Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
File:                     PnpcKTN0JfqBOVVRcmyMK35MUIc.mft (raw, json)
Hash identifier:          7jALO5Co/Py7rjcci/wk5XAQ7AgRHvUeG6X8kzGT+2w=
Subject key identifier:   FA:B2:9A:EF:D5:91:04:EE:BC:75:F7:3C:5E:70:E3:76:D1:18:CF:D1
Authority key identifier: 3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
Certificate issuer:       /CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Certificate serial:       0199221ECC5AA236D62C8892DA8D05D31E32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
Manifest number:          03B9
Signing time:             Sun 07 Sep 2025 03:01:07 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:07 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:07 +0000
Files and hashes:         1: PnpcKTN0JfqBOVVRcmyMK35MUIc.crl (hash: U/dsnB4Ok44gqJmnfYDOu1RwunOXmnkNlEwFrfgblT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:cc:5a:a2:36:d6:2c:88:92:da:8d:05:d3:1e:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
        Validity
            Not Before: Sep  7 03:01:07 2025 GMT
            Not After : Sep  8 03:01:07 2025 GMT
        Subject: CN=fab29aefd59104eebc75f73c5e70e376d118cfd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0b:85:1e:75:39:2f:fb:33:2f:07:be:f0:bf:
                    db:42:2b:c5:c7:14:c5:21:5e:7a:25:e5:f1:3f:98:
                    72:c2:94:e1:c7:1a:3c:67:6f:28:42:e8:22:2c:61:
                    bd:85:eb:3a:a3:4f:06:3e:22:fe:2e:7e:e1:21:a8:
                    a6:9a:96:56:8f:7c:32:49:27:e9:21:11:ca:c9:c1:
                    15:53:00:25:50:6f:f9:8b:dc:97:a7:eb:29:72:79:
                    59:c8:ca:21:4c:a0:46:08:13:34:64:25:f5:20:96:
                    cb:71:e1:88:ca:e2:58:a8:94:19:cf:10:63:d5:fd:
                    a7:cb:6b:5f:7c:4b:82:36:ac:33:24:c5:6b:be:4f:
                    91:52:3e:0d:4b:a9:63:86:51:76:55:30:2d:01:47:
                    80:a7:83:c8:fd:3b:20:47:7e:e7:48:97:f1:fe:76:
                    a3:09:ed:4f:d7:2b:b7:0d:1f:6e:4e:1f:e4:23:91:
                    fc:95:cd:1c:92:0a:ee:d9:0a:9b:84:eb:08:de:b4:
                    aa:8e:fc:1c:3d:0e:bb:5f:a7:80:53:9e:ce:2e:90:
                    71:60:bf:29:bc:9b:49:d3:85:03:4e:c6:1c:b4:0c:
                    35:32:c5:a8:ca:49:66:c4:dd:f9:f7:cf:86:a6:9f:
                    ba:af:4d:83:ed:77:0c:35:01:38:26:c6:bf:01:da:
                    b0:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B2:9A:EF:D5:91:04:EE:BC:75:F7:3C:5E:70:E3:76:D1:18:CF:D1
            X509v3 Authority Key Identifier:
                keyid:3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:0b:48:50:e2:44:07:0c:61:0f:33:f5:45:45:74:6d:67:e2:
         d5:e9:8e:17:40:69:07:05:af:5a:0d:3c:20:aa:12:d7:ff:30:
         d2:c4:7a:d9:cf:6a:70:4e:b9:b0:95:e6:5e:3b:4a:3a:ec:01:
         1a:28:f3:31:03:b9:f8:99:d6:21:c0:14:ad:64:db:37:3a:ec:
         07:7f:72:0c:28:63:ee:b7:b7:7d:43:5c:59:7c:49:7a:ef:f0:
         d9:98:32:a2:f8:82:d5:7b:6c:37:c8:17:9a:54:33:e2:2d:2e:
         7c:f0:5f:46:18:a8:11:cc:c1:04:e1:bb:2f:f8:a4:66:4a:60:
         8e:c4:20:b4:ba:00:55:a8:96:50:0d:72:86:c9:0a:97:0f:18:
         38:75:15:c1:47:49:bb:47:b7:ac:d1:a2:16:55:2b:8e:f9:6c:
         ce:b0:8b:93:c6:86:55:37:ab:5d:67:50:ae:e5:2a:1c:1e:09:
         10:b2:1b:23:19:70:44:6f:be:9c:b0:98:7c:b0:04:73:15:77:
         c6:54:65:12:19:d2:d3:7e:e3:d6:1d:72:f2:cd:5b:25:32:34:
         3c:83:2b:5f:8c:e0:ce:c1:99:69:4c:26:4b:93:13:90:e2:e1:
         79:04:99:e5:9f:79:e6:21:28:ab:a4:22:e5:a0:e2:26:69:47:
         41:67:e3:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHsxaojbWLIiS2o0F0x4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2E1YzI5MzM3NDI1ZmE4MTM5NTU1MTcyNmM4YzJiN2U0
YzUwODcwHhcNMjUwOTA3MDMwMTA3WhcNMjUwOTA4MDMwMTA3WjAzMTEwLwYDVQQD
EyhmYWIyOWFlZmQ1OTEwNGVlYmM3NWY3M2M1ZTcwZTM3NmQxMThjZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQuFHnU5L/szLwe+8L/bQivFxxTF
IV56JeXxP5hywpThxxo8Z28oQugiLGG9hes6o08GPiL+Ln7hIaimmpZWj3wySSfp
IRHKycEVUwAlUG/5i9yXp+spcnlZyMohTKBGCBM0ZCX1IJbLceGIyuJYqJQZzxBj
1f2ny2tffEuCNqwzJMVrvk+RUj4NS6ljhlF2VTAtAUeAp4PI/TsgR37nSJfx/naj
Ce1P1yu3DR9uTh/kI5H8lc0ckgru2QqbhOsI3rSqjvwcPQ67X6eAU57OLpBxYL8p
vJtJ04UDTsYctAw1MsWoyklmxN3598+Gpp+6r02D7XcMNQE4Jsa/Adqw0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqymu/VkQTuvHX3PF5w43bRGM/RMB8GA1UdIwQY
MBaAFD56XCkzdCX6gTlVUXJsjCt+TFCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQt
Y2FhMzI5MTgxOTY0LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQtY2FhMzI5MTgxOTY0
LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsAtIUOJE
BwxhDzP1RUV0bWfi1emOF0BpBwWvWg08IKoS1/8w0sR62c9qcE65sJXmXjtKOuwB
GijzMQO5+JnWIcAUrWTbNzrsB39yDChj7re3fUNcWXxJeu/w2ZgyoviC1XtsN8gX
mlQz4i0ufPBfRhioEczBBOG7L/ikZkpgjsQgtLoAVaiWUA1yhskKlw8YOHUVwUdJ
u0e3rNGiFlUrjvlszrCLk8aGVTerXWdQruUqHB4JELIbIxlwRG++nLCYfLAEcxV3
xlRlEhnS037j1h1y8s1bJTI0PIMrX4zgzsGZaUwmS5MTkOLheQSZ5Z955iEoq6Qi
5aDiJmlHQWfjbQ==
-----END CERTIFICATE-----