Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
File:                     g-3hynyzX11h-NWctQNumT6kO3A.mft (raw, json)
Hash identifier:          TGcNQU0XVgisE9jb+WLU+wqFcwpt5BO5FLFOIeAQKa8=
Subject key identifier:   27:E0:11:73:E1:EA:73:03:28:2C:09:9F:FB:6E:F2:03:10:57:6C:A8
Authority key identifier: 83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70
Certificate issuer:       /CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
Certificate serial:       019A01B4BF44B04F5CB9A284729FAB16773B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
Manifest number:          0F0C
Signing time:             Mon 20 Oct 2025 13:00:13 +0000
Manifest this update:     Mon 20 Oct 2025 13:00:13 +0000
Manifest next update:     Tue 21 Oct 2025 13:00:13 +0000
Files and hashes:         1: g-3hynyzX11h-NWctQNumT6kO3A.crl (hash: BNIVvx0uCdCbNkny96SqcTAaMFWaQDKQPeHKH5G+Vak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:b4:bf:44:b0:4f:5c:b9:a2:84:72:9f:ab:16:77:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70
        Validity
            Not Before: Oct 20 13:00:13 2025 GMT
            Not After : Oct 21 13:00:13 2025 GMT
        Subject: CN=27e01173e1ea7303282c099ffb6ef20310576ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8a:24:ef:da:7c:fe:c3:f2:e9:30:62:a3:29:
                    fe:1d:f9:ea:70:91:fe:e0:48:da:32:9b:9c:20:ed:
                    89:f0:1a:bb:28:b4:ca:d5:05:15:11:4b:49:f0:70:
                    0a:6b:61:57:28:68:d5:2d:fe:4e:b9:8c:67:f6:50:
                    ad:c7:19:71:6b:26:c6:22:d7:dd:a2:d3:f7:ed:fe:
                    de:e8:15:8f:84:41:28:45:e8:8c:5f:c5:35:47:52:
                    39:a8:fd:ad:d3:7a:3f:0f:82:17:99:ea:23:18:88:
                    9b:d4:04:36:fd:b5:1d:ca:62:53:fc:3a:34:bb:7b:
                    5d:35:ec:8d:6a:df:48:51:0c:6e:77:2f:6f:6a:f1:
                    89:ae:03:c3:92:44:d0:1b:a8:49:5c:68:9c:41:c0:
                    ff:e1:1f:9d:f1:44:28:57:ae:c0:bf:6c:07:7e:2f:
                    86:a5:f2:da:0d:eb:c2:7e:a1:c8:50:72:82:5e:9f:
                    0e:77:a3:d6:f6:8e:13:3b:b1:0b:c2:b6:0a:f8:75:
                    4c:c6:96:5b:cc:1a:e2:21:6d:26:c0:29:44:76:a3:
                    69:00:ce:d1:4b:d0:91:d6:80:48:ca:89:6b:5c:2b:
                    df:22:b4:c8:a0:4d:e4:80:fb:22:8a:3e:a2:2e:70:
                    bb:dd:5c:70:dc:d7:82:0e:8a:fb:92:cd:02:b1:47:
                    cf:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:E0:11:73:E1:EA:73:03:28:2C:09:9F:FB:6E:F2:03:10:57:6C:A8
            X509v3 Authority Key Identifier:
                keyid:83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:99:69:8f:08:40:ab:1c:0b:b6:b9:18:64:70:b6:8e:b2:f8:
         f5:15:c1:a4:87:cc:59:bb:3e:08:5a:03:ce:8d:9c:1a:00:f0:
         94:3b:58:a6:6a:fe:89:e6:99:b0:a5:29:e3:0d:4a:d1:4b:f7:
         54:56:63:c7:a8:0a:15:dd:4a:0d:76:38:29:7c:ff:88:09:8e:
         c4:bb:5b:83:46:b5:54:e9:8c:27:ff:6e:83:3c:19:67:58:09:
         6c:1a:e0:67:e1:e0:87:bf:30:53:f3:eb:67:d3:12:24:ab:05:
         74:88:51:06:47:3e:03:19:c9:03:89:3d:dc:a4:af:28:95:e5:
         ed:60:d6:90:b5:bc:60:a7:bb:a8:ce:07:1c:8a:8a:c7:a1:bb:
         42:e8:7c:ad:bd:4f:03:a4:ec:a7:b2:67:e0:da:94:16:17:7c:
         5f:db:4f:78:50:ab:9e:4c:d0:98:3d:ff:ba:a3:0f:23:1b:58:
         47:45:2c:2c:83:76:0f:0e:18:ef:e1:4c:9b:1e:15:07:a3:98:
         f3:d4:1e:dc:00:e6:13:32:fa:00:b5:aa:26:b0:54:7a:aa:0c:
         77:b0:38:e0:b2:2a:af:9c:d7:2e:61:35:53:58:34:54:f2:67:
         24:35:0c:1c:b3:c1:5d:d6:e9:42:be:72:cb:e0:55:8e:83:70:
         90:e5:38:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtL9EsE9cuaKEcp+rFnc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZWRlMWNhN2NiMzVmNWQ2MWY4ZDU5Y2I1MDM2ZTk5M2Vh
NDNiNzAwHhcNMjUxMDIwMTMwMDEzWhcNMjUxMDIxMTMwMDEzWjAzMTEwLwYDVQQD
EygyN2UwMTE3M2UxZWE3MzAzMjgyYzA5OWZmYjZlZjIwMzEwNTc2Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4ok79p8/sPy6TBioyn+HfnqcJH+
4EjaMpucIO2J8Bq7KLTK1QUVEUtJ8HAKa2FXKGjVLf5OuYxn9lCtxxlxaybGItfd
otP37f7e6BWPhEEoReiMX8U1R1I5qP2t03o/D4IXmeojGIib1AQ2/bUdymJT/Do0
u3tdNeyNat9IUQxudy9vavGJrgPDkkTQG6hJXGicQcD/4R+d8UQoV67Av2wHfi+G
pfLaDevCfqHIUHKCXp8Od6PW9o4TO7ELwrYK+HVMxpZbzBriIW0mwClEdqNpAM7R
S9CR1oBIyolrXCvfIrTIoE3kgPsiij6iLnC73Vxw3NeCDor7ks0CsUfP9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCfgEXPh6nMDKCwJn/tu8gMQV2yoMB8GA1UdIwQY
MBaAFIPt4cp8s19dYfjVnLUDbpk+pDtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTIt
OGIzNjYwZWQ1ZWQwLzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTItOGIzNjYwZWQ1ZWQw
LzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN5lpjwhA
qxwLtrkYZHC2jrL49RXBpIfMWbs+CFoDzo2cGgDwlDtYpmr+ieaZsKUp4w1K0Uv3
VFZjx6gKFd1KDXY4KXz/iAmOxLtbg0a1VOmMJ/9ugzwZZ1gJbBrgZ+Hgh78wU/Pr
Z9MSJKsFdIhRBkc+AxnJA4k93KSvKJXl7WDWkLW8YKe7qM4HHIqKx6G7Quh8rb1P
A6Tsp7Jn4NqUFhd8X9tPeFCrnkzQmD3/uqMPIxtYR0UsLIN2Dw4Y7+FMmx4VB6OY
89Qe3ADmEzL6ALWqJrBUeqoMd7A44LIqr5zXLmE1U1g0VPJnJDUMHLPBXdbpQr5y
y+BVjoNwkOU4Tw==
-----END CERTIFICATE-----