Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
File:                     db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json)
Hash identifier:          7kYTzQM+OKRs+Xam9/mHAMCYCA9N9dXTzELoLEjuzZY=
Subject key identifier:   EA:88:02:3C:96:11:0D:81:A2:E2:DF:EC:64:0D:32:B3:EC:C6:16:28
Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85
Certificate issuer:       /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
Certificate serial:       019A4C6156F365521985CD9FBD4C047F83A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
Manifest number:          1418
Signing time:             Tue 04 Nov 2025 01:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 01:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 01:00:38 +0000
Files and hashes:         1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: VZcEB7Dk3V7ZwU2af8F6fe2bW3UcueBr0l58pgIdZ9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 01:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4c:61:56:f3:65:52:19:85:cd:9f:bd:4c:04:7f:83:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885
        Validity
            Not Before: Nov  4 01:00:38 2025 GMT
            Not After : Nov  5 01:00:38 2025 GMT
        Subject: CN=ea88023c96110d81a2e2dfec640d32b3ecc61628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:71:0e:a4:1a:d3:11:5a:1e:22:14:03:35:10:
                    23:8e:e7:cf:e4:3f:2f:43:79:be:4d:59:f5:83:ad:
                    61:9f:32:4b:1e:b6:e5:d6:a4:eb:15:c8:46:54:38:
                    e5:d0:61:b8:37:c0:61:3a:92:88:d7:f6:f9:6b:7c:
                    7e:3f:37:ab:bf:44:1c:d2:84:d7:f9:5c:a3:31:6d:
                    0f:81:3d:db:d6:d4:55:87:c6:ce:20:ad:15:9e:3f:
                    b4:d2:6b:16:af:f6:4c:70:d4:93:bb:c4:68:8f:6c:
                    97:b9:c4:de:98:45:67:52:b4:4c:42:73:39:cf:15:
                    d3:de:9d:6c:e7:49:f2:02:82:2e:eb:92:22:78:61:
                    45:8a:22:48:7b:3f:f2:97:c7:5e:b8:bf:05:d3:6a:
                    87:c2:af:81:f7:23:a5:c9:90:ad:6c:4d:df:26:d8:
                    9f:28:4d:e3:c8:98:c7:c5:d9:33:7d:48:66:fd:9e:
                    8a:6d:d2:22:44:47:17:47:ec:77:d6:35:62:ec:3c:
                    68:a9:b0:af:c4:86:a0:20:bc:79:95:59:60:e8:03:
                    94:20:a9:15:34:17:26:96:ab:15:0a:62:d5:bd:00:
                    cc:bd:db:d8:39:e0:b8:22:d1:ab:31:b0:58:79:e5:
                    57:4f:15:c8:94:fe:c2:93:f1:18:17:48:f7:a7:71:
                    7a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:88:02:3C:96:11:0D:81:A2:E2:DF:EC:64:0D:32:B3:EC:C6:16:28
            X509v3 Authority Key Identifier:
                keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:65:43:e1:44:17:07:54:71:9c:3e:ae:e2:53:2b:af:08:ef:
         77:8f:f5:1c:c2:c0:c8:d6:6c:ed:82:c9:21:2a:83:bc:e0:d6:
         c6:ca:90:aa:33:ad:9a:54:38:60:f3:dc:9f:f4:4d:94:20:b8:
         7d:2e:58:75:66:19:0f:f2:af:27:30:b9:10:c5:47:55:82:d1:
         69:08:6a:18:ff:7a:2a:a6:95:ba:e5:58:f8:da:f7:82:c3:22:
         e9:ae:1f:f7:87:ff:25:78:bc:dc:47:0a:ef:06:e7:57:b3:ab:
         63:b4:83:89:a6:3e:57:4e:cb:15:54:ec:62:a0:48:e2:f2:4c:
         35:5f:c7:f5:59:54:97:c5:75:d0:db:a6:05:71:9d:7f:24:d0:
         1b:84:81:59:b6:98:63:f1:f4:dc:09:c1:01:de:cd:4e:09:4e:
         f4:4a:a1:48:5f:2d:59:e4:df:36:bc:d6:43:88:24:35:c1:05:
         cd:60:22:df:3c:7f:de:60:39:79:94:d0:ed:e7:c7:75:25:4b:
         08:ab:d8:db:fe:17:82:0f:9d:b9:b1:e5:cd:5a:16:d9:ee:9b:
         ce:c2:0e:6e:fd:fb:45:7a:12:c6:97:c4:8c:e9:8c:42:bb:ac:
         90:7d:e3:7e:1e:c9:50:e7:5e:5a:60:1c:c0:f2:42:af:8a:e6:
         16:7e:80:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYVbzZVIZhc2fvUwEf4OjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4
ZmY4ODUwHhcNMjUxMTA0MDEwMDM4WhcNMjUxMTA1MDEwMDM4WjAzMTEwLwYDVQQD
EyhlYTg4MDIzYzk2MTEwZDgxYTJlMmRmZWM2NDBkMzJiM2VjYzYxNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HEOpBrTEVoeIhQDNRAjjufP5D8v
Q3m+TVn1g61hnzJLHrbl1qTrFchGVDjl0GG4N8BhOpKI1/b5a3x+Pzerv0Qc0oTX
+VyjMW0PgT3b1tRVh8bOIK0Vnj+00msWr/ZMcNSTu8Roj2yXucTemEVnUrRMQnM5
zxXT3p1s50nyAoIu65IieGFFiiJIez/yl8deuL8F02qHwq+B9yOlyZCtbE3fJtif
KE3jyJjHxdkzfUhm/Z6KbdIiREcXR+x31jVi7DxoqbCvxIagILx5lVlg6AOUIKkV
NBcmlqsVCmLVvQDMvdvYOeC4ItGrMbBYeeVXTxXIlP7Ck/EYF0j3p3F65wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqIAjyWEQ2BouLf7GQNMrPsxhYoMB8GA1UdIwQY
MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt
OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw
LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQmVD4UQX
B1RxnD6u4lMrrwjvd4/1HMLAyNZs7YLJISqDvODWxsqQqjOtmlQ4YPPcn/RNlCC4
fS5YdWYZD/KvJzC5EMVHVYLRaQhqGP96KqaVuuVY+Nr3gsMi6a4f94f/JXi83EcK
7wbnV7OrY7SDiaY+V07LFVTsYqBI4vJMNV/H9VlUl8V10NumBXGdfyTQG4SBWbaY
Y/H03AnBAd7NTglO9EqhSF8tWeTfNrzWQ4gkNcEFzWAi3zx/3mA5eZTQ7efHdSVL
CKvY2/4Xgg+dubHlzVoW2e6bzsIObv37RXoSxpfEjOmMQruskH3jfh7JUOdeWmAc
wPJCr4rmFn6Aaw==
-----END CERTIFICATE-----