Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          Zn4ymE0O+ftpTXYbeewgDfMSR9l6gzt6O8HoKvWhD1k=
Subject key identifier:   48:C4:70:DF:E6:12:99:0A:C6:74:EB:AF:DF:42:B3:71:B2:00:6F:CC
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       0198D65FADE802B0E892057570B334DCC56B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0916
Signing time:             Sat 23 Aug 2025 10:00:51 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:51 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:51 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: rvvoOR/YjlaWeU5B/l8LcLP8i7g+QbUMKR+e4TDVwlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:ad:e8:02:b0:e8:92:05:75:70:b3:34:dc:c5:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Aug 23 10:00:51 2025 GMT
            Not After : Aug 24 10:00:51 2025 GMT
        Subject: CN=48c470dfe612990ac674ebafdf42b371b2006fcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:93:57:df:ec:21:e8:03:91:2a:59:a3:94:c8:
                    f0:f6:ab:f4:91:c6:ad:23:51:76:5b:0b:56:32:b3:
                    8a:fa:3a:4e:41:68:72:70:9a:66:43:59:20:e6:49:
                    77:ff:c8:be:0c:05:ea:af:16:2a:fb:f2:5b:aa:44:
                    1e:8f:1c:03:6b:04:b2:14:d3:d2:79:8c:e7:df:89:
                    b5:53:53:90:b1:84:23:50:3d:bb:c8:0e:0a:1b:54:
                    19:34:39:ed:08:14:28:f8:8a:23:78:40:6c:3a:b6:
                    ef:18:1c:88:be:40:af:ca:81:53:20:8f:b9:35:70:
                    a5:05:3e:b3:de:e2:ea:ae:32:53:8d:3c:a3:b6:6d:
                    62:6d:0e:b5:11:6f:2e:17:c6:31:08:22:f9:45:12:
                    57:28:9f:ea:3e:0b:3a:db:f0:54:d2:cf:1a:4d:3f:
                    45:4c:5f:74:5e:ff:ac:a1:82:7e:6b:0f:e1:ec:fa:
                    ef:16:d3:a1:27:6a:5a:b1:bc:84:83:3a:1a:c6:bd:
                    da:05:70:13:63:0c:a2:aa:65:92:99:48:bf:b9:4f:
                    b0:c5:25:61:02:82:f4:2d:6b:39:17:e9:d2:8a:bc:
                    38:22:79:6f:25:53:6f:70:3e:96:1e:52:93:18:14:
                    95:1d:c2:8b:af:3b:e0:bd:cc:63:41:ce:f6:69:fa:
                    39:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C4:70:DF:E6:12:99:0A:C6:74:EB:AF:DF:42:B3:71:B2:00:6F:CC
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:a1:14:ae:ac:61:2d:83:da:27:69:b3:d3:82:99:fd:da:11:
         6f:a4:f1:a8:a3:04:da:28:f7:fa:36:a9:ee:9f:ee:52:62:e5:
         c3:5d:4b:55:0c:56:a9:ad:e0:27:71:fc:51:22:e3:f7:c4:6b:
         a1:bf:36:ba:37:2e:8a:b9:9b:3e:dc:4e:31:fb:0c:b4:e9:e9:
         3e:01:7b:49:c4:97:05:75:86:86:e7:68:54:08:e0:9d:d7:53:
         e5:b4:d5:35:6f:c6:5e:0c:60:d2:33:30:c7:a4:b6:2f:50:33:
         14:fa:4a:b4:e8:f8:69:aa:93:80:f9:b5:ff:49:c2:e6:fe:63:
         bb:25:a0:c0:c0:b1:6f:69:2f:72:3b:fd:62:aa:cc:ee:a6:dc:
         79:e3:73:25:f9:d0:92:0a:91:e9:32:d0:de:95:c1:94:56:5f:
         dd:e4:12:6c:e1:c9:c4:2a:3a:51:93:c5:6f:83:c8:9b:ad:00:
         3c:07:7a:01:c2:7a:45:1b:dc:7b:1e:af:2d:f8:d4:f6:fd:03:
         4b:b6:66:68:97:c6:d2:fc:0f:00:9b:ac:4d:71:21:14:82:a6:
         04:d6:97:55:69:2c:91:2e:b0:a3:37:c8:5a:cf:12:06:52:87:
         11:b0:c2:3f:d4:1c:fa:74:c0:d8:79:df:75:c3:74:16:a5:b0:
         ab:61:ce:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX63oArDokgV1cLM03MVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUwODIzMTAwMDUxWhcNMjUwODI0MTAwMDUxWjAzMTEwLwYDVQQD
Eyg0OGM0NzBkZmU2MTI5OTBhYzY3NGViYWZkZjQyYjM3MWIyMDA2ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpNX3+wh6AORKlmjlMjw9qv0kcat
I1F2WwtWMrOK+jpOQWhycJpmQ1kg5kl3/8i+DAXqrxYq+/JbqkQejxwDawSyFNPS
eYzn34m1U1OQsYQjUD27yA4KG1QZNDntCBQo+IojeEBsOrbvGByIvkCvyoFTII+5
NXClBT6z3uLqrjJTjTyjtm1ibQ61EW8uF8YxCCL5RRJXKJ/qPgs62/BU0s8aTT9F
TF90Xv+soYJ+aw/h7PrvFtOhJ2pasbyEgzoaxr3aBXATYwyiqmWSmUi/uU+wxSVh
AoL0LWs5F+nSirw4InlvJVNvcD6WHlKTGBSVHcKLrzvgvcxjQc72afo5nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjEcN/mEpkKxnTrr99Cs3GyAG/MMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbaEUrqxh
LYPaJ2mz04KZ/doRb6TxqKME2ij3+jap7p/uUmLlw11LVQxWqa3gJ3H8USLj98Rr
ob82ujcuirmbPtxOMfsMtOnpPgF7ScSXBXWGhudoVAjgnddT5bTVNW/GXgxg0jMw
x6S2L1AzFPpKtOj4aaqTgPm1/0nC5v5juyWgwMCxb2kvcjv9YqrM7qbceeNzJfnQ
kgqR6TLQ3pXBlFZf3eQSbOHJxCo6UZPFb4PIm60APAd6AcJ6RRvcex6vLfjU9v0D
S7ZmaJfG0vwPAJusTXEhFIKmBNaXVWkskS6wozfIWs8SBlKHEbDCP9Qc+nTA2Hnf
dcN0FqWwq2HOqw==
-----END CERTIFICATE-----