Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
File:                     24tcHuy6hgz_8XR5ZtdjyagvbZo.mft (raw, json)
Hash identifier:          lTmGZiRVKcMhAcK7FCqUCbpwpjdYLCT2fxj+B+mfiMQ=
Subject key identifier:   3F:A6:1E:92:22:2A:B1:F2:64:83:B2:D5:E0:61:93:6F:76:5B:8D:13
Authority key identifier: DB:8B:5C:1E:EC:BA:86:0C:FF:F1:74:79:66:D7:63:C9:A8:2F:6D:9A
Certificate issuer:       /CN=db8b5c1eecba860cfff1747966d763c9a82f6d9a
Certificate serial:       0199FC58D11ABDB2751C8028157F58E2CB94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 12:01:42 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:42 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:42 +0000
Files and hashes:         1: 24tcHuy6hgz_8XR5ZtdjyagvbZo.crl (hash: oYC3skhmKeGDnZ6mDoF4zT8gCObn2EFfB3kcV8GE7EE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:d1:1a:bd:b2:75:1c:80:28:15:7f:58:e2:cb:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8b5c1eecba860cfff1747966d763c9a82f6d9a
        Validity
            Not Before: Oct 19 12:01:42 2025 GMT
            Not After : Oct 20 12:01:42 2025 GMT
        Subject: CN=3fa61e92222ab1f26483b2d5e061936f765b8d13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bf:31:56:84:92:df:16:ba:a2:dd:ed:10:a2:
                    c5:3c:96:34:c2:48:24:49:ab:38:83:d0:fb:64:8f:
                    b7:60:3b:e9:36:29:5b:e1:76:7f:9b:71:9d:30:57:
                    6c:44:25:fc:68:69:2e:ca:52:9e:9a:9b:5e:9a:d6:
                    58:5e:5b:34:dc:fa:c8:d0:2a:13:d1:76:26:91:16:
                    4f:5b:22:30:d5:77:5c:5a:9d:6c:bd:8b:b4:fa:10:
                    96:f1:7e:36:4d:cd:a9:31:14:dd:88:56:a8:57:d1:
                    6f:e3:03:c9:f2:38:0f:d0:76:55:a3:fd:6a:1b:e8:
                    c0:a3:70:fd:b4:d8:b5:38:af:ec:dd:84:4d:c4:65:
                    d1:79:7c:c9:06:1d:8a:2a:c3:7f:f3:0a:5d:da:64:
                    c0:82:ea:5a:ab:0c:2d:75:36:bf:ee:20:44:6c:03:
                    d4:c0:a9:f5:33:e7:48:27:ff:14:89:ae:74:b2:96:
                    7f:b0:48:42:0b:90:a9:6f:76:dd:eb:ee:d3:77:df:
                    33:72:db:c4:49:8f:07:8b:e1:d8:06:a7:8d:55:90:
                    60:14:b7:ee:d9:f4:63:2b:5d:58:99:60:a5:09:2c:
                    64:1c:89:22:b2:ac:41:05:b7:ce:36:ad:23:95:df:
                    b4:2f:9a:01:97:9a:85:46:ca:fd:43:b2:ca:98:17:
                    04:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A6:1E:92:22:2A:B1:F2:64:83:B2:D5:E0:61:93:6F:76:5B:8D:13
            X509v3 Authority Key Identifier:
