Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          rfT9SBQ4bunMUcoMC/DQwGD6gCCaD70ndjOOFfKIgUk=
Subject key identifier:   02:EB:B4:27:B8:9A:8B:63:E3:7F:FD:83:FA:D0:DB:2C:A3:5C:B5:30
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       0198A04DB8CA8B3D1CBAFAF7B8E2CE9D7891
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0DCF
Signing time:             Tue 12 Aug 2025 22:01:44 +0000
Manifest this update:     Tue 12 Aug 2025 22:01:44 +0000
Manifest next update:     Wed 13 Aug 2025 22:01:44 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: lY7tZY795S18kjJTJE82KFWK2SuTzuvKvvJhEC666KY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4d:b8:ca:8b:3d:1c:ba:fa:f7:b8:e2:ce:9d:78:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Aug 12 22:01:44 2025 GMT
            Not After : Aug 13 22:01:44 2025 GMT
        Subject: CN=02ebb427b89a8b63e37ffd83fad0db2ca35cb530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:99:cf:4a:da:80:2e:b8:9a:a5:93:2b:fe:9c:
                    22:b6:41:78:b9:2a:d3:2c:61:f2:ee:40:8d:d3:1e:
                    ad:64:af:6e:1a:b3:3d:75:00:71:15:95:40:7e:e9:
                    ed:f7:79:f1:3f:e9:0e:e5:7b:4e:a8:45:ce:bc:4f:
                    f3:f6:0c:52:f2:bd:32:2a:7f:4a:70:ed:27:d9:03:
                    5e:8b:f5:c6:f8:bc:4f:79:d9:a1:9d:06:08:af:ad:
                    b6:d5:30:62:ec:0d:31:90:b5:da:d7:03:f6:13:e4:
                    4a:16:57:79:7d:9e:44:ce:6a:98:16:fa:e8:03:96:
                    38:dd:77:e8:b5:4f:21:a4:55:0f:60:9e:87:f9:aa:
                    c3:62:a5:6d:d9:5d:d3:de:0e:9a:00:7b:13:97:bf:
                    9c:91:74:07:0c:da:02:9a:81:a4:4c:75:4e:d4:2d:
                    ba:08:35:18:e3:cf:22:63:90:8b:d0:33:45:60:56:
                    70:18:37:a4:e6:89:1d:c5:bd:e1:9c:46:36:32:3a:
                    7f:8f:7d:c5:b9:6e:bb:4f:a9:38:6e:a6:5b:91:a0:
                    fc:96:3d:6f:35:7d:ed:a1:2c:94:bf:f2:fb:0b:b1:
                    de:8c:fd:bd:ec:9b:e5:cb:4c:e1:59:85:d2:b3:54:
                    83:bb:a8:92:67:36:e9:19:c2:a5:2f:29:45:12:30:
                    59:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:EB:B4:27:B8:9A:8B:63:E3:7F:FD:83:FA:D0:DB:2C:A3:5C:B5:30
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:f9:37:10:f3:b6:18:6c:bf:df:8a:0e:e1:36:83:89:01:46:
         91:53:6e:02:a0:1f:23:9a:8f:ad:44:70:3f:4a:87:79:d6:22:
         6f:db:fa:be:16:45:9f:11:98:9d:20:69:60:4e:90:f7:3e:cd:
         7a:2a:9e:3a:1e:6d:7f:42:38:e6:d6:cf:34:69:cc:3f:e2:fe:
         fe:0c:89:04:0c:ea:1e:a5:f1:b3:54:aa:b8:4c:3b:92:ce:24:
         98:5a:f2:db:8b:0e:ef:a8:85:da:62:ba:11:ed:5b:cc:40:15:
         18:45:59:46:3d:01:21:5f:75:a9:3a:01:f3:0f:62:e1:a2:62:
         e5:a0:94:e6:f2:37:26:48:79:e1:56:0d:cf:7f:42:9f:ac:82:
         03:8a:1d:d7:11:f7:70:9e:e2:7a:b7:2d:d9:c8:45:2b:77:5a:
         ed:59:87:88:20:ac:d4:bb:0b:0d:af:ee:3a:cf:c0:39:6d:6d:
         8f:7e:fe:02:88:04:97:ef:c2:ea:68:1d:49:50:1d:f2:5b:85:
         01:99:43:94:ff:8f:89:15:da:6c:b4:d8:42:d7:cc:86:c7:71:
         d2:e6:4d:90:02:2a:58:92:32:fa:7c:d8:ae:35:cd:ae:c5:bc:
         38:6d:86:c8:eb:ca:58:cd:83:64:f2:0e:47:bf:36:a2:bd:56:
         97:6a:64:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTbjKiz0cuvr3uOLOnXiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUwODEyMjIwMTQ0WhcNMjUwODEzMjIwMTQ0WjAzMTEwLwYDVQQD
EygwMmViYjQyN2I4OWE4YjYzZTM3ZmZkODNmYWQwZGIyY2EzNWNiNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJnPStqALriapZMr/pwitkF4uSrT
LGHy7kCN0x6tZK9uGrM9dQBxFZVAfunt93nxP+kO5XtOqEXOvE/z9gxS8r0yKn9K
cO0n2QNei/XG+LxPedmhnQYIr6221TBi7A0xkLXa1wP2E+RKFld5fZ5EzmqYFvro
A5Y43XfotU8hpFUPYJ6H+arDYqVt2V3T3g6aAHsTl7+ckXQHDNoCmoGkTHVO1C26
CDUY488iY5CL0DNFYFZwGDek5okdxb3hnEY2Mjp/j33FuW67T6k4bqZbkaD8lj1v
NX3toSyUv/L7C7HejP297Jvly0zhWYXSs1SDu6iSZzbpGcKlLylFEjBZHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALrtCe4motj43/9g/rQ2yyjXLUwMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvk3EPO2
GGy/34oO4TaDiQFGkVNuAqAfI5qPrURwP0qHedYib9v6vhZFnxGYnSBpYE6Q9z7N
eiqeOh5tf0I45tbPNGnMP+L+/gyJBAzqHqXxs1SquEw7ks4kmFry24sO76iF2mK6
Ee1bzEAVGEVZRj0BIV91qToB8w9i4aJi5aCU5vI3Jkh54VYNz39Cn6yCA4od1xH3
cJ7ierct2chFK3da7VmHiCCs1LsLDa/uOs/AOW1tj37+AogEl+/C6mgdSVAd8luF
AZlDlP+PiRXabLTYQtfMhsdx0uZNkAIqWJIy+nzYrjXNrsW8OG2GyOvKWM2DZPIO
R782or1Wl2pkbQ==
-----END CERTIFICATE-----