Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
File:                     3Feh-cEhycK2-U04p1-_3MVN8Fs.mft (raw, json)
Hash identifier:          RXNK3M4UADJHv1nb+vZLl/fpSx6GtVAAFiYlqQTisJ8=
Subject key identifier:   DF:49:32:32:46:54:55:7F:ED:A3:05:3C:FB:EF:E2:DF:FA:9D:F9:9D
Authority key identifier: DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B
Certificate issuer:       /CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
Certificate serial:       019A7225D1B9755BA5CEA32BC1867473AF21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
Manifest number:          0B95
Signing time:             Tue 11 Nov 2025 09:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:12 +0000
Files and hashes:         1: 3Feh-cEhycK2-U04p1-_3MVN8Fs.crl (hash: S3KaqrJPEw9/PqPZsY0WHmQDWDZKb4/cpTZlWrTzXj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:d1:b9:75:5b:a5:ce:a3:2b:c1:86:74:73:af:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc57a1f9c121c9c2b6f94d38a75fbfdcc54df05b
        Validity
            Not Before: Nov 11 09:01:12 2025 GMT
            Not After : Nov 12 09:01:12 2025 GMT
        Subject: CN=df4932324654557feda3053cfbefe2dffa9df99d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:31:4a:ee:03:be:23:56:af:11:5d:b5:06:b3:
                    bf:65:ba:f1:74:52:1e:42:51:ed:92:59:db:15:2c:
                    f2:74:5f:cf:cb:a0:70:3a:4a:ae:28:15:44:83:2f:
                    e0:15:6f:61:65:56:b0:24:60:60:ce:ef:91:f6:f6:
                    44:4e:00:6c:33:00:58:6f:22:af:0e:72:43:c5:6b:
                    14:26:a2:0e:60:47:44:74:25:e3:fd:69:19:4b:36:
                    60:37:24:a7:1c:42:6d:75:6c:f8:c2:38:41:c7:c0:
                    15:72:9d:49:4e:93:6c:77:1f:81:9f:4d:66:02:1a:
                    9c:74:35:d9:63:40:f4:2c:8c:e7:8e:f3:1d:ef:6c:
                    a6:5c:1b:bb:9e:8b:d5:cc:7a:6c:86:50:eb:0d:e5:
                    2d:16:83:cd:85:cd:8b:2a:a7:c8:3a:47:a1:d0:b3:
                    de:13:b7:99:99:6f:ab:96:52:46:ea:d5:f1:b4:98:
                    26:b3:04:10:06:7e:cf:54:87:80:92:00:0e:b7:15:
                    4f:e4:c1:3e:9a:77:5f:95:24:0d:76:3f:81:76:36:
                    85:4e:c6:6f:84:3c:39:85:bf:a4:f4:5b:49:17:47:
                    41:3e:89:7f:ea:79:12:16:b3:28:be:ac:b9:64:77:
                    e0:4c:68:d7:2c:0a:ce:de:7c:c6:67:34:ac:65:2c:
                    97:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:49:32:32:46:54:55:7F:ED:A3:05:3C:FB:EF:E2:DF:FA:9D:F9:9D
            X509v3 Authority Key Identifier:
