Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          KhczKfn7TuFcgTX7C4mNfOh7bX1FDhMxwndyUAjAod8=
Subject key identifier:   04:B6:19:8F:36:24:03:0E:C0:05:7A:B7:E9:31:DA:9D:E4:9C:0C:D9
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019A7226063DCEA3B3DB273FB932F84101FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:25 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: v3CDdqgvUutQg8y/4Z9K2iSxTn7c5UCRg6tnZfJW8mU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:06:3d:ce:a3:b3:db:27:3f:b9:32:f8:41:01:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Nov 11 09:01:25 2025 GMT
            Not After : Nov 12 09:01:25 2025 GMT
        Subject: CN=04b6198f3624030ec0057ab7e931da9de49c0cd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:92:57:d6:ac:fe:83:ad:82:39:1d:c5:cc:fb:
                    a9:4b:20:6f:81:28:67:6a:8a:99:b9:f8:60:44:ae:
                    78:73:24:38:21:71:28:da:f7:1b:38:76:12:6c:cd:
                    17:b8:39:a4:8c:87:5b:0d:9d:0c:06:7e:63:a7:47:
                    26:3f:5a:6d:79:53:4b:4e:54:b6:67:8d:92:88:40:
                    23:95:9a:52:6a:78:86:1e:8c:55:27:4f:31:8d:69:
                    1a:7b:35:90:5c:0a:7f:86:c1:fd:2c:3f:42:32:4c:
                    1e:ec:95:a6:62:47:da:56:94:66:f6:cc:72:54:62:
                    a3:ca:fb:95:08:0a:1f:65:d0:98:31:91:04:c9:1b:
                    cc:54:d2:09:99:14:7a:9e:7d:64:76:2d:91:d5:03:
                    3a:ce:c5:77:13:2f:29:b6:61:c4:80:bd:c1:be:99:
                    b0:a6:96:9e:41:30:05:c0:43:2f:59:c6:7f:f9:33:
                    6c:0f:2e:05:f7:fc:b4:10:2d:36:21:11:a6:f4:40:
                    c0:a3:b4:d1:b6:a1:c0:70:67:70:fe:2d:5f:b0:68:
                    28:64:2e:41:48:12:5f:de:06:4e:eb:04:00:14:29:
                    12:eb:d6:67:62:70:06:f2:56:d6:b7:dd:f2:a6:15:
                    04:84:0c:c1:6f:52:29:5f:29:12:23:3d:d5:0b:74:
                    55:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:B6:19:8F:36:24:03:0E:C0:05:7A:B7:E9:31:DA:9D:E4:9C:0C:D9
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:bb:3b:93:cb:e4:32:b5:9c:9a:21:8d:db:c6:d9:42:1d:7b:
         3b:e1:b8:2b:36:9b:52:9d:59:63:63:be:2b:04:e4:96:19:fe:
         00:81:74:51:fb:60:be:b8:0b:7b:96:89:f4:76:fd:e9:bd:82:
         84:78:63:79:d5:93:64:17:05:c8:66:b3:a0:fa:14:c7:b3:c2:
         22:06:2b:07:75:e9:e7:82:f3:fd:71:29:eb:39:d4:3e:41:32:
         98:a9:1d:53:8e:8b:d8:55:33:58:e6:7b:1a:cd:de:0b:15:b1:
         e9:f6:ee:65:79:2a:95:f4:ae:af:08:27:2a:ed:f7:7d:bc:42:
         dd:62:31:36:df:ad:23:0c:05:af:23:49:b6:d6:bd:6b:0f:37:
         d7:a4:ad:5b:d9:96:be:6d:ca:61:b9:83:a9:82:cc:98:07:79:
         ec:25:8e:e6:bf:0c:5a:c6:11:0d:c4:aa:8c:d1:de:77:6d:9e:
         ff:0e:2c:84:03:7c:53:60:93:0d:d3:02:bc:ee:83:7e:93:72:
         93:d3:ec:8d:e0:e8:60:f5:ae:21:a9:ea:3b:b6:25:23:b6:e2:
         c0:5f:b4:15:28:8f:f4:eb:92:cc:9d:3e:72:12:d1:06:f7:d9:
         5c:99:7b:e0:9e:e7:1f:2c:b2:62:f8:0d:01:cd:ec:4d:c3:ed:
         0c:df:8f:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgY9zqOz2yc/uTL4QQH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUxMTExMDkwMTI1WhcNMjUxMTEyMDkwMTI1WjAzMTEwLwYDVQQD
EygwNGI2MTk4ZjM2MjQwMzBlYzAwNTdhYjdlOTMxZGE5ZGU0OWMwY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJJX1qz+g62COR3FzPupSyBvgShn
aoqZufhgRK54cyQ4IXEo2vcbOHYSbM0XuDmkjIdbDZ0MBn5jp0cmP1pteVNLTlS2
Z42SiEAjlZpSaniGHoxVJ08xjWkaezWQXAp/hsH9LD9CMkwe7JWmYkfaVpRm9sxy
VGKjyvuVCAofZdCYMZEEyRvMVNIJmRR6nn1kdi2R1QM6zsV3Ey8ptmHEgL3Bvpmw
ppaeQTAFwEMvWcZ/+TNsDy4F9/y0EC02IRGm9EDAo7TRtqHAcGdw/i1fsGgoZC5B
SBJf3gZO6wQAFCkS69ZnYnAG8lbWt93yphUEhAzBb1IpXykSIz3VC3RVLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAS2GY82JAMOwAV6t+kx2p3knAzZMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcrs7k8vk
MrWcmiGN28bZQh17O+G4KzabUp1ZY2O+KwTklhn+AIF0UftgvrgLe5aJ9Hb96b2C
hHhjedWTZBcFyGazoPoUx7PCIgYrB3Xp54Lz/XEp6znUPkEymKkdU46L2FUzWOZ7
Gs3eCxWx6fbuZXkqlfSurwgnKu33fbxC3WIxNt+tIwwFryNJtta9aw8316StW9mW
vm3KYbmDqYLMmAd57CWO5r8MWsYRDcSqjNHed22e/w4shAN8U2CTDdMCvO6DfpNy
k9PsjeDoYPWuIanqO7YlI7biwF+0FSiP9OuSzJ0+chLRBvfZXJl74J7nHyyyYvgN
Ac3sTcPtDN+PRg==
-----END CERTIFICATE-----