Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File:                     MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier:          3nr32YArEJ1IzIDm83jCq71EU9Nx9UTkNFJXir3xiY0=
Subject key identifier:   B2:01:94:7E:E6:67:10:4D:59:57:BC:D5:20:F1:42:E9:41:96:67:94
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer:       /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial:       0198D77392EC78E6A4B62A773015AE0C675C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number:          017E
Signing time:             Sat 23 Aug 2025 15:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 15:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 15:02:12 +0000
Files and hashes:         1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: EnIBupOoqaiFBWBevRvyvGpkzgjKH/ITfHlBFAH7itg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:73:92:ec:78:e6:a4:b6:2a:77:30:15:ae:0c:67:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
        Validity
            Not Before: Aug 23 15:02:12 2025 GMT
            Not After : Aug 24 15:02:12 2025 GMT
        Subject: CN=b201947ee667104d5957bcd520f142e941966794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:03:ea:b9:39:6f:25:c7:d2:45:10:5b:30:0e:
                    74:3b:80:98:dc:ce:af:5c:b5:6b:09:7e:e7:92:50:
                    e9:ed:3c:f3:9d:d2:0d:79:a3:f7:b4:ba:e7:19:2d:
                    cc:2b:80:83:e4:d8:f2:81:7f:35:69:aa:6c:eb:c7:
                    e2:8b:a8:8b:40:85:40:79:6c:5a:e0:e6:73:17:70:
                    d5:bb:82:54:4a:59:4f:5d:3d:96:4f:ed:3f:c3:78:
                    47:a2:c5:a0:c7:58:1c:3a:98:a9:7a:20:29:8b:79:
                    ea:4c:2d:41:0b:ee:37:14:e2:b1:0d:fb:2b:cc:22:
                    64:91:f7:13:fd:28:55:2a:c8:a1:ee:5e:ee:34:7f:
                    f1:9b:7b:c2:39:98:2c:8a:00:2c:15:fc:fa:6e:68:
                    7c:04:a4:2c:68:5e:b6:ac:6b:ce:3a:f0:64:d4:fd:
                    9e:70:4c:fe:f0:0e:11:1d:5f:4e:6d:55:3d:bb:6a:
                    15:ee:e4:d2:59:c1:19:a1:d2:11:dd:11:d5:89:99:
                    2e:2e:0a:a6:91:95:e0:8e:be:e3:99:a0:ed:c7:0d:
                    86:cc:b2:ae:2b:65:2c:df:1e:26:6e:71:a2:c3:75:
                    53:1c:a8:0f:90:ba:5e:f6:38:cf:ab:88:39:16:1d:
                    fe:c9:70:96:cb:68:a7:f4:ac:65:06:80:7d:2c:8b:
                    bd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:01:94:7E:E6:67:10:4D:59:57:BC:D5:20:F1:42:E9:41:96:67:94
            X509v3 Authority Key Identifier:
                keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:57:c7:86:49:14:9f:71:73:af:6c:3c:2e:6c:4f:63:91:21:
         92:8c:ca:4d:9a:4d:74:5a:16:3f:58:ec:22:45:14:53:2a:2a:
         83:3f:37:7b:cc:2d:ed:46:91:aa:91:12:83:d5:35:83:50:36:
         a8:e6:ff:05:e5:70:d7:38:38:71:e4:21:87:71:9d:16:d5:cd:
         07:0c:13:19:88:c6:66:c9:22:4f:ca:ff:81:70:67:2f:d9:34:
         21:63:1e:ef:c2:e9:ec:fc:f2:bc:3b:a3:39:d2:5d:17:58:57:
         7c:0f:38:65:62:da:12:d5:8d:07:e4:3d:f9:0d:da:de:aa:9b:
         36:6d:6c:a3:0e:5e:a8:3e:98:b8:a3:cb:71:58:1b:4e:9a:69:
         63:02:0b:bf:1e:d4:e7:0b:30:b6:1b:fe:d8:7a:9f:5b:22:b0:
         08:53:02:79:bf:60:c5:7c:8a:89:22:e6:39:48:08:29:31:a3:
         0c:e4:22:6f:c7:a0:a3:d1:13:8f:c4:ea:1e:d9:86:0d:e8:7f:
         1d:21:d8:fb:3e:c7:8b:0c:43:05:50:98:41:95:18:86:3f:93:
         cf:5e:f4:97:13:ff:75:1a:ed:f5:25:94:43:1d:36:18:17:eb:
         d4:d9:f0:1f:e3:5d:94:e8:0f:72:fc:eb:2d:d3:ae:b0:82:e0:
         68:3d:3d:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXc5LseOaktip3MBWuDGdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjUwODIzMTUwMjEyWhcNMjUwODI0MTUwMjEyWjAzMTEwLwYDVQQD
EyhiMjAxOTQ3ZWU2NjcxMDRkNTk1N2JjZDUyMGYxNDJlOTQxOTY2Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwPquTlvJcfSRRBbMA50O4CY3M6v
XLVrCX7nklDp7TzzndINeaP3tLrnGS3MK4CD5NjygX81aaps68fii6iLQIVAeWxa
4OZzF3DVu4JUSllPXT2WT+0/w3hHosWgx1gcOpipeiApi3nqTC1BC+43FOKxDfsr
zCJkkfcT/ShVKsih7l7uNH/xm3vCOZgsigAsFfz6bmh8BKQsaF62rGvOOvBk1P2e
cEz+8A4RHV9ObVU9u2oV7uTSWcEZodIR3RHViZkuLgqmkZXgjr7jmaDtxw2GzLKu
K2Us3x4mbnGiw3VTHKgPkLpe9jjPq4g5Fh3+yXCWy2in9KxlBoB9LIu9ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIBlH7mZxBNWVe81SDxQulBlmeUMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKlfHhkkU
n3Fzr2w8LmxPY5EhkozKTZpNdFoWP1jsIkUUUyoqgz83e8wt7UaRqpESg9U1g1A2
qOb/BeVw1zg4ceQhh3GdFtXNBwwTGYjGZskiT8r/gXBnL9k0IWMe78Lp7PzyvDuj
OdJdF1hXfA84ZWLaEtWNB+Q9+Q3a3qqbNm1sow5eqD6YuKPLcVgbTpppYwILvx7U
5wswthv+2HqfWyKwCFMCeb9gxXyKiSLmOUgIKTGjDOQib8ego9ETj8TqHtmGDeh/
HSHY+z7HiwxDBVCYQZUYhj+Tz170lxP/dRrt9SWUQx02GBfr1NnwH+NdlOgPcvzr
LdOusILgaD090A==
-----END CERTIFICATE-----