Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          rX7bd3yk9Pq+Y7dJnIFeQKr4Z9AR+b5h7jZ0BJV2jNk=
Subject key identifier:   A5:4B:49:CD:09:65:7B:92:48:AB:22:4A:76:9B:BA:5E:1F:72:4F:64
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       0198D51639FFB199C1838DE0D0349C32BF4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 04:01:00 +0000
Manifest this update:     Sat 23 Aug 2025 04:01:00 +0000
Manifest next update:     Sun 24 Aug 2025 04:01:00 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: /G+okS+Bu0s4QUKQrXw7Zhg+rMOO7SfQzvCEAAJzERs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:39:ff:b1:99:c1:83:8d:e0:d0:34:9c:32:bf:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Aug 23 04:01:00 2025 GMT
            Not After : Aug 24 04:01:00 2025 GMT
        Subject: CN=a54b49cd09657b9248ab224a769bba5e1f724f64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c6:5a:ad:c4:05:a0:03:2a:33:3f:5f:61:06:
                    ed:4c:8e:cf:f7:d4:76:68:21:24:7f:86:45:79:d1:
                    b7:44:7f:ba:a9:96:0b:9c:6a:4a:8d:0a:8b:1d:bb:
                    54:e7:fd:8a:e4:85:84:a6:51:05:e4:4c:4c:71:33:
                    cf:34:9e:2e:a5:58:79:31:9c:49:5f:ac:0b:66:8b:
                    d8:0b:96:d7:34:bd:c0:5c:ae:a0:8b:98:a4:a1:7a:
                    7a:9e:41:3e:89:5c:06:95:df:46:f3:e8:ad:f2:7c:
                    d1:03:0e:c2:1b:ad:de:71:32:94:92:32:4c:dc:9e:
                    b8:20:ea:5f:fe:45:5c:70:ba:38:1d:17:82:06:74:
                    d4:a6:0e:ff:69:02:ad:43:0d:1d:d5:87:1a:c4:c4:
                    54:ce:91:dc:a6:23:d3:d9:39:bb:bf:33:df:38:e3:
                    ef:4a:3e:90:a5:1a:5d:13:21:64:25:9b:0e:3b:99:
                    2a:dd:fd:db:f4:ff:42:6c:5a:c3:4b:2b:ed:f4:34:
                    99:f0:5a:da:5e:ab:4f:ab:fd:a3:cb:c6:cb:8c:5a:
                    5b:21:7a:ab:a3:6b:2e:28:b9:44:9d:27:0e:e8:72:
                    9a:28:c7:12:e5:c5:3f:51:ee:6d:f7:7d:96:3b:8f:
                    c6:9e:54:a0:63:6a:bb:bc:8e:e8:36:5c:ac:4b:55:
                    69:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:4B:49:CD:09:65:7B:92:48:AB:22:4A:76:9B:BA:5E:1F:72:4F:64
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:51:fb:fd:a0:f8:fd:92:1e:ef:a0:39:a6:11:39:6d:c7:42:
         aa:2f:60:b3:a1:be:8c:8a:59:00:9e:eb:81:80:97:02:7d:8c:
         8a:db:b5:16:f6:bc:88:7f:16:d0:e2:b3:65:af:0e:44:2e:df:
         ea:05:6d:70:27:71:f9:1e:f4:73:82:ff:aa:c9:98:d1:bf:28:
         ab:61:4f:09:db:7f:21:c2:25:24:4f:03:20:01:e4:29:78:9d:
         de:d1:6e:6a:d4:11:20:01:ee:6f:7d:f3:f9:53:52:2b:e9:1c:
         23:50:e3:02:3e:2a:18:4c:4a:42:89:d4:1a:b1:dc:9c:b7:c2:
         eb:b3:a6:f0:35:72:02:ff:f3:33:5e:dd:02:63:f4:e2:12:26:
         13:24:71:e0:6c:39:c9:75:6c:0f:8e:51:39:24:ef:f7:6d:81:
         40:c5:8f:f9:a4:5e:1b:7b:48:a6:c7:f7:d3:1f:b8:82:2c:2f:
         66:bf:c1:0e:5d:3f:b2:cc:5f:f4:be:9a:b2:a3:0a:4e:bd:fd:
         3f:7a:d9:18:9e:6c:68:64:ec:ad:c1:f7:97:4e:29:58:16:52:
         fd:17:37:82:9b:0a:1d:7a:83:f1:31:ad:ce:d5:5c:49:e5:80:
         90:7c:2c:00:04:25:cf:12:dd:67:de:5c:64:63:21:4b:f3:c1:
         f8:da:2a:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFjn/sZnBg43g0DScMr9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwODIzMDQwMTAwWhcNMjUwODI0MDQwMTAwWjAzMTEwLwYDVQQD
EyhhNTRiNDljZDA5NjU3YjkyNDhhYjIyNGE3NjliYmE1ZTFmNzI0ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8ZarcQFoAMqMz9fYQbtTI7P99R2
aCEkf4ZFedG3RH+6qZYLnGpKjQqLHbtU5/2K5IWEplEF5ExMcTPPNJ4upVh5MZxJ
X6wLZovYC5bXNL3AXK6gi5ikoXp6nkE+iVwGld9G8+it8nzRAw7CG63ecTKUkjJM
3J64IOpf/kVccLo4HReCBnTUpg7/aQKtQw0d1YcaxMRUzpHcpiPT2Tm7vzPfOOPv
Sj6QpRpdEyFkJZsOO5kq3f3b9P9CbFrDSyvt9DSZ8FraXqtPq/2jy8bLjFpbIXqr
o2suKLlEnScO6HKaKMcS5cU/Ue5t932WO4/GnlSgY2q7vI7oNlysS1Vp0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVLSc0JZXuSSKsiSnabul4fck9kMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAolH7/aD4
/ZIe76A5phE5bcdCqi9gs6G+jIpZAJ7rgYCXAn2Mitu1Fva8iH8W0OKzZa8ORC7f
6gVtcCdx+R70c4L/qsmY0b8oq2FPCdt/IcIlJE8DIAHkKXid3tFuatQRIAHub33z
+VNSK+kcI1DjAj4qGExKQonUGrHcnLfC67Om8DVyAv/zM17dAmP04hImEyRx4Gw5
yXVsD45ROSTv922BQMWP+aReG3tIpsf30x+4giwvZr/BDl0/ssxf9L6asqMKTr39
P3rZGJ5saGTsrcH3l04pWBZS/Rc3gpsKHXqD8TGtztVcSeWAkHwsAAQlzxLdZ95c
ZGMhS/PB+NoqBA==
-----END CERTIFICATE-----