier:   7F:85:0C:EE:4A:AD:9D:19:80:41:70:39:82:1D:59:ED:EA:B3:FA:7B
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019922FAEEC390088D7442130BF1663233E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          137E
Signing time:             Sun 07 Sep 2025 07:01:34 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:34 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:34 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: aZPN4+PZhZbHLkYyYEv/T4NlHwsw3K74pmGgkHrilZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:ee:c3:90:08:8d:74:42:13:0b:f1:66:32:33:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Sep  7 07:01:34 2025 GMT
            Not After : Sep  8 07:01:34 2025 GMT
        Subject: CN=7f850cee4aad9d1980417039821d59edeab3fa7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:aa:40:8f:fb:aa:c8:ea:80:bb:69:47:74:70:
                    47:97:38:2f:65:7d:83:4b:d6:e1:6d:73:6d:5b:35:
                    22:bc:a6:34:ad:32:87:06:d7:a9:ff:04:e9:49:e2:
                    e4:1c:f0:10:31:4e:53:c8:ff:fa:b8:25:ac:85:6f:
                    ae:d9:86:7e:de:cf:39:73:fe:ef:97:cc:f5:56:fe:
                    80:99:db:07:78:eb:07:16:59:dc:c4:36:52:15:56:
                    27:99:b0:13:b3:48:74:95:b8:7e:07:cf:dd:b3:8b:
                    79:24:48:62:f1:e9:ab:fe:e9:42:5b:b9:af:11:66:
                    e5:a4:74:4e:bc:35:23:16:bb:3c:c1:14:86:90:d3:
                    97:90:d5:67:44:68:49:75:5a:13:79:9e:03:4e:66:
                    6d:f8:39:f9:19:88:24:3c:74:33:b6:48:2f:23:da:
                    96:a9:c6:1a:74:30:95:89:7c:bc:30:0c:20:37:42:
                    f3:0c:c3:7f:87:6c:62:6f:08:5e:18:24:e5:36:de:
                    1c:96:69:75:71:2d:af:a2:a9:e9:ad:5d:5a:15:a2:
                    da:a5:57:8c:9a:48:44:46:32:74:56:ac:2a:99:95:
                    76:4e:ec:e9:60:cb:a0:6e:b7:a8:9f:db:f4:ef:45:
                    4e:cb:50:57:31:89:63:03:43:84:87:b2:67:08:b3:
                    4f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:85:0C:EE:4A:AD:9D:19:80:41:70:39:82:1D:59:ED:EA:B3:FA:7B
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:1a:a3:1c:71:d3:b2:b4:91:d8:9a:aa:11:de:6c:88:a4:42:
         8d:c6:bf:06:25:31:59:b5:13:2a:dd:1b:72:ca:ae:30:c2:6f:
         78:2b:47:39:e4:ea:fe:7c:4c:99:0d:c3:63:c5:67:67:b0:b7:
         9d:1d:19:4f:45:e9:73:92:6c:f8:80:e9:03:a2:0d:95:fc:7a:
         cb:9a:b2:32:77:0e:83:9f:e9:91:06:64:f6:74:d9:80:8b:87:
         4f:67:a0:a9:0b:f4:a3:67:1d:db:0e:c1:19:7c:d3:3f:f3:f6:
         8d:a5:63:ad:b0:66:17:4c:41:86:13:05:f0:07:00:4e:68:10:
         b3:fe:b7:92:2c:1e:c6:45:e5:99:d4:03:03:28:d9:65:ac:fd:
         88:2d:d1:a2:89:57:6e:20:0c:05:cc:03:89:10:fa:b9:f8:0a:
         f6:1e:f2:a6:ed:0b:53:42:cd:fb:97:20:cf:67:ba:e4:e0:a2:
         ee:6c:50:49:05:3b:33:05:d3:9f:80:60:c8:c0:40:05:8e:7c:
         ad:d4:90:27:ae:92:fd:2f:c2:92:52:e2:93:57:06:dd:23:8a:
         64:92:c3:8f:e4:10:49:bf:6e:f2:8d:cf:89:d6:af:cc:7f:87:
         f8:55:e0:cd:7c:18:62:2c:bd:cb:34:1c:9c:2c:4f:90:a6:a0:
         25:af:c3:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+u7DkAiNdEITC/FmMjPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjUwOTA3MDcwMTM0WhcNMjUwOTA4MDcwMTM0WjAzMTEwLwYDVQQD
Eyg3Zjg1MGNlZTRhYWQ5ZDE5ODA0MTcwMzk4MjFkNTllZGVhYjNmYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuapAj/uqyOqAu2lHdHBHlzgvZX2D
S9bhbXNtWzUivKY0rTKHBtep/wTpSeLkHPAQMU5TyP/6uCWshW+u2YZ+3s85c/7v
l8z1Vv6AmdsHeOsHFlncxDZSFVYnmbATs0h0lbh+B8/ds4t5JEhi8emr/ulCW7mv
EWblpHROvDUjFrs8wRSGkNOXkNVnRGhJdVoTeZ4DTmZt+Dn5GYgkPHQztkgvI9qW
qcYadDCViXy8MAwgN0LzDMN/h2xibwheGCTlNt4clml1cS2voqnprV1aFaLapVeM
mkhERjJ0VqwqmZV2TuzpYMugbreon9v070VOy1BXMYljA0OEh7JnCLNPyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+FDO5KrZ0ZgEFwOYIdWe3qs/p7MB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHxqjHHHT
srSR2JqqEd5siKRCjca/BiUxWbUTKt0bcsquMMJveCtHOeTq/nxMmQ3DY8VnZ7C3
nR0ZT0Xpc5Js+IDpA6INlfx6y5qyMncOg5/pkQZk9nTZgIuHT2egqQv0o2cd2w7B
GXzTP/P2jaVjrbBmF0xBhhMF8AcATmgQs/63kiwexkXlmdQDAyjZZaz9iC3RoolX
biAMBcwDiRD6ufgK9h7ypu0LU0LN+5cgz2e65OCi7mxQSQU7MwXTn4BgyMBABY58
rdSQJ66S/S/CklLik1cG3SOKZJLDj+QQSb9u8o3PidavzH+H+FXgzXwYYiy9yzQc
nCxPkKagJa/DAQ==
-----END CERTIFICATE-----