Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
File:                     TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft (raw, json)
Hash identifier:          Y2JgI/81O645U5vJOzWELquzoux47FU8mTNpagsrbCY=
Subject key identifier:   1D:EE:2E:E3:60:DD:DC:ED:EE:3D:B0:C0:2E:76:BF:C2:E9:E3:7D:CD
Authority key identifier: 4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC
Certificate issuer:       /CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
Certificate serial:       0199FC8F20768CA92D93EACC4535368EA56E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
Manifest number:          13B0
Signing time:             Sun 19 Oct 2025 13:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:02 +0000
Files and hashes:         1: TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl (hash: ycbiSE24C6rLY5oDhaUr9yA0WHgwX2u9Pxyx4doVtfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:20:76:8c:a9:2d:93:ea:cc:45:35:36:8e:a5:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c35da7e843e37c7dba4fca718f43865fd7c98dc
        Validity
            Not Before: Oct 19 13:01:02 2025 GMT
            Not After : Oct 20 13:01:02 2025 GMT
        Subject: CN=1dee2ee360dddcedee3db0c02e76bfc2e9e37dcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:27:61:b5:c4:f8:6e:f9:92:36:15:25:58:51:
                    0a:44:21:56:cb:29:c2:3a:da:01:e5:0d:bc:f6:00:
                    c2:67:c4:fe:bb:11:61:37:fa:df:da:92:47:96:0c:
                    aa:bb:25:d5:69:78:c2:d1:50:21:26:c4:b4:74:05:
                    7b:54:1a:fc:e2:9a:58:98:47:71:a9:13:73:c7:cd:
                    b5:6c:0d:34:14:de:32:f8:da:9d:5c:e2:ed:4a:87:
                    89:90:8a:15:71:ad:08:2d:af:64:a9:d9:1c:fe:24:
                    be:d4:b4:fa:ba:a2:c3:3d:3b:c7:83:b0:03:0c:0f:
                    c8:cc:af:fc:24:e5:46:9e:f5:09:44:68:f4:18:81:
                    d2:30:33:61:94:9e:0f:db:a6:74:84:e9:02:79:99:
                    52:e6:77:50:4e:a5:c3:f0:c3:27:c1:17:8f:02:02:
                    4c:9b:f1:ee:b7:2b:e2:8d:5f:e8:96:fc:9d:bb:b5:
                    a0:21:c0:ab:74:a2:c1:73:71:6a:61:e3:7a:bf:80:
                    7b:ce:08:79:87:8b:e7:be:9d:a0:72:e9:73:d7:1e:
                    23:4b:b3:0c:e5:a2:01:5f:2d:58:91:4f:b3:8e:15:
                    2c:a8:9a:c1:2d:76:ed:8c:e8:f5:00:50:35:62:4b:
                    d9:82:1a:28:12:ff:7e:f4:78:33:2d:55:74:1c:51:
                    cd:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EE:2E:E3:60:DD:DC:ED:EE:3D:B0:C0:2E:76:BF:C2:E9:E3:7D:CD
            X509v3 Authority Key Identifier:
