Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
File:                     3jCrARAqrvMOvUyJHAOAm6rQOeA.mft (raw, json)
Hash identifier:          TAAdr2jGECU2vzzjB101qtcY0OO0CwR24MWS/9eFT5Q=
Subject key identifier:   08:43:5B:EC:3A:FA:08:74:FC:D3:80:F7:76:CA:C6:75:41:87:92:CF
Authority key identifier: DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0
Certificate issuer:       /CN=de30ab01102aaef30ebd4c891c03809baad039e0
Certificate serial:       0198D5BC54EAA8A07C75AFD33AE730EAC9F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
Manifest number:          0E
Signing time:             Sat 23 Aug 2025 07:02:26 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:26 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:26 +0000
Files and hashes:         1: 3jCrARAqrvMOvUyJHAOAm6rQOeA.crl (hash: ivfGCtAQ0Zkv8F7+k/LKj8BPNdl9QuUW1BgNisaj52g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:54:ea:a8:a0:7c:75:af:d3:3a:e7:30:ea:c9:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de30ab01102aaef30ebd4c891c03809baad039e0
        Validity
            Not Before: Aug 23 07:02:26 2025 GMT
            Not After : Aug 24 07:02:26 2025 GMT
        Subject: CN=08435bec3afa0874fcd380f776cac675418792cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f9:2d:43:bc:e1:47:86:bd:51:87:b9:44:18:
                    01:6b:b0:1c:75:d0:a4:da:f6:26:40:1e:a6:24:8d:
                    86:e4:98:11:62:c1:95:74:1c:17:5f:49:82:4c:44:
                    7b:a9:da:93:a1:fd:46:cd:42:e9:f8:b9:51:a3:c9:
                    b4:c1:1e:43:f7:6b:f8:37:23:d0:4d:93:d0:c0:fd:
                    e1:da:74:27:c2:ad:9e:da:28:9a:57:42:82:c4:72:
                    50:1c:2e:6e:3d:0e:98:39:ca:fe:23:52:2b:a1:0e:
                    1b:41:a6:ba:c1:c9:b5:bd:6c:bf:06:2c:21:b5:a7:
                    72:ae:f0:8c:08:09:f0:3e:23:7a:1f:a6:08:66:06:
                    b3:6d:b5:33:97:92:64:6c:e8:28:a8:a7:fa:a6:fe:
                    5e:24:67:ba:18:1f:af:4c:7b:77:21:69:12:d9:85:
                    65:4c:74:b5:bb:a4:00:d9:dd:8d:af:43:54:62:7a:
                    5a:e8:e3:61:a3:ae:06:b5:7a:63:10:90:48:4c:d7:
                    21:98:30:40:6c:4c:02:b6:b5:1c:4c:53:12:1f:a4:
                    d3:37:ad:51:4d:54:ec:e2:36:ef:92:1c:bf:83:c2:
                    93:95:b1:a5:db:25:ec:88:b1:80:09:cb:2c:e6:28:
                    44:5e:b1:97:41:3e:6c:d5:7d:de:e3:93:bf:c9:8b:
                    06:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:43:5B:EC:3A:FA:08:74:FC:D3:80:F7:76:CA:C6:75:41:87:92:CF
            X509v3 Authority Key Identifier:
                keyid:DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:a4:6a:10:cb:b6:67:88:9c:99:50:44:45:18:38:1c:6c:f6:
         81:31:58:ed:b8:a3:0c:d4:5d:f0:8b:56:ef:e1:de:14:10:48:
         3a:48:5a:7f:3d:a2:da:5b:72:c9:3d:5b:f7:60:5a:49:15:09:
         83:48:60:69:dd:17:15:c7:9a:ff:e8:ec:d9:2b:f2:f5:e4:90:
         39:19:3f:5a:08:8b:7a:3d:b6:42:6c:99:25:78:17:3a:b4:2f:
         6f:5d:ed:77:f4:66:3e:3e:46:9a:14:84:e5:c3:8e:98:84:75:
         87:75:cf:62:ba:3a:d7:bf:a2:f8:41:e7:53:29:c3:d0:fe:fd:
         fe:bf:35:40:bf:fd:28:6e:3a:1d:08:8f:5a:52:44:94:62:b9:
         1f:85:d9:f3:94:44:72:66:dc:dc:73:45:6f:41:fc:e1:28:88:
         51:b4:a1:1b:d1:d5:29:14:cf:3f:29:46:91:94:8b:4f:30:83:
         ea:79:fa:1c:e4:d9:b2:6a:8b:1a:1e:c8:56:da:b7:93:9f:f5:
         b5:56:5d:66:04:82:d2:10:be:f9:2f:1f:bb:c5:cf:98:76:59:
         95:31:60:be:92:d9:7c:31:37:35:2f:09:cb:9c:b8:fa:16:23:
         0c:35:f8:b5:ac:15:15:7e:6a:5a:06:8c:94:3e:6d:a6:fc:e0:
         97:97:41:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvFTqqKB8da/TOucw6sn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzBhYjAxMTAyYWFlZjMwZWJkNGM4OTFjMDM4MDliYWFk
MDM5ZTAwHhcNMjUwODIzMDcwMjI2WhcNMjUwODI0MDcwMjI2WjAzMTEwLwYDVQQD
EygwODQzNWJlYzNhZmEwODc0ZmNkMzgwZjc3NmNhYzY3NTQxODc5MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPktQ7zhR4a9UYe5RBgBa7AcddCk
2vYmQB6mJI2G5JgRYsGVdBwXX0mCTER7qdqTof1GzULp+LlRo8m0wR5D92v4NyPQ
TZPQwP3h2nQnwq2e2iiaV0KCxHJQHC5uPQ6YOcr+I1IroQ4bQaa6wcm1vWy/Biwh
tadyrvCMCAnwPiN6H6YIZgazbbUzl5JkbOgoqKf6pv5eJGe6GB+vTHt3IWkS2YVl
THS1u6QA2d2Nr0NUYnpa6ONho64GtXpjEJBITNchmDBAbEwCtrUcTFMSH6TTN61R
TVTs4jbvkhy/g8KTlbGl2yXsiLGACcss5ihEXrGXQT5s1X3e45O/yYsGMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhDW+w6+gh0/NOA93bKxnVBh5LPMB8GA1UdIwQY
MBaAFN4wqwEQKq7zDr1MiRwDgJuq0DngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAt
ZDQyNzY4Yzg0ZGY3LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAtZDQyNzY4Yzg0ZGY3
LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXKRqEMu2
Z4icmVBERRg4HGz2gTFY7bijDNRd8ItW7+HeFBBIOkhafz2i2ltyyT1b92BaSRUJ
g0hgad0XFcea/+js2Svy9eSQORk/WgiLej22QmyZJXgXOrQvb13td/RmPj5GmhSE
5cOOmIR1h3XPYro617+i+EHnUynD0P79/r81QL/9KG46HQiPWlJElGK5H4XZ85RE
cmbc3HNFb0H84SiIUbShG9HVKRTPPylGkZSLTzCD6nn6HOTZsmqLGh7IVtq3k5/1
tVZdZgSC0hC++S8fu8XPmHZZlTFgvpLZfDE3NS8Jy5y4+hYjDDX4tawVFX5qWgaM
lD5tpvzgl5dBvA==
-----END CERTIFICATE-----