Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
File:                     3g2da2l8ochlcMJWhi5oWLR5nIU.mft (raw, json)
Hash identifier:          0gfuj0cc2BtaZN5L6HWBcuI4IAxQyaZqYyJ0UNK+AYc=
Subject key identifier:   D6:1C:B9:1F:5D:3B:38:ED:96:1F:6C:9C:DA:6C:FB:49:A3:FE:45:68
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Certificate issuer:       /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial:       0199FB7CACC0BACD4E39D7609A8D6F9E0A8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
Manifest number:          16E8
Signing time:             Sun 19 Oct 2025 08:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:15 +0000
Files and hashes:         1: 3g2da2l8ochlcMJWhi5oWLR5nIU.crl (hash: U4/WyJchyxfSBX6Zj0eG5gx/sV1ET/LnCGaO/zhMjqA=)
                          2: CURhnBTebRtFbuqIF-dFXdwxOsI.roa (hash: N2c5XcgW+AQpVpLwLHbjy6S9Vm1RjK7GXpDlAsFZpfk=)
                          3: EUX35BVNkJsUjFXuBk75OVm9PCc.roa (hash: K2j+jUDEk3zskvvRatSmoYAxHWdNXJq7sEJx+OMyHQQ=)
                          4: EpSf_xGsxic86z10zbwqzKmasW8.roa (hash: eSnnnz/WKP7V/MJyjND4ey6FBA8RQok1qLjk+ng6oW4=)
                          5: P2rbCazRzAecS6cq7qBlJh3ulhk.roa (hash: eS1swdw4PwPA3JuCzPIM9DRGgb8q7vXujdInn+mWiHc=)
                          6: mld6HE3RapKTIrTK3ARnJwX6Nfo.roa (hash: QckW2u4tae0vEXpqjOByW8q7ybuT0MKIf8YyQZ8Ec7k=)
                          7: pX4EUgeDNNWi24hGb7Vs1LSwVFU.roa (hash: 8qojOgWb70IVU0ElW5/Sut6REATPavh52G81zhsEHj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:ac:c0:ba:cd:4e:39:d7:60:9a:8d:6f:9e:0a:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
        Validity
            Not Before: Oct 19 08:01:15 2025 GMT
            Not After : Oct 20 08:01:15 2025 GMT
        Subject: CN=d61cb91f5d3b38ed961f6c9cda6cfb49a3fe4568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:00:f5:f9:be:ac:89:6f:04:c4:1f:b1:49:11:
                    56:d8:a1:58:50:51:82:60:c0:90:1b:a2:21:bb:a8:
                    f2:44:aa:b0:f1:df:35:97:05:d9:47:dc:a1:a0:25:
                    ef:59:ac:d8:bb:a8:fb:3c:32:28:af:1d:63:1f:ce:
                    ac:c6:c5:54:9a:d3:a8:54:22:cc:56:c2:c0:60:d5:
                    c8:fd:a6:88:d1:66:47:27:ee:e2:bb:84:48:d5:77:
                    9c:1e:69:36:16:34:68:1b:66:44:bc:31:fa:6b:cd:
                    7d:6c:5f:4e:3f:a7:fa:e8:7d:9d:41:64:e6:1b:d3:
                    22:6d:59:ba:77:89:da:80:4c:bb:b8:61:d8:4b:ba:
                    6b:49:9d:21:a5:11:af:03:3f:bd:17:69:bd:94:77:
                    d8:3f:6a:53:4b:ef:ce:4c:7c:51:cb:73:07:a1:1b:
                    20:0c:03:8c:bc:c7:5d:c2:93:a0:9a:01:02:00:3f:
                    82:1b:8d:ad:03:7c:ff:f0:0b:d5:57:83:a7:63:8d:
