Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          vmfO2H1oGJPRfQiRcTO4vjPw0ZCu9Bj4+m2tFYwK70E=
Subject key identifier:   60:90:7A:01:37:64:85:FD:6D:1D:16:D4:7C:6D:62:89:FC:81:36:52
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0198D6980FD131DB13FAA72EBE6B9F72EE7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          04DE
Signing time:             Sat 23 Aug 2025 11:02:26 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:26 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:26 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: DbfN3wtYsQRbtjrZymDiJHSQvaHezELxZVUBxu2AUaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 11:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:98:0f:d1:31:db:13:fa:a7:2e:be:6b:9f:72:ee:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Aug 23 11:02:26 2025 GMT
            Not After : Aug 24 11:02:26 2025 GMT
        Subject: CN=60907a01376485fd6d1d16d47c6d6289fc813652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c6:79:8a:fe:a1:e6:01:94:07:32:e4:77:45:
                    fd:d4:2b:b7:c3:22:76:64:93:d1:39:c0:ca:67:ac:
                    fb:9a:f4:9c:87:ca:fc:7c:3d:3f:ed:2b:de:f3:9a:
                    a9:15:f6:ed:51:3c:03:3d:eb:d3:c7:be:c3:90:1b:
                    f6:e7:10:b1:66:11:62:7e:d7:52:29:66:19:21:03:
                    86:5e:ec:d1:7a:2a:e7:d1:18:67:6b:60:90:8a:35:
                    f7:89:2c:11:85:17:54:62:ea:8a:41:0e:a6:5f:9d:
                    db:66:8c:6e:a3:02:d1:ab:29:69:a5:00:04:88:d3:
                    61:e0:3e:5d:b6:19:8f:89:3c:8e:51:20:9d:48:15:
                    6a:c8:e3:43:a5:cb:46:a0:49:9b:fc:7a:72:d2:bb:
                    cc:70:9f:1d:ec:c7:17:2c:74:72:7c:97:26:d7:b7:
                    35:8b:d3:92:b7:44:8a:b4:44:60:a7:66:4b:ab:ad:
                    47:4f:26:b8:c9:f1:4c:c5:c6:12:63:24:c6:74:2e:
                    6d:99:50:3c:0c:17:29:bb:04:7d:01:dd:31:01:13:
                    ed:fa:c3:be:49:fd:1c:7c:3c:3f:04:9a:a5:39:5f:
                    f0:24:60:10:1c:13:61:b1:f9:6d:66:f3:1c:76:84:
                    59:73:36:c8:e1:be:7a:14:8e:c3:d8:d6:d2:d0:13:
                    98:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:90:7A:01:37:64:85:FD:6D:1D:16:D4:7C:6D:62:89:FC:81:36:52
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:83:82:e9:b9:c9:61:b4:75:34:a8:d2:a1:e7:0d:a8:89:ae:
         df:e4:58:8c:8b:d5:d4:8d:a1:06:5c:59:c0:7f:6b:94:03:31:
         5f:47:66:94:5f:2a:1e:f4:7d:08:7b:50:19:f3:d8:be:74:58:
         dd:8c:59:37:ec:4a:f0:bc:11:2e:6e:6d:3c:4b:af:d8:f6:38:
         7f:5e:31:27:45:54:23:07:25:7c:ae:2f:84:c6:a7:52:26:44:
         ab:b1:03:04:97:cd:96:95:70:b5:24:0a:7a:d3:26:d4:77:84:
         57:b1:cb:54:5f:ca:30:ae:d3:94:9f:95:77:3d:8e:d3:0a:a3:
         f1:63:41:3c:76:a6:31:52:55:81:57:aa:22:c7:61:f4:d0:13:
         a8:51:6f:f6:0e:93:da:c9:f6:d7:ae:98:b2:69:ce:16:da:84:
         7b:e4:dc:b0:d5:b5:dc:23:ad:4f:df:51:ac:b0:88:c9:47:ed:
         45:b3:a5:8d:2c:9d:47:15:d6:13:33:aa:07:ac:60:22:fb:91:
         29:c3:33:90:03:62:c6:f6:a8:8c:65:29:88:3c:78:b5:f4:e2:
         2e:65:12:8d:7c:64:80:da:94:b6:29:7a:32:04:d2:8a:c1:66:
         14:34:ae:82:ba:88:23:6b:6b:cf:e2:38:8a:15:89:68:50:74:
         93:49:3a:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmA/RMdsT+qcuvmufcu58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUwODIzMTEwMjI2WhcNMjUwODI0MTEwMjI2WjAzMTEwLwYDVQQD
Eyg2MDkwN2EwMTM3NjQ4NWZkNmQxZDE2ZDQ3YzZkNjI4OWZjODEzNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcZ5iv6h5gGUBzLkd0X91Cu3wyJ2
ZJPROcDKZ6z7mvSch8r8fD0/7Sve85qpFfbtUTwDPevTx77DkBv25xCxZhFiftdS
KWYZIQOGXuzReirn0Rhna2CQijX3iSwRhRdUYuqKQQ6mX53bZoxuowLRqylppQAE
iNNh4D5dthmPiTyOUSCdSBVqyONDpctGoEmb/Hpy0rvMcJ8d7McXLHRyfJcm17c1
i9OSt0SKtERgp2ZLq61HTya4yfFMxcYSYyTGdC5tmVA8DBcpuwR9Ad0xARPt+sO+
Sf0cfDw/BJqlOV/wJGAQHBNhsfltZvMcdoRZczbI4b56FI7D2NbS0BOYowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCQegE3ZIX9bR0W1HxtYon8gTZSMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb4OC6bnJ
YbR1NKjSoecNqImu3+RYjIvV1I2hBlxZwH9rlAMxX0dmlF8qHvR9CHtQGfPYvnRY
3YxZN+xK8LwRLm5tPEuv2PY4f14xJ0VUIwclfK4vhManUiZEq7EDBJfNlpVwtSQK
etMm1HeEV7HLVF/KMK7TlJ+Vdz2O0wqj8WNBPHamMVJVgVeqIsdh9NATqFFv9g6T
2sn2166YsmnOFtqEe+TcsNW13COtT99RrLCIyUftRbOljSydRxXWEzOqB6xgIvuR
KcMzkANixvaojGUpiDx4tfTiLmUSjXxkgNqUtil6MgTSisFmFDSugrqII2trz+I4
ihWJaFB0k0k6rQ==
-----END CERTIFICATE-----