Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File:                     MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier:          qtHT57d40TE8InlB2DDZLe1HyYghaBADmpzCCCHoFjM=
Subject key identifier:   5E:31:E5:1D:48:D0:6E:44:3B:88:1B:23:4D:BB:B4:62:92:B8:6F:B8
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer:       /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial:       0199FEEB9C5818A7D693DE60DB49A4D53B6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number:          0217
Signing time:             Mon 20 Oct 2025 00:01:17 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:17 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:17 +0000
Files and hashes:         1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: wdDuoLPsDPIwojXn/ia5dBFYLqNKGzfySgE9d94rN3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:9c:58:18:a7:d6:93:de:60:db:49:a4:d5:3b:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
        Validity
            Not Before: Oct 20 00:01:17 2025 GMT
            Not After : Oct 21 00:01:17 2025 GMT
        Subject: CN=5e31e51d48d06e443b881b234dbbb46292b86fb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5a:87:75:19:d6:cb:de:79:f2:9c:bd:ad:00:
                    be:6c:c8:a3:c6:2a:c2:58:66:91:f6:76:c2:b0:b0:
                    a7:27:e9:6d:44:8d:f3:82:a6:a7:80:df:32:80:9a:
                    38:cf:83:bb:63:1a:63:e4:f1:15:d4:6d:5b:81:e0:
                    7d:a0:b0:7f:44:4a:d8:99:1a:f8:a1:25:c3:b8:e3:
                    b6:ae:9b:f9:e2:fd:5b:73:b1:29:10:b5:e5:b7:b9:
                    ae:8a:8e:88:a5:f4:e3:6d:cc:74:fb:f8:b6:eb:98:
                    8e:e7:99:4d:66:8e:9d:45:31:20:26:a7:03:78:72:
                    f3:7a:94:39:85:ad:2e:ce:e0:4f:d0:f4:27:c9:5a:
                    33:00:96:2d:e4:41:1a:1a:a1:f6:3d:ff:79:29:c8:
                    fc:10:99:34:d9:56:a5:64:d6:6d:db:80:b7:be:39:
                    01:b7:b1:bc:15:cb:8c:88:61:a6:be:60:ab:b5:23:
                    e1:c5:73:56:7d:d7:41:38:80:44:8d:fe:db:d5:a5:
                    67:2b:c6:32:96:f0:df:09:41:a5:32:20:85:51:cd:
                    39:06:4e:05:4c:90:4c:7d:51:a9:99:d2:7c:89:d0:
                    4e:0d:66:63:bb:d7:4e:36:13:36:7d:ba:00:34:2d:
                    39:c8:16:7f:eb:14:5c:46:1f:bf:27:95:ae:2b:a3:
                    40:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:31:E5:1D:48:D0:6E:44:3B:88:1B:23:4D:BB:B4:62:92:B8:6F:B8
            X509v3 Authority Key Identifier:
                keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:b1:a6:29:b1:fc:8b:64:71:a4:f9:4b:24:25:89:6a:04:4b:
         68:fe:80:5d:e6:9f:98:d0:21:51:f8:0d:89:fd:d4:5d:f4:0b:
         7c:b7:74:87:c6:3f:f9:70:55:d2:2d:6d:59:05:13:4f:a2:52:
         08:0c:ed:ee:1a:c2:6a:41:1b:f2:d3:21:11:23:ba:8f:30:ad:
         7f:41:ae:cb:58:3a:2e:79:ee:66:d0:ed:e4:6e:73:e7:0f:70:
         0a:70:f4:3e:50:f1:2d:f0:90:12:eb:c5:4e:f2:f0:05:f7:21:
         d1:0d:d5:99:ef:0b:81:9d:66:f1:4e:0a:36:fe:68:d7:ab:e8:
         db:36:6a:0d:a7:dc:00:65:5f:93:81:e9:b8:64:fa:7e:12:42:
         46:0c:5c:38:7f:f4:a4:05:52:bd:26:16:5d:49:6c:bb:50:cf:
         59:91:e8:4e:b5:11:ab:b8:04:34:5f:43:17:80:9c:19:de:dc:
         30:9a:9c:cb:4d:b9:8b:02:f1:5a:f4:fe:79:a2:5b:d5:aa:0a:
         04:ed:6a:3f:c4:9d:5f:1e:0a:1d:80:3e:32:88:4d:e5:d0:1a:
         9e:9c:c0:31:b8:68:79:7b:2d:a2:d9:23:31:ea:d6:15:87:a4:
         81:44:af:7f:55:11:94:da:97:1e:5b:07:06:ea:62:94:41:bd:
         74:65:a7:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+65xYGKfWk95g20mk1TtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjUxMDIwMDAwMTE3WhcNMjUxMDIxMDAwMTE3WjAzMTEwLwYDVQQD
Eyg1ZTMxZTUxZDQ4ZDA2ZTQ0M2I4ODFiMjM0ZGJiYjQ2MjkyYjg2ZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lqHdRnWy9558py9rQC+bMijxirC
WGaR9nbCsLCnJ+ltRI3zgqangN8ygJo4z4O7Yxpj5PEV1G1bgeB9oLB/RErYmRr4
oSXDuOO2rpv54v1bc7EpELXlt7muio6IpfTjbcx0+/i265iO55lNZo6dRTEgJqcD
eHLzepQ5ha0uzuBP0PQnyVozAJYt5EEaGqH2Pf95Kcj8EJk02ValZNZt24C3vjkB
t7G8FcuMiGGmvmCrtSPhxXNWfddBOIBEjf7b1aVnK8YylvDfCUGlMiCFUc05Bk4F
TJBMfVGpmdJ8idBODWZju9dONhM2fboANC05yBZ/6xRcRh+/J5WuK6NA2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF4x5R1I0G5EO4gbI027tGKSuG+4MB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC7GmKbH8
i2RxpPlLJCWJagRLaP6AXeafmNAhUfgNif3UXfQLfLd0h8Y/+XBV0i1tWQUTT6JS
CAzt7hrCakEb8tMhESO6jzCtf0Guy1g6LnnuZtDt5G5z5w9wCnD0PlDxLfCQEuvF
TvLwBfch0Q3Vme8LgZ1m8U4KNv5o16vo2zZqDafcAGVfk4HpuGT6fhJCRgxcOH/0
pAVSvSYWXUlsu1DPWZHoTrURq7gENF9DF4CcGd7cMJqcy025iwLxWvT+eaJb1aoK
BO1qP8SdXx4KHYA+MohN5dAanpzAMbhoeXstotkjMerWFYekgUSvf1URlNqXHlsH
BupilEG9dGWnRw==
-----END CERTIFICATE-----