Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          rUm5OVgN0iB5TnykoLV/EvYVFNV9I7kfM8Pp3CHxsVw=
Subject key identifier:   39:F1:DF:C5:8D:D2:9F:5D:52:35:A1:2B:59:ED:41:81:67:DC:9A:48
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       01989E5F3C70512D49C3BFE94C9E69E543C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0AA3
Signing time:             Tue 12 Aug 2025 13:01:38 +0000
Manifest this update:     Tue 12 Aug 2025 13:01:38 +0000
Manifest next update:     Wed 13 Aug 2025 13:01:38 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: LKYPIKqlzISWQ3o3Qw521gaqI0BiPjJT7QqhawmPGDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9e:5f:3c:70:51:2d:49:c3:bf:e9:4c:9e:69:e5:43:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Aug 12 13:01:38 2025 GMT
            Not After : Aug 13 13:01:38 2025 GMT
        Subject: CN=39f1dfc58dd29f5d5235a12b59ed418167dc9a48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b5:42:4c:e7:1b:86:48:4d:e1:76:e1:44:28:
                    50:91:90:44:87:68:57:ee:ef:cc:fb:60:18:08:14:
                    83:24:4f:80:d6:ca:7b:da:c4:f6:e8:28:9d:a1:3b:
                    c6:4a:6f:47:72:7d:65:5c:77:62:89:ec:8d:ff:47:
                    fc:5b:29:c5:06:38:1c:14:90:09:6b:e2:4a:a1:d5:
                    f8:83:f2:c5:69:ac:be:8f:f8:65:bb:ed:e0:be:d9:
                    4a:96:58:fa:4c:aa:ec:ad:4a:e7:60:9f:fc:43:f0:
                    48:80:c2:33:78:80:e4:52:f5:e5:be:d5:c2:8e:1c:
                    a3:40:d0:81:3d:20:db:16:7e:36:7d:f3:7f:66:e4:
                    a1:13:65:28:49:16:c2:a1:34:d8:b3:f2:46:00:9c:
                    f1:68:73:91:e3:44:b5:1d:c1:6e:aa:93:dc:e8:26:
                    49:ce:1f:bd:99:dc:d5:a4:5e:77:13:46:0f:aa:b3:
                    93:7f:43:40:65:03:29:71:f5:64:c0:01:e1:ad:72:
                    7f:f2:cc:d0:e1:3e:e4:3d:96:03:6c:69:3b:9d:bd:
                    30:a1:45:96:01:b1:95:1c:32:58:58:a8:8d:8f:0b:
                    20:7d:38:9f:74:ef:e1:3b:42:15:e3:e6:1d:5d:b3:
                    c4:f4:a2:4f:ff:d3:a0:12:78:ff:8f:ce:85:8d:7c:
                    10:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:F1:DF:C5:8D:D2:9F:5D:52:35:A1:2B:59:ED:41:81:67:DC:9A:48
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:86:58:4c:00:75:99:81:4e:d5:e2:84:30:43:17:6a:c3:92:
         06:04:ec:d5:63:82:a2:57:e4:34:7c:57:84:54:e5:e6:17:22:
         20:bc:49:9e:be:20:42:9b:7e:62:c3:19:41:ea:cb:b6:11:ac:
         1c:de:2d:e8:23:69:79:1f:90:bb:76:8a:7d:99:ca:b5:03:ce:
         03:84:88:74:28:7f:82:4d:8d:08:ff:7b:a3:87:66:b7:e1:a3:
         fe:67:0f:f6:50:0b:d5:b6:a2:3c:fb:05:27:ee:42:de:6f:c5:
         17:13:9e:bf:e0:61:0d:ac:a8:b3:9e:03:83:75:fa:d3:cf:e0:
         6c:6c:a2:e0:75:40:0d:17:7f:ad:4c:82:2b:74:19:81:2f:96:
         9f:04:53:6e:34:1d:a7:ca:06:85:58:13:67:d9:ca:0d:74:7b:
         37:e6:df:79:cb:6b:71:3c:3b:c5:d6:cc:99:67:74:34:f3:4a:
         22:82:f9:ee:c5:e8:c5:2b:17:46:d9:e7:06:9f:e5:f7:53:10:
         a6:39:96:52:e2:2e:7e:05:70:87:f7:db:46:59:8f:14:2a:c3:
         d8:ea:13:1e:e1:2d:53:c0:cd:47:5d:dd:c9:a9:ca:17:c1:6d:
         ba:63:f5:06:88:2c:92:ad:58:e9:13:23:bc:70:ae:0a:f2:09:
         a8:86:97:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZieXzxwUS1Jw7/pTJ5p5UPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwODEyMTMwMTM4WhcNMjUwODEzMTMwMTM4WjAzMTEwLwYDVQQD
EygzOWYxZGZjNThkZDI5ZjVkNTIzNWExMmI1OWVkNDE4MTY3ZGM5YTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbVCTOcbhkhN4XbhRChQkZBEh2hX
7u/M+2AYCBSDJE+A1sp72sT26CidoTvGSm9Hcn1lXHdiieyN/0f8WynFBjgcFJAJ
a+JKodX4g/LFaay+j/hlu+3gvtlKllj6TKrsrUrnYJ/8Q/BIgMIzeIDkUvXlvtXC
jhyjQNCBPSDbFn42ffN/ZuShE2UoSRbCoTTYs/JGAJzxaHOR40S1HcFuqpPc6CZJ
zh+9mdzVpF53E0YPqrOTf0NAZQMpcfVkwAHhrXJ/8szQ4T7kPZYDbGk7nb0woUWW
AbGVHDJYWKiNjwsgfTifdO/hO0IV4+YdXbPE9KJP/9OgEnj/j86FjXwQ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnx38WN0p9dUjWhK1ntQYFn3JpIMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmoZYTAB1
mYFO1eKEMEMXasOSBgTs1WOColfkNHxXhFTl5hciILxJnr4gQpt+YsMZQerLthGs
HN4t6CNpeR+Qu3aKfZnKtQPOA4SIdCh/gk2NCP97o4dmt+Gj/mcP9lAL1baiPPsF
J+5C3m/FFxOev+BhDayos54Dg3X608/gbGyi4HVADRd/rUyCK3QZgS+WnwRTbjQd
p8oGhVgTZ9nKDXR7N+bfectrcTw7xdbMmWd0NPNKIoL57sXoxSsXRtnnBp/l91MQ
pjmWUuIufgVwh/fbRlmPFCrD2OoTHuEtU8DNR13dyanKF8FtumP1Bogskq1Y6RMj
vHCuCvIJqIaXdQ==
-----END CERTIFICATE-----