Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          cVdwrPKMLi9rmZf5GHJBiviCh2PViGWDQ9pjKP4nNUg=
Subject key identifier:   A6:98:AF:05:B1:D6:B9:71:99:B5:B6:2A:F1:53:D8:A5:A4:1F:42:00
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019A7225D9335C5F54C6F26188DB149E8BB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0AC9
Signing time:             Tue 11 Nov 2025 09:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:14 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: IA9eim4Do9qO9V17bxLTZjYm6EmWH/0KPPLE8Eudbtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:d9:33:5c:5f:54:c6:f2:61:88:db:14:9e:8b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Nov 11 09:01:14 2025 GMT
            Not After : Nov 12 09:01:14 2025 GMT
        Subject: CN=a698af05b1d6b97199b5b62af153d8a5a41f4200
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:14:d1:a6:96:1d:93:0d:01:dc:b6:7c:6b:51:
                    05:08:dd:8d:ad:51:5b:f2:6a:0e:72:34:26:1c:60:
                    66:de:a6:1a:0d:43:72:67:3b:ef:6a:54:10:ad:d1:
                    bd:ac:24:96:73:9f:b9:cb:87:4b:8e:67:9b:5e:86:
                    f6:41:5b:ae:62:68:d8:82:df:94:17:33:eb:47:78:
                    f7:36:05:03:63:dd:04:f1:8a:a0:67:ee:f2:80:a3:
                    68:e8:7d:e2:c7:09:4e:e3:b5:2d:73:70:b6:50:68:
                    01:43:2d:7b:2e:43:dc:a1:73:81:87:2d:df:17:55:
                    ac:4b:43:a7:2a:2d:5c:f6:02:0f:c7:f8:39:01:67:
                    d2:ce:c0:ee:e4:66:0c:51:17:c4:f9:ca:43:91:0e:
                    7c:e3:24:ca:64:84:ef:6f:40:25:a5:48:bc:46:9e:
                    ba:17:cf:7b:99:c3:12:8b:4c:71:22:31:a3:90:2e:
                    7e:33:be:6d:d5:95:7d:5f:8b:93:ae:8a:5a:cc:18:
                    b2:9b:5b:d1:59:81:0a:15:17:0b:88:ef:ed:93:b9:
                    9e:9c:9e:5b:5a:4e:b4:1d:fd:19:63:e3:cf:eb:3e:
                    4e:c0:2b:35:5b:17:68:d4:ca:17:28:f2:0d:4f:e4:
                    93:09:9c:30:3c:8b:6b:9c:14:69:f0:62:8c:37:45:
                    62:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:98:AF:05:B1:D6:B9:71:99:B5:B6:2A:F1:53:D8:A5:A4:1F:42:00
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:21:1b:ce:49:52:57:55:93:db:d9:2c:1c:92:1c:43:3d:b8:
         01:f8:07:02:73:32:e7:0d:34:00:88:04:f7:1d:b8:55:3d:72:
         8a:68:92:61:50:f7:f8:fc:ad:50:cf:e5:58:13:ce:dc:43:7a:
         f8:2d:eb:b6:4a:ac:31:7e:fb:bf:46:b2:f4:fd:a5:ab:c6:8c:
         31:b1:48:34:48:77:53:57:60:ce:76:65:d1:ae:a2:ae:d9:35:
         4d:17:07:6f:02:28:b5:af:42:ca:85:13:d8:77:54:c1:d7:8f:
         a4:fe:af:78:32:f2:3e:42:13:3f:9e:39:fb:e0:a9:34:29:08:
         58:84:12:99:0e:c9:9f:1a:3a:f5:32:e3:8f:18:7b:2f:d2:d0:
         86:72:a7:08:69:46:9d:0f:b0:88:b5:07:b3:f2:64:c4:47:c5:
         f4:12:ec:58:f6:31:0f:4e:1d:53:8c:75:2a:bb:45:0b:90:c3:
         cf:9e:75:e9:e0:11:3c:c7:c7:f1:0a:46:53:b4:81:ae:d8:7f:
         16:33:1f:f9:1a:f3:66:62:a7:e0:09:7b:f2:1b:b6:e8:85:cf:
         f8:e6:a5:55:aa:3c:79:66:67:b7:3e:7c:82:2d:0a:5c:40:a0:
         3e:99:42:f3:28:ae:9c:d0:2f:75:23:6b:50:26:05:a1:e5:3e:
         6a:f8:f8:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdkzXF9UxvJhiNsUnou3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUxMTExMDkwMTE0WhcNMjUxMTEyMDkwMTE0WjAzMTEwLwYDVQQD
EyhhNjk4YWYwNWIxZDZiOTcxOTliNWI2MmFmMTUzZDhhNWE0MWY0MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRTRppYdkw0B3LZ8a1EFCN2NrVFb
8moOcjQmHGBm3qYaDUNyZzvvalQQrdG9rCSWc5+5y4dLjmebXob2QVuuYmjYgt+U
FzPrR3j3NgUDY90E8YqgZ+7ygKNo6H3ixwlO47Utc3C2UGgBQy17LkPcoXOBhy3f
F1WsS0OnKi1c9gIPx/g5AWfSzsDu5GYMURfE+cpDkQ584yTKZITvb0AlpUi8Rp66
F897mcMSi0xxIjGjkC5+M75t1ZV9X4uTropazBiym1vRWYEKFRcLiO/tk7menJ5b
Wk60Hf0ZY+PP6z5OwCs1Wxdo1MoXKPINT+STCZwwPItrnBRp8GKMN0Vi8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaYrwWx1rlxmbW2KvFT2KWkH0IAMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPiEbzklS
V1WT29ksHJIcQz24AfgHAnMy5w00AIgE9x24VT1yimiSYVD3+PytUM/lWBPO3EN6
+C3rtkqsMX77v0ay9P2lq8aMMbFINEh3U1dgznZl0a6irtk1TRcHbwIota9CyoUT
2HdUwdePpP6veDLyPkITP545++CpNCkIWIQSmQ7Jnxo69TLjjxh7L9LQhnKnCGlG
nQ+wiLUHs/JkxEfF9BLsWPYxD04dU4x1KrtFC5DDz5516eARPMfH8QpGU7SBrth/
FjMf+RrzZmKn4Al78hu26IXP+OalVao8eWZntz58gi0KXECgPplC8yiunNAvdSNr
UCYFoeU+avj4Wg==
-----END CERTIFICATE-----