                    d7:15:ae:c4:0f:cb:d3:f9:e6:40:59:c8:49:ed:85:
                    95:ed:8d:ad:f2:c4:15:67:20:85:9b:dd:c5:47:70:
                    f9:3f:39:84:46:92:80:37:cf:fb:69:be:00:69:13:
                    7e:24:8e:a2:ae:b4:b7:51:9f:1c:a1:d9:6d:02:73:
                    64:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:1C:B9:1F:5D:3B:38:ED:96:1F:6C:9C:DA:6C:FB:49:A3:FE:45:68
            X509v3 Authority Key Identifier:
                keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:5d:be:b7:7b:9b:7e:11:92:3d:bd:08:31:a6:95:39:6a:49:
         90:87:e3:a8:07:db:6c:3e:a8:cc:c7:e6:1f:a4:cb:62:94:60:
         73:14:d6:db:dc:0f:1e:eb:86:1a:00:84:0e:e7:fa:1f:e5:c5:
         eb:40:78:9b:74:4a:5a:fd:11:41:6a:74:5b:fa:05:58:7a:c6:
         b2:b4:0b:d4:ad:a5:50:62:0a:e2:05:d2:9e:19:10:89:01:98:
         3f:15:50:c4:cf:72:41:a4:a4:48:1b:57:62:9a:8b:2c:18:86:
         d3:c2:89:c8:3b:83:9f:12:b2:23:b2:8d:11:b4:bb:fd:e2:80:
         cb:a7:0c:18:3a:93:cf:09:65:67:72:26:0a:ed:61:7e:84:29:
         51:bd:d1:a3:60:c7:78:e6:a7:1c:93:a5:8f:2c:c0:9b:a8:d4:
         f3:d3:0f:0d:bb:65:8b:5d:35:53:03:c5:08:80:52:1f:69:97:
         df:32:6d:0c:a0:fc:04:e0:99:7a:40:45:68:e9:66:a1:36:77:
         15:36:94:05:b9:41:e5:54:73:6b:e3:f6:c4:7e:32:da:ec:c9:
         cf:7a:e8:2a:02:9c:96:3d:6f:15:ad:f5:84:18:38:84:7f:17:
         f2:79:3d:20:14:56:1d:fd:35:9a:07:a7:78:96:c0:f0:91:ba:
         ab:c8:6f:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fKzAus1OOddgmo1vngqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjUxMDE5MDgwMTE1WhcNMjUxMDIwMDgwMTE1WjAzMTEwLwYDVQQD
EyhkNjFjYjkxZjVkM2IzOGVkOTYxZjZjOWNkYTZjZmI0OWEzZmU0NTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgD1+b6siW8ExB+xSRFW2KFYUFGC
YMCQG6Ihu6jyRKqw8d81lwXZR9yhoCXvWazYu6j7PDIorx1jH86sxsVUmtOoVCLM
VsLAYNXI/aaI0WZHJ+7iu4RI1XecHmk2FjRoG2ZEvDH6a819bF9OP6f66H2dQWTm
G9MibVm6d4nagEy7uGHYS7prSZ0hpRGvAz+9F2m9lHfYP2pTS+/OTHxRy3MHoRsg
DAOMvMddwpOgmgECAD+CG42tA3z/8AvVV4OnY43XFa7ED8vT+eZAWchJ7YWV7Y2t
8sQVZyCFm93FR3D5PzmERpKAN8/7ab4AaRN+JI6irrS3UZ8codltAnNklwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYcuR9dOzjtlh9snNps+0mj/kVoMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEF2+t3ub
fhGSPb0IMaaVOWpJkIfjqAfbbD6ozMfmH6TLYpRgcxTW29wPHuuGGgCEDuf6H+XF
60B4m3RKWv0RQWp0W/oFWHrGsrQL1K2lUGIK4gXSnhkQiQGYPxVQxM9yQaSkSBtX
YpqLLBiG08KJyDuDnxKyI7KNEbS7/eKAy6cMGDqTzwllZ3ImCu1hfoQpUb3Ro2DH
eOanHJOljyzAm6jU89MPDbtli101UwPFCIBSH2mX3zJtDKD8BOCZekBFaOlmoTZ3
FTaUBblB5VRza+P2xH4y2uzJz3roKgKclj1vFa31hBg4hH8X8nk9IBRWHf01mgen
eJbA8JG6q8hvRg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:54 2025 by rpki-client