Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          Vb6Z/aCu5ZnFkuaCSbcf7mW8RM7sDWddth397RGnKxU=
Subject key identifier:   33:26:C8:8E:58:96:9D:E4:DD:D6:1D:54:81:D3:3C:C1:0B:AA:16:28
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       0198D660A66E299935E6B00028A3E1092BA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0DEB
Signing time:             Sat 23 Aug 2025 10:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:54 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: prwH4akT4K9Igl1UchEuwYw/vAaCC2a5ezsrAY4MS+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:a6:6e:29:99:35:e6:b0:00:28:a3:e1:09:2b:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Aug 23 10:01:54 2025 GMT
            Not After : Aug 24 10:01:54 2025 GMT
        Subject: CN=3326c88e58969de4ddd61d5481d33cc10baa1628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b7:71:fc:ea:2b:9a:34:18:4c:97:d7:a6:2e:
                    5a:7a:66:65:f6:f0:dc:7d:8d:35:c8:d2:70:60:a4:
                    d2:24:65:1a:cb:d6:21:43:04:4b:25:46:00:48:fe:
                    11:63:46:4f:a9:1f:1b:a4:82:5c:de:86:ec:d0:e9:
                    9f:d1:73:1b:61:70:b7:9b:9d:99:de:e0:42:9a:a5:
                    02:e8:b8:33:82:12:5e:5f:1a:80:19:63:bf:34:7a:
                    be:62:4e:8e:3f:5b:a6:02:c5:77:b8:7a:28:02:dc:
                    bf:fa:48:1b:bb:0d:42:95:e2:fa:1f:00:16:1e:3b:
                    c5:61:03:0e:62:14:31:17:ba:f5:4f:41:21:1d:b9:
                    bb:c5:e3:55:ed:97:3c:fb:ad:e2:80:95:2c:71:98:
                    b7:6c:3b:80:74:5e:dc:f5:dd:f8:2c:93:1a:19:69:
                    98:b3:62:c2:41:0f:9e:38:2e:7c:cc:e5:da:77:c1:
                    cd:9e:cd:64:fd:f2:bb:4e:ad:ef:34:4c:66:a0:9b:
                    49:33:01:1b:f0:eb:39:61:c2:f0:08:df:f4:7d:25:
                    06:3d:b0:e6:63:f3:2d:35:dc:91:8f:92:85:e0:1f:
                    11:29:f2:df:d9:fc:ac:f0:7f:54:6f:d5:90:bf:bb:
                    a8:7e:c1:0d:11:41:97:17:76:2f:de:09:a6:ba:05:
                    d7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:26:C8:8E:58:96:9D:E4:DD:D6:1D:54:81:D3:3C:C1:0B:AA:16:28
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:99:8f:81:5f:6c:0a:7d:2c:b7:a8:cf:90:43:3f:0b:7b:66:
         15:5a:56:70:ed:af:e0:e0:20:eb:45:b5:d6:d0:af:4f:12:0c:
         0e:a7:93:30:5d:ca:94:1c:23:d0:09:a4:b6:f0:ba:a2:65:fc:
         92:f9:14:15:47:fd:8d:f2:8d:24:d3:91:8d:9a:e8:45:85:18:
         56:cd:e9:27:03:1b:3e:55:8b:7d:09:52:7b:0e:47:cc:ee:49:
         8c:06:9f:2f:90:27:de:ec:be:a6:6b:e5:5d:ef:b4:5f:8f:09:
         b5:46:6a:9c:f1:1d:a2:96:9a:62:a8:dc:87:c0:20:99:54:d8:
         a3:c0:2e:af:bb:d7:66:5b:f0:6a:31:b6:5d:8d:4c:26:8b:81:
         c8:c3:8c:14:35:0f:f3:ad:6c:3d:97:dc:8e:e0:23:3c:c4:93:
         00:2f:9a:31:7a:1c:54:65:19:a3:34:3e:79:ab:97:3f:18:55:
         b6:09:7d:c5:56:f6:05:da:c3:2b:6c:c5:3f:88:20:c7:e9:70:
         3c:b2:34:30:e0:9d:d2:74:c8:93:68:38:3a:3d:fa:e2:fa:10:
         0f:37:a0:8e:a3:bb:66:b9:d4:a7:5b:01:b2:42:66:bc:a4:80:
         1c:1c:b0:4f:43:ca:2f:15:a7:7a:48:82:8c:22:ba:ec:37:5b:
         42:e3:a6:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYKZuKZk15rAAKKPhCSugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUwODIzMTAwMTU0WhcNMjUwODI0MTAwMTU0WjAzMTEwLwYDVQQD
EygzMzI2Yzg4ZTU4OTY5ZGU0ZGRkNjFkNTQ4MWQzM2NjMTBiYWExNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rdx/OormjQYTJfXpi5aemZl9vDc
fY01yNJwYKTSJGUay9YhQwRLJUYASP4RY0ZPqR8bpIJc3obs0Omf0XMbYXC3m52Z
3uBCmqUC6LgzghJeXxqAGWO/NHq+Yk6OP1umAsV3uHooAty/+kgbuw1CleL6HwAW
HjvFYQMOYhQxF7r1T0EhHbm7xeNV7Zc8+63igJUscZi3bDuAdF7c9d34LJMaGWmY
s2LCQQ+eOC58zOXad8HNns1k/fK7Tq3vNExmoJtJMwEb8Os5YcLwCN/0fSUGPbDm
Y/MtNdyRj5KF4B8RKfLf2fys8H9Ub9WQv7uofsENEUGXF3Yv3gmmugXXoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMmyI5Ylp3k3dYdVIHTPMELqhYoMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANpmPgV9s
Cn0st6jPkEM/C3tmFVpWcO2v4OAg60W11tCvTxIMDqeTMF3KlBwj0AmktvC6omX8
kvkUFUf9jfKNJNORjZroRYUYVs3pJwMbPlWLfQlSew5HzO5JjAafL5An3uy+pmvl
Xe+0X48JtUZqnPEdopaaYqjch8AgmVTYo8Aur7vXZlvwajG2XY1MJouByMOMFDUP
861sPZfcjuAjPMSTAC+aMXocVGUZozQ+eauXPxhVtgl9xVb2BdrDK2zFP4ggx+lw
PLI0MOCd0nTIk2g4Oj364voQDzegjqO7ZrnUp1sBskJmvKSAHBywT0PKLxWnekiC
jCK67DdbQuOm3A==
-----END CERTIFICATE-----