Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          z3Suw1VWN7NfgLrcOl99AvuglugLoxLr2HBBBPYShak=
Subject key identifier:   F3:D0:C1:D0:C7:07:99:6E:AE:9A:DB:10:E5:20:59:9B:B7:08:95:DB
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       0199FC58953E370CF9DC41C7BEB20C2CB19C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 12:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:27 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: db+xj1c35JIewdYQPuWcNGTaV4gmcKjQQcycwml6ADI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:95:3e:37:0c:f9:dc:41:c7:be:b2:0c:2c:b1:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Oct 19 12:01:27 2025 GMT
            Not After : Oct 20 12:01:27 2025 GMT
        Subject: CN=f3d0c1d0c707996eae9adb10e520599bb70895db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ae:76:f3:dd:78:70:de:2d:12:2b:49:65:fa:
                    ff:90:73:62:ae:18:9c:b4:24:fe:36:f8:8c:68:fc:
                    52:58:22:fc:94:8c:19:bc:5b:cc:5a:54:18:7b:92:
                    21:90:90:28:0c:c4:0f:d0:4e:17:76:8f:d0:2a:7e:
                    ac:dd:ab:2e:84:3b:cf:9a:f6:f0:1c:5d:e1:6b:b0:
                    6f:45:12:ae:b4:39:79:bb:de:2c:a6:3a:84:87:8a:
                    b2:39:3e:fe:56:37:7a:da:d5:e9:6f:2c:fc:08:3e:
                    1d:af:03:56:3f:fd:e2:62:c7:e0:9d:83:9b:60:7a:
                    d3:d6:d5:61:ed:83:df:7d:6c:dd:3f:7a:c7:aa:58:
                    be:14:5b:65:09:7f:9d:a6:a3:5a:a1:8d:ed:5b:7b:
                    94:af:79:8b:3b:55:16:b6:e7:72:2d:41:0f:aa:b0:
                    92:0a:14:6d:72:73:92:88:3d:2a:06:68:06:f4:09:
                    e5:64:6c:2e:55:73:d4:b2:78:f9:57:ad:08:b3:2f:
                    c6:42:07:4f:02:2d:46:c6:17:7f:6e:90:46:19:2c:
                    cb:4d:27:7b:ad:5f:9f:34:62:41:94:02:14:2c:76:
                    17:3c:c4:ef:d0:b5:95:ca:6b:45:68:fb:e8:e2:9c:
                    6f:9b:35:49:9d:9a:af:46:ef:36:da:49:2a:e2:e1:
                    e9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:D0:C1:D0:C7:07:99:6E:AE:9A:DB:10:E5:20:59:9B:B7:08:95:DB
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:d4:fd:fc:c0:17:02:f0:a2:e1:ec:c5:95:5f:f3:3c:5f:70:
         5e:37:5f:6c:97:52:78:50:4b:28:f3:eb:0c:21:4e:d2:c0:c6:
         ac:14:a7:19:1b:cf:4e:48:0d:b7:20:72:37:60:07:7e:61:67:
         28:70:f6:80:a7:ca:ca:29:9c:cd:77:d9:c6:f1:3a:c1:7b:89:
         38:05:55:6a:0c:5a:58:2c:54:6c:36:77:dd:cb:6a:3c:5d:f2:
         cd:f8:fd:58:09:71:d5:17:30:bb:9d:28:70:08:a0:3f:99:93:
         ef:04:71:59:53:83:08:d4:b1:7c:e8:8c:de:6f:01:cb:fa:da:
         43:0c:03:fb:f9:ba:8a:f6:97:c0:ff:e9:e8:d0:d9:77:4f:8a:
         b9:8c:ab:28:c2:51:e8:9b:af:98:c7:65:1f:5e:cb:f6:ec:8d:
         ba:46:f4:6d:20:dc:f3:92:ae:a1:c7:9e:6c:93:b4:95:39:fb:
         6b:9c:7d:d6:57:61:ec:af:95:c4:e0:0b:fd:9a:2f:08:69:32:
         ae:31:0f:88:cf:e4:61:7e:36:53:05:46:f5:89:53:28:b0:89:
         42:51:12:61:7c:36:ae:c1:4a:61:57:5a:66:d2:f0:28:67:05:
         c2:a3:ad:28:a3:b5:2e:dc:c5:ba:ce:72:6a:96:25:04:a9:3f:
         0a:92:f6:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WJU+Nwz53EHHvrIMLLGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUxMDE5MTIwMTI3WhcNMjUxMDIwMTIwMTI3WjAzMTEwLwYDVQQD
EyhmM2QwYzFkMGM3MDc5OTZlYWU5YWRiMTBlNTIwNTk5YmI3MDg5NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa528914cN4tEitJZfr/kHNirhic
tCT+NviMaPxSWCL8lIwZvFvMWlQYe5IhkJAoDMQP0E4Xdo/QKn6s3asuhDvPmvbw
HF3ha7BvRRKutDl5u94spjqEh4qyOT7+Vjd62tXpbyz8CD4drwNWP/3iYsfgnYOb
YHrT1tVh7YPffWzdP3rHqli+FFtlCX+dpqNaoY3tW3uUr3mLO1UWtudyLUEPqrCS
ChRtcnOSiD0qBmgG9AnlZGwuVXPUsnj5V60Isy/GQgdPAi1Gxhd/bpBGGSzLTSd7
rV+fNGJBlAIULHYXPMTv0LWVymtFaPvo4pxvmzVJnZqvRu822kkq4uHpvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPQwdDHB5lurprbEOUgWZu3CJXbMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAStT9/MAX
AvCi4ezFlV/zPF9wXjdfbJdSeFBLKPPrDCFO0sDGrBSnGRvPTkgNtyByN2AHfmFn
KHD2gKfKyimczXfZxvE6wXuJOAVVagxaWCxUbDZ33ctqPF3yzfj9WAlx1Rcwu50o
cAigP5mT7wRxWVODCNSxfOiM3m8By/raQwwD+/m6ivaXwP/p6NDZd0+KuYyrKMJR
6JuvmMdlH17L9uyNukb0bSDc85KuoceebJO0lTn7a5x91ldh7K+VxOAL/ZovCGky
rjEPiM/kYX42UwVG9YlTKLCJQlESYXw2rsFKYVdaZtLwKGcFwqOtKKO1LtzFus5y
apYlBKk/CpL2fg==
-----END CERTIFICATE-----