Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          9tUB1YnlIEd5FG468yOU1gKaM9EM0nKJwObT6wpmlKI=
Subject key identifier:   7E:EC:4B:EA:C5:3D:F8:47:8A:BE:45:98:1E:FF:BB:4D:23:95:F0:BF
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       01988EEB85461460D583A46C0D362A55788D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0B13
Signing time:             Sat 09 Aug 2025 13:00:56 +0000
Manifest this update:     Sat 09 Aug 2025 13:00:56 +0000
Manifest next update:     Sun 10 Aug 2025 13:00:56 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: ZVjJRe71GV9Hlo+jJPXCkIFtnoGGrk+xRNnre7FZh/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:eb:85:46:14:60:d5:83:a4:6c:0d:36:2a:55:78:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Aug  9 13:00:56 2025 GMT
            Not After : Aug 10 13:00:56 2025 GMT
        Subject: CN=7eec4beac53df8478abe45981effbb4d2395f0bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4e:31:85:6f:91:b4:1f:b2:50:a0:53:13:97:
                    fa:de:42:4a:8c:96:34:b8:1e:55:a7:63:25:7a:00:
                    43:bb:4a:a6:5d:cd:a6:37:07:11:4b:a7:c1:58:a4:
                    e7:b4:72:9a:37:38:4e:8e:25:f7:e4:d7:8b:68:73:
                    fd:c2:a8:5f:76:3b:7e:ed:94:82:a4:d2:10:fe:d3:
                    06:da:a6:1c:f0:f8:e8:bd:13:98:24:b0:cc:60:91:
                    83:df:af:24:79:f6:d9:60:23:3e:de:7f:7e:9a:80:
                    f6:86:d5:bc:4b:cf:66:92:cb:d8:12:8c:83:e6:df:
                    8e:1e:34:86:66:dd:c6:de:07:37:69:f7:33:3e:33:
                    41:a6:dc:11:52:cc:c8:40:73:4c:8f:9c:4d:fd:0a:
                    55:26:1f:a2:3f:db:41:dc:00:84:87:9e:f4:c9:49:
                    30:36:0c:62:60:31:3b:fd:9e:ea:9a:8b:1c:63:48:
                    ff:ed:88:1a:e6:70:4c:c8:c0:49:2c:ef:51:d2:6c:
                    96:93:ca:66:14:53:6a:d9:de:84:2d:c6:a4:2c:bf:
                    37:a0:49:1b:b2:f8:f2:7a:85:58:d0:63:19:9b:ca:
                    07:7a:6a:bc:39:f1:68:a8:98:18:b6:4e:6c:0c:a5:
                    8d:f8:ad:67:f9:8a:ba:2b:84:73:21:19:20:33:61:
                    59:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:EC:4B:EA:C5:3D:F8:47:8A:BE:45:98:1E:FF:BB:4D:23:95:F0:BF
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b0:93:7c:92:20:1c:84:d7:a5:18:39:db:f4:5f:92:f2:7b:
         28:75:f2:02:94:5b:cb:c7:b7:70:d1:78:32:9a:ee:da:91:17:
         c3:13:dd:e4:f6:17:aa:05:45:90:d6:bf:ce:7f:c4:36:6d:4d:
         d9:20:0b:7c:36:99:e1:17:b4:2e:b9:91:6c:7f:92:41:54:30:
         0f:9b:65:5f:7b:62:b4:ea:5b:e3:85:40:20:c4:0e:b1:ef:23:
         dc:e1:f6:a6:d6:ff:1b:47:cf:68:36:a6:63:5f:7a:0d:f7:cf:
         1b:44:8e:a3:76:67:cb:f5:59:cb:6c:2c:3a:85:35:52:a5:93:
         39:90:d6:bf:e3:af:de:84:00:0e:27:6f:3e:e0:d3:52:e2:28:
         ff:71:2a:e7:21:0a:36:48:4d:74:34:9f:a5:53:62:b5:4c:9f:
         0c:7d:0b:bb:d3:c6:c5:ce:0f:b4:44:cc:35:3e:61:6a:fa:e2:
         fa:bb:e2:d0:2d:00:18:72:de:06:90:65:6e:09:64:97:ce:02:
         9a:d7:3f:ad:fd:e7:b4:9a:85:08:66:f3:0e:60:15:0a:b2:03:
         a6:34:5a:c3:13:2c:cf:14:31:02:17:bb:8d:3d:d0:31:25:75:
         09:b6:ed:6f:a3:1e:43:93:39:b7:b2:03:bb:20:06:91:51:84:
         13:30:e1:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO64VGFGDVg6RsDTYqVXiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjUwODA5MTMwMDU2WhcNMjUwODEwMTMwMDU2WjAzMTEwLwYDVQQD
Eyg3ZWVjNGJlYWM1M2RmODQ3OGFiZTQ1OTgxZWZmYmI0ZDIzOTVmMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU4xhW+RtB+yUKBTE5f63kJKjJY0
uB5Vp2MlegBDu0qmXc2mNwcRS6fBWKTntHKaNzhOjiX35NeLaHP9wqhfdjt+7ZSC
pNIQ/tMG2qYc8PjovROYJLDMYJGD368kefbZYCM+3n9+moD2htW8S89mksvYEoyD
5t+OHjSGZt3G3gc3afczPjNBptwRUszIQHNMj5xN/QpVJh+iP9tB3ACEh570yUkw
NgxiYDE7/Z7qmoscY0j/7Yga5nBMyMBJLO9R0myWk8pmFFNq2d6ELcakLL83oEkb
svjyeoVY0GMZm8oHemq8OfFoqJgYtk5sDKWN+K1n+Yq6K4RzIRkgM2FZAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7sS+rFPfhHir5FmB7/u00jlfC/MB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLCTfJIg
HITXpRg52/RfkvJ7KHXyApRby8e3cNF4Mpru2pEXwxPd5PYXqgVFkNa/zn/ENm1N
2SALfDaZ4Re0LrmRbH+SQVQwD5tlX3titOpb44VAIMQOse8j3OH2ptb/G0fPaDam
Y196DffPG0SOo3Zny/VZy2wsOoU1UqWTOZDWv+Ov3oQADidvPuDTUuIo/3Eq5yEK
NkhNdDSfpVNitUyfDH0Lu9PGxc4PtETMNT5havri+rvi0C0AGHLeBpBlbglkl84C
mtc/rf3ntJqFCGbzDmAVCrIDpjRawxMszxQxAhe7jT3QMSV1Cbbtb6MeQ5M5t7ID
uyAGkVGEEzDhRA==
-----END CERTIFICATE-----