Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
File:                     3q91C1wrlTnZblZJdyr34Q7-D-o.mft (raw, json)
Hash identifier:          Jvv92f51frA+HbcktJ+DCbfNDBYogNDbC+DvB/3hQV8=
Subject key identifier:   66:1B:8A:3D:C6:32:D7:ED:3E:EC:40:26:D6:8C:2F:32:0C:B7:3E:1D
Authority key identifier: DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA
Certificate issuer:       /CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
Certificate serial:       0199FC58A73CE3E1EFD4DBACA8C808AB4585
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
Manifest number:          0D73
Signing time:             Sun 19 Oct 2025 12:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:32 +0000
Files and hashes:         1: 3q91C1wrlTnZblZJdyr34Q7-D-o.crl (hash: 1gqtimKHPnWxXSz5i9GLbD8U5j6JKgdPkPSJIv+toa0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:a7:3c:e3:e1:ef:d4:db:ac:a8:c8:08:ab:45:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=deaf750b5c2b9539d96e5649772af7e10efe0fea
        Validity
            Not Before: Oct 19 12:01:32 2025 GMT
            Not After : Oct 20 12:01:32 2025 GMT
        Subject: CN=661b8a3dc632d7ed3eec4026d68c2f320cb73e1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:22:4c:54:d9:f8:f4:ac:0d:87:29:bd:d5:db:
                    4d:f3:af:45:09:0e:ca:4f:58:33:99:7a:95:40:a5:
                    1f:b7:7c:47:04:51:7b:0b:00:e0:c7:ed:6c:29:39:
                    8a:48:4c:c3:17:52:64:d4:35:e1:19:13:4b:56:90:
                    da:c6:9e:d8:36:ad:08:f5:70:7f:47:87:66:db:02:
                    07:21:d4:ef:d3:1a:38:2c:c8:fb:e6:c8:4c:32:44:
                    af:95:4e:97:cc:ff:8b:16:94:3c:6c:aa:4d:2b:33:
                    46:df:81:89:4a:ad:51:88:fb:64:d3:81:25:07:3e:
                    5f:7a:5b:85:a6:3f:84:16:0b:50:28:a4:1f:01:64:
                    de:0d:d6:c7:a6:df:3c:7f:8c:7c:95:ee:41:83:4e:
                    0f:ce:b0:bb:49:cd:ef:4a:29:3f:74:b1:cb:57:f3:
                    a3:e3:73:b3:1a:40:f1:43:3d:7d:c6:11:01:83:78:
                    a8:18:2c:36:4d:cd:17:93:ef:26:61:56:48:9c:e4:
                    cd:7a:61:a2:cc:a1:c2:bc:86:5a:65:36:1d:14:95:
                    f3:bd:d1:65:a6:30:d7:c5:8b:4a:f2:f0:c8:86:9f:
                    ae:f7:84:fd:cd:5d:c2:23:53:a4:02:ea:29:47:f6:
                    f2:5c:c0:da:58:4d:50:f1:26:bc:6c:84:b1:cc:e8:
                    b6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:1B:8A:3D:C6:32:D7:ED:3E:EC:40:26:D6:8C:2F:32:0C:B7:3E:1D
            X509v3 Authority Key Identifier:
                keyid:DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:0f:97:e2:aa:0f:8a:c6:10:c9:7a:7d:4c:da:7f:0d:5c:7c:
         c3:86:10:e8:ff:c9:54:65:8b:b9:04:a7:f7:a3:74:a9:18:1f:
         5c:c9:1a:64:a9:d7:71:7c:78:1b:c5:54:37:dd:5b:03:3b:9b:
         bf:c1:2a:17:95:a3:2f:2d:32:be:e5:9d:2e:7a:39:50:f2:5c:
         84:cd:fe:c9:69:ba:74:e9:fb:34:d5:9f:77:ac:e9:e7:8d:f9:
         d5:0b:7d:ec:e0:02:0e:91:49:6d:3e:7c:c9:e6:39:10:ae:10:
         bc:8b:50:fe:7b:59:66:51:49:df:90:68:a2:c7:50:93:3d:5b:
         aa:7b:41:69:71:c5:d0:67:46:48:5d:80:47:43:2b:b9:aa:81:
         e9:26:44:aa:66:d6:67:8b:43:e4:f7:45:76:46:bd:99:75:f7:
         c7:82:d9:f1:f6:a5:81:cd:5c:07:6b:8c:20:e4:ce:f0:3e:e0:
         38:84:b9:c6:83:ec:83:08:14:35:d3:7e:77:60:2a:04:33:ff:
         a8:a6:ba:bf:6e:40:7a:18:49:9a:f3:3d:72:93:65:70:af:0a:
         2a:86:c4:97:e9:bd:e1:7a:32:a3:fa:49:e4:c7:59:49:af:b1:
         61:63:e0:ac:41:df:f0:1a:96:e7:72:cb:69:48:c9:f8:77:82:
         58:58:81:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WKc84+Hv1NusqMgIq0WFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYWY3NTBiNWMyYjk1MzlkOTZlNTY0OTc3MmFmN2UxMGVm
ZTBmZWEwHhcNMjUxMDE5MTIwMTMyWhcNMjUxMDIwMTIwMTMyWjAzMTEwLwYDVQQD
Eyg2NjFiOGEzZGM2MzJkN2VkM2VlYzQwMjZkNjhjMmYzMjBjYjczZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yJMVNn49KwNhym91dtN869FCQ7K
T1gzmXqVQKUft3xHBFF7CwDgx+1sKTmKSEzDF1Jk1DXhGRNLVpDaxp7YNq0I9XB/
R4dm2wIHIdTv0xo4LMj75shMMkSvlU6XzP+LFpQ8bKpNKzNG34GJSq1RiPtk04El
Bz5feluFpj+EFgtQKKQfAWTeDdbHpt88f4x8le5Bg04PzrC7Sc3vSik/dLHLV/Oj
43OzGkDxQz19xhEBg3ioGCw2Tc0Xk+8mYVZInOTNemGizKHCvIZaZTYdFJXzvdFl
pjDXxYtK8vDIhp+u94T9zV3CI1OkAuopR/byXMDaWE1Q8Sa8bISxzOi2zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYbij3GMtftPuxAJtaMLzIMtz4dMB8GA1UdIwQY
MBaAFN6vdQtcK5U52W5WSXcq9+EO/g/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3Yzkt
NWQzMWQxZmU0MjhmLzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3YzktNWQzMWQxZmU0Mjhm
LzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYg+X4qoP
isYQyXp9TNp/DVx8w4YQ6P/JVGWLuQSn96N0qRgfXMkaZKnXcXx4G8VUN91bAzub
v8EqF5WjLy0yvuWdLno5UPJchM3+yWm6dOn7NNWfd6zp54351Qt97OACDpFJbT58
yeY5EK4QvItQ/ntZZlFJ35BoosdQkz1bqntBaXHF0GdGSF2AR0MruaqB6SZEqmbW
Z4tD5PdFdka9mXX3x4LZ8falgc1cB2uMIOTO8D7gOIS5xoPsgwgUNdN+d2AqBDP/
qKa6v25AehhJmvM9cpNlcK8KKobEl+m94Xoyo/pJ5MdZSa+xYWPgrEHf8BqW53LL
aUjJ+HeCWFiBHA==
-----END CERTIFICATE-----