                keyid:4C:35:DA:7E:84:3E:37:C7:DB:A4:FC:A7:18:F4:38:65:FD:7C:98:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDXafoQ-N8fbpPynGPQ4Zf18mNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/876166-f057-46e1-be08-a65e5e33dcc0/1/TDXafoQ-N8fbpPynGPQ4Zf18mNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:e1:2d:cc:c7:94:8c:a3:0d:67:57:3a:58:31:bd:cf:c2:7e:
         4b:ac:f7:4c:49:e9:78:00:7e:8b:8f:ff:72:2e:fb:4b:b3:39:
         ab:bb:d2:da:be:f4:56:07:69:be:40:7f:91:43:d0:69:c4:1a:
         73:92:dc:96:6b:24:65:8d:3b:94:6e:a3:d1:b2:d1:fd:38:8a:
         70:52:b8:3d:2c:cc:04:30:7f:3a:9f:63:b5:b8:e0:a7:b9:17:
         eb:f5:58:d1:41:89:6e:fc:72:85:54:4e:7f:b1:fe:e1:47:91:
         e6:1c:ae:6b:55:08:e2:41:72:39:96:cf:6e:f1:26:5f:e7:bc:
         e3:16:27:db:67:f1:b9:5e:60:6e:a4:de:33:a0:c5:da:09:8f:
         47:72:fe:0c:58:48:fa:31:35:65:1a:c8:cc:19:3a:57:1c:12:
         bc:58:d5:3b:e3:a3:1a:04:36:90:0c:2e:9a:b7:d3:74:3a:bc:
         28:99:dc:ae:94:59:9c:7e:df:c7:97:f8:4e:78:e1:b1:de:f7:
         2d:e4:e9:5e:0a:73:0b:13:d5:0b:55:71:ee:03:d3:10:c4:ee:
         f3:57:d6:23:62:6e:9d:d7:a1:28:7c:19:ff:b4:2c:7c:71:eb:
         78:9b:59:f1:45:51:f0:12:74:ca:45:16:ad:ee:7f:95:df:f5:
         59:8b:c4:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jyB2jKktk+rMRTU2jqVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzVkYTdlODQzZTM3YzdkYmE0ZmNhNzE4ZjQzODY1ZmQ3
Yzk4ZGMwHhcNMjUxMDE5MTMwMTAyWhcNMjUxMDIwMTMwMTAyWjAzMTEwLwYDVQQD
EygxZGVlMmVlMzYwZGRkY2VkZWUzZGIwYzAyZTc2YmZjMmU5ZTM3ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ydhtcT4bvmSNhUlWFEKRCFWyynC
OtoB5Q289gDCZ8T+uxFhN/rf2pJHlgyquyXVaXjC0VAhJsS0dAV7VBr84ppYmEdx
qRNzx821bA00FN4y+NqdXOLtSoeJkIoVca0ILa9kqdkc/iS+1LT6uqLDPTvHg7AD
DA/IzK/8JOVGnvUJRGj0GIHSMDNhlJ4P26Z0hOkCeZlS5ndQTqXD8MMnwRePAgJM
m/HutyvijV/olvydu7WgIcCrdKLBc3FqYeN6v4B7zgh5h4vnvp2gculz1x4jS7MM
5aIBXy1YkU+zjhUsqJrBLXbtjOj1AFA1YkvZghooEv9+9HgzLVV0HFHNPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3uLuNg3dzt7j2wwC52v8Lp433NMB8GA1UdIwQY
MBaAFEw12n6EPjfH26T8pxj0OGX9fJjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgt
YTY1ZTVlMzNkY2MwLzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84NzYxNjYtZjA1Ny00NmUxLWJlMDgtYTY1ZTVlMzNkY2Mw
LzEvVERYYWZvUS1OOGZicFB5bkdQUTRaZjE4bU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApeEtzMeU
jKMNZ1c6WDG9z8J+S6z3TEnpeAB+i4//ci77S7M5q7vS2r70VgdpvkB/kUPQacQa
c5LclmskZY07lG6j0bLR/TiKcFK4PSzMBDB/Op9jtbjgp7kX6/VY0UGJbvxyhVRO
f7H+4UeR5hyua1UI4kFyOZbPbvEmX+e84xYn22fxuV5gbqTeM6DF2gmPR3L+DFhI
+jE1ZRrIzBk6VxwSvFjVO+OjGgQ2kAwumrfTdDq8KJncrpRZnH7fx5f4Tnjhsd73
LeTpXgpzCxPVC1Vx7gPTEMTu81fWI2JundehKHwZ/7QsfHHreJtZ8UVR8BJ0ykUW
re5/ld/1WYvEkQ==
-----END CERTIFICATE-----