Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
File:                     24tcHuy6hgz_8XR5ZtdjyagvbZo.mft (raw, json)
Hash identifier:          3tqAEx9zNTPQ1WJ9KHqrV+kGXDvJf6HJQPSKlzNTIqY=
Subject key identifier:   A0:26:69:3B:CD:DF:AA:66:CF:3F:31:4D:A1:A8:CA:FE:2E:ED:44:A6
Authority key identifier: DB:8B:5C:1E:EC:BA:86:0C:FF:F1:74:79:66:D7:63:C9:A8:2F:6D:9A
Certificate issuer:       /CN=db8b5c1eecba860cfff1747966d763c9a82f6d9a
Certificate serial:       0198D6CDDDC966C6BE969F7F879F9C9C08D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 12:01:12 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:12 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:12 +0000
Files and hashes:         1: 24tcHuy6hgz_8XR5ZtdjyagvbZo.crl (hash: EfgGVKS8Vup94lehLwm/ni2NgDuc4WyDXfQa1Hnj6iM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:dd:c9:66:c6:be:96:9f:7f:87:9f:9c:9c:08:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8b5c1eecba860cfff1747966d763c9a82f6d9a
        Validity
            Not Before: Aug 23 12:01:12 2025 GMT
            Not After : Aug 24 12:01:12 2025 GMT
        Subject: CN=a026693bcddfaa66cf3f314da1a8cafe2eed44a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1a:bd:af:93:be:19:d7:20:ef:dd:db:20:27:
                    78:bb:47:64:8a:c5:dc:20:91:7c:e7:7a:dd:19:b5:
                    c9:a2:c9:10:07:bb:c7:33:ef:c0:23:da:09:14:17:
                    57:32:b0:7d:6f:5d:35:5e:5d:69:7a:9e:1c:6f:63:
                    69:f6:3d:8b:4f:9c:5c:3b:9b:98:b6:63:58:ed:41:
                    09:61:74:58:97:c9:fc:0d:2d:77:91:58:af:d2:39:
                    6a:bf:8d:46:23:ca:7f:90:59:57:96:75:0d:0e:44:
                    65:72:21:43:8b:fa:91:3d:e9:b3:ee:e6:8e:7f:ca:
                    70:d2:9b:37:e6:6e:9f:48:88:5f:79:f6:27:86:3d:
                    e2:c9:cb:38:2f:45:fc:74:f0:be:19:5f:ea:03:d7:
                    8a:1a:07:46:a5:a9:66:6e:e7:70:5f:b0:34:d9:87:
                    12:6c:97:4e:ff:ec:c6:3c:c3:7c:ab:e1:7c:06:fd:
                    a2:98:62:fe:9e:95:56:47:1a:af:cc:fe:b8:18:a1:
                    ed:43:29:0f:6a:8d:11:ab:6d:74:ee:5a:e1:d5:5f:
                    99:48:5f:c6:19:93:e6:41:90:9a:71:1c:15:54:81:
                    73:5c:1b:d0:7d:ea:88:23:1c:93:3a:95:1f:23:9f:
                    35:5e:2b:32:41:af:b7:e8:9d:17:2e:d0:f8:16:ef:
                    3c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:26:69:3B:CD:DF:AA:66:CF:3F:31:4D:A1:A8:CA:FE:2E:ED:44:A6
            X509v3 Authority Key Identifier:
                keyid:DB:8B:5C:1E:EC:BA:86:0C:FF:F1:74:79:66:D7:63:C9:A8:2F:6D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:a8:68:1b:26:7c:9a:ae:d4:9d:83:5b:35:03:1e:e1:2a:b9:
         46:6f:2a:e4:84:65:55:90:d1:56:b2:31:22:09:97:f1:9d:50:
         5d:55:51:7d:e9:c8:ba:45:07:3e:ac:2a:14:e5:98:16:51:4f:
         11:d8:0c:0c:74:bf:06:60:0d:67:d3:ab:90:54:63:31:38:f3:
         16:26:fb:05:09:9e:63:eb:79:69:f0:1a:55:a0:ff:8e:8f:b3:
         21:6f:05:d3:80:6a:16:e7:0a:40:de:e2:78:9b:1d:71:d6:6d:
         22:f1:53:69:ec:4a:03:12:ce:41:51:43:ff:13:e6:78:4d:51:
         c6:42:e0:04:a7:89:07:12:16:27:55:8e:c7:9b:36:03:44:f2:
         90:59:c6:b4:b7:c8:5b:e1:4c:d5:0c:37:eb:c3:27:26:e9:15:
         ad:c5:29:4f:65:b8:92:c9:81:b1:7d:22:c3:c5:40:0e:23:89:
         9b:c4:de:ab:e2:b2:a0:db:a3:ec:c4:e9:c8:ac:67:34:c9:f7:
         58:a7:19:f5:95:fa:2a:18:f3:b9:90:9f:61:0d:78:09:c2:2b:
         5d:42:13:c2:2f:ca:72:f2:2f:16:ea:63:ab:2c:68:f2:61:3f:
         eb:ce:2a:4b:1e:d8:20:51:22:01:fc:c9:2a:3f:0c:2b:f0:05:
         17:1d:85:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzd3JZsa+lp9/h5+cnAjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGI1YzFlZWNiYTg2MGNmZmYxNzQ3OTY2ZDc2M2M5YTgy
ZjZkOWEwHhcNMjUwODIzMTIwMTEyWhcNMjUwODI0MTIwMTEyWjAzMTEwLwYDVQQD
EyhhMDI2NjkzYmNkZGZhYTY2Y2YzZjMxNGRhMWE4Y2FmZTJlZWQ0NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBq9r5O+Gdcg793bICd4u0dkisXc
IJF853rdGbXJoskQB7vHM+/AI9oJFBdXMrB9b101Xl1pep4cb2Np9j2LT5xcO5uY
tmNY7UEJYXRYl8n8DS13kViv0jlqv41GI8p/kFlXlnUNDkRlciFDi/qRPemz7uaO
f8pw0ps35m6fSIhfefYnhj3iycs4L0X8dPC+GV/qA9eKGgdGpalmbudwX7A02YcS
bJdO/+zGPMN8q+F8Bv2imGL+npVWRxqvzP64GKHtQykPao0Rq2107lrh1V+ZSF/G
GZPmQZCacRwVVIFzXBvQfeqIIxyTOpUfI581XisyQa+36J0XLtD4Fu88kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAmaTvN36pmzz8xTaGoyv4u7USmMB8GA1UdIwQY
MBaAFNuLXB7suoYM//F0eWbXY8moL22aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84NjNiMGMtYjFhYy00ZDdjLWFiYzIt
ZmI2ZjAzN2EyODdlLzEvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84NjNiMGMtYjFhYy00ZDdjLWFiYzItZmI2ZjAzN2EyODdl
LzEvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXahoGyZ8
mq7UnYNbNQMe4Sq5Rm8q5IRlVZDRVrIxIgmX8Z1QXVVRfenIukUHPqwqFOWYFlFP
EdgMDHS/BmANZ9OrkFRjMTjzFib7BQmeY+t5afAaVaD/jo+zIW8F04BqFucKQN7i
eJsdcdZtIvFTaexKAxLOQVFD/xPmeE1RxkLgBKeJBxIWJ1WOx5s2A0TykFnGtLfI
W+FM1Qw368MnJukVrcUpT2W4ksmBsX0iw8VADiOJm8Teq+KyoNuj7MTpyKxnNMn3
WKcZ9ZX6KhjzuZCfYQ14CcIrXUITwi/KcvIvFupjqyxo8mE/684qSx7YIFEiAfzJ
Kj8MK/AFFx2FiA==
-----END CERTIFICATE-----