                keyid:DC:57:A1:F9:C1:21:C9:C2:B6:F9:4D:38:A7:5F:BF:DC:C5:4D:F0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Feh-cEhycK2-U04p1-_3MVN8Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0e6765-86e2-4010-8f8e-dd113c698d12/1/3Feh-cEhycK2-U04p1-_3MVN8Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:43:06:a6:47:0c:57:88:30:32:72:c8:05:4f:f2:3c:7b:8e:
         bc:85:be:04:eb:e1:ed:3e:a5:90:e8:08:89:ef:c6:0b:db:b3:
         f0:0e:50:2f:a2:fa:41:1c:14:10:4b:d8:c6:fa:b4:e5:22:10:
         13:08:72:36:97:35:02:3a:f3:c2:fa:21:7d:cf:23:9b:6d:fe:
         dc:12:63:ee:0a:6d:8c:e3:4c:7e:92:3a:26:2d:ea:f5:a6:95:
         cc:08:34:e2:7c:3b:21:3e:d6:af:a8:39:d2:c4:be:81:69:26:
         1d:03:55:43:3e:0b:05:41:d1:31:48:00:59:d3:d2:34:b2:8f:
         87:3b:e5:75:53:39:a6:4f:51:8b:2e:9a:e3:5f:7d:f5:97:2f:
         81:c1:f4:ff:cb:9f:02:e2:78:a8:c8:f3:46:d8:2a:b2:66:ed:
         e5:3e:cb:1d:3c:86:95:ff:51:c4:8b:c8:40:09:94:c6:89:6c:
         d5:85:3d:af:86:cd:de:dd:28:f6:aa:e5:24:0e:1e:7e:36:5a:
         c9:9b:d6:83:92:49:86:ee:1d:ab:6a:da:99:05:90:d7:fa:35:
         23:71:c5:ff:3e:40:ed:5e:86:dd:3b:79:de:9f:95:26:5b:69:
         7d:ea:b4:35:54:b0:73:d8:7c:9c:85:2f:f4:a1:98:6e:c4:df:
         f7:00:60:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdG5dVulzqMrwYZ0c68hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNTdhMWY5YzEyMWM5YzJiNmY5NGQzOGE3NWZiZmRjYzU0
ZGYwNWIwHhcNMjUxMTExMDkwMTEyWhcNMjUxMTEyMDkwMTEyWjAzMTEwLwYDVQQD
EyhkZjQ5MzIzMjQ2NTQ1NTdmZWRhMzA1M2NmYmVmZTJkZmZhOWRmOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTFK7gO+I1avEV21BrO/ZbrxdFIe
QlHtklnbFSzydF/Py6BwOkquKBVEgy/gFW9hZVawJGBgzu+R9vZETgBsMwBYbyKv
DnJDxWsUJqIOYEdEdCXj/WkZSzZgNySnHEJtdWz4wjhBx8AVcp1JTpNsdx+Bn01m
AhqcdDXZY0D0LIznjvMd72ymXBu7novVzHpshlDrDeUtFoPNhc2LKqfIOkeh0LPe
E7eZmW+rllJG6tXxtJgmswQQBn7PVIeAkgAOtxVP5ME+mndflSQNdj+BdjaFTsZv
hDw5hb+k9FtJF0dBPol/6nkSFrMovqy5ZHfgTGjXLArO3nzGZzSsZSyXAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9JMjJGVFV/7aMFPPvv4t/6nfmdMB8GA1UdIwQY
MBaAFNxXofnBIcnCtvlNOKdfv9zFTfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUt
ZGQxMTNjNjk4ZDEyLzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wZTY3NjUtODZlMi00MDEwLThmOGUtZGQxMTNjNjk4ZDEy
LzEvM0ZlaC1jRWh5Y0syLVUwNHAxLV8zTVZOOEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUMGpkcM
V4gwMnLIBU/yPHuOvIW+BOvh7T6lkOgIie/GC9uz8A5QL6L6QRwUEEvYxvq05SIQ
EwhyNpc1Ajrzwvohfc8jm23+3BJj7gptjONMfpI6Ji3q9aaVzAg04nw7IT7Wr6g5
0sS+gWkmHQNVQz4LBUHRMUgAWdPSNLKPhzvldVM5pk9Riy6a41999ZcvgcH0/8uf
AuJ4qMjzRtgqsmbt5T7LHTyGlf9RxIvIQAmUxols1YU9r4bN3t0o9qrlJA4efjZa
yZvWg5JJhu4dq2ramQWQ1/o1I3HF/z5A7V6G3Tt53p+VJltpfeq0NVSwc9h8nIUv
9KGYbsTf9wBghw==
-----END CERTIFICATE-----