                keyid:DB:8B:5C:1E:EC:BA:86:0C:FF:F1:74:79:66:D7:63:C9:A8:2F:6D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/24tcHuy6hgz_8XR5ZtdjyagvbZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/863b0c-b1ac-4d7c-abc2-fb6f037a287e/1/24tcHuy6hgz_8XR5ZtdjyagvbZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:77:4a:3a:48:24:cd:5b:e7:c4:95:e6:61:a2:09:f6:4e:80:
         d8:83:1e:59:ea:36:ee:1b:19:01:6e:5a:9b:8a:e2:57:b9:c5:
         d0:19:d8:8a:1b:d7:eb:8c:6f:ee:2e:d5:21:27:e1:ac:e4:73:
         d5:f8:5e:2a:7c:58:3b:f1:41:12:fa:4f:fe:ef:f3:5e:d1:59:
         42:53:02:67:ca:0d:c0:0c:f2:25:33:e8:20:08:2d:c1:db:0d:
         f7:04:73:21:62:42:81:c3:a9:fb:56:da:a6:2e:b3:dc:38:d1:
         d5:d7:20:da:57:20:0f:3f:e1:2a:c1:5c:bc:46:1d:18:af:8f:
         a0:c5:41:71:94:60:75:fa:49:86:14:23:03:ec:9e:f9:29:e5:
         10:f9:f5:81:fa:f5:76:bb:ea:40:3b:c9:de:15:f3:8e:14:3a:
         df:b2:0e:0c:e4:58:e4:08:92:68:6d:b1:4d:44:39:90:95:56:
         10:5e:0c:da:35:7d:6f:50:50:04:ef:7d:33:ac:a3:b2:55:73:
         9f:a6:7d:7d:d7:41:d4:98:e3:86:ed:36:3f:64:8c:b8:9c:67:
         1d:95:4c:99:c4:b9:49:9a:dc:9c:6b:6c:6d:88:2f:54:61:2d:
         c9:f0:dd:68:7c:53:64:1b:99:81:8a:e1:f2:b6:62:80:f0:55:
         42:ab:89:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WNEavbJ1HIAoFX9Y4suUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGI1YzFlZWNiYTg2MGNmZmYxNzQ3OTY2ZDc2M2M5YTgy
ZjZkOWEwHhcNMjUxMDE5MTIwMTQyWhcNMjUxMDIwMTIwMTQyWjAzMTEwLwYDVQQD
EygzZmE2MWU5MjIyMmFiMWYyNjQ4M2IyZDVlMDYxOTM2Zjc2NWI4ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor8xVoSS3xa6ot3tEKLFPJY0wkgk
Sas4g9D7ZI+3YDvpNilb4XZ/m3GdMFdsRCX8aGkuylKemptemtZYXls03PrI0CoT
0XYmkRZPWyIw1XdcWp1svYu0+hCW8X42Tc2pMRTdiFaoV9Fv4wPJ8jgP0HZVo/1q
G+jAo3D9tNi1OK/s3YRNxGXReXzJBh2KKsN/8wpd2mTAgupaqwwtdTa/7iBEbAPU
wKn1M+dIJ/8Uia50spZ/sEhCC5Cpb3bd6+7Td98zctvESY8Hi+HYBqeNVZBgFLfu
2fRjK11YmWClCSxkHIkisqxBBbfONq0jld+0L5oBl5qFRsr9Q7LKmBcEdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+mHpIiKrHyZIOy1eBhk292W40TMB8GA1UdIwQY
MBaAFNuLXB7suoYM//F0eWbXY8moL22aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84NjNiMGMtYjFhYy00ZDdjLWFiYzIt
ZmI2ZjAzN2EyODdlLzEvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84NjNiMGMtYjFhYy00ZDdjLWFiYzItZmI2ZjAzN2EyODdl
LzEvMjR0Y0h1eTZoZ3pfOFhSNVp0ZGp5YWd2YlpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFXdKOkgk
zVvnxJXmYaIJ9k6A2IMeWeo27hsZAW5am4riV7nF0BnYihvX64xv7i7VISfhrORz
1fheKnxYO/FBEvpP/u/zXtFZQlMCZ8oNwAzyJTPoIAgtwdsN9wRzIWJCgcOp+1ba
pi6z3DjR1dcg2lcgDz/hKsFcvEYdGK+PoMVBcZRgdfpJhhQjA+ye+SnlEPn1gfr1
drvqQDvJ3hXzjhQ637IODORY5AiSaG2xTUQ5kJVWEF4M2jV9b1BQBO99M6yjslVz
n6Z9fddB1Jjjhu02P2SMuJxnHZVMmcS5SZrcnGtsbYgvVGEtyfDdaHxTZBuZgYrh
8rZigPBVQquJXw==
-----END CERTIFICATE-----