Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          xQq1lJ1dlojgah9zLpTWuU3Z7argHB0ePLKyg5TnImk=
Subject key identifier:   1D:DB:BA:BD:33:07:61:F9:AF:1A:3B:EE:1C:87:2C:DC:A6:3A:06:B5
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       0199FBEB20171E5B6CB44056E19C74CA7725
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:54 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: Reese+7aauITyfCsY5j2QpBo7UVDXa7/TE3jk5UjwxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:20:17:1e:5b:6c:b4:40:56:e1:9c:74:ca:77:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Oct 19 10:01:54 2025 GMT
            Not After : Oct 20 10:01:54 2025 GMT
        Subject: CN=1ddbbabd330761f9af1a3bee1c872cdca63a06b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e7:70:9b:bb:56:18:86:5f:a6:26:28:f3:37:
                    b6:a7:46:97:20:06:97:41:8b:0d:e9:34:33:5a:3c:
                    9e:7d:e9:59:01:97:00:8c:ff:84:a1:a0:dd:97:05:
                    d7:01:9c:3b:85:19:dd:9b:e6:70:cb:d2:75:d7:c3:
                    96:51:43:c1:b6:36:4f:78:f4:c1:2c:14:e1:ef:af:
                    a3:9c:9c:cc:fe:1c:2c:4a:6a:eb:cc:36:ed:f1:53:
                    72:ff:ae:7a:55:b5:75:14:3a:6e:60:71:1c:1e:3d:
                    37:ea:e3:ad:58:5b:1f:a3:0e:75:4f:18:fc:4b:09:
                    bc:ec:9b:c3:6a:d0:b9:4c:b0:e6:ba:4d:6a:00:54:
                    fa:44:eb:6b:12:81:0e:40:8a:e4:05:99:5e:33:ba:
                    09:00:aa:23:d2:40:8d:b3:e8:ad:bc:69:ba:6d:20:
                    24:45:72:1a:c8:0e:95:28:40:54:1b:64:4b:d3:f7:
                    7f:2c:6f:4c:d5:dc:48:80:ba:0b:88:fb:a4:5a:32:
                    ee:f8:e4:b2:4e:29:77:56:66:43:93:6b:be:ac:f8:
                    41:10:c0:de:22:dc:10:b0:ce:e9:e6:9f:64:0b:2c:
                    84:db:02:e7:bb:14:7e:96:9e:78:c4:5b:e4:12:f8:
                    8c:3b:65:f4:61:57:c4:32:a9:52:82:28:52:53:07:
                    67:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:DB:BA:BD:33:07:61:F9:AF:1A:3B:EE:1C:87:2C:DC:A6:3A:06:B5
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:38:c6:5e:fe:8f:d8:9e:a2:21:ea:bb:76:c3:82:26:ec:e9:
         46:eb:3f:63:8f:27:78:ba:a1:96:e4:8e:a9:93:84:8e:7e:9b:
         99:2b:e7:2a:56:cb:64:f6:b4:7e:d3:3e:91:54:a2:5e:63:6c:
         78:43:11:4e:91:0d:68:fd:e1:f4:6e:bd:4a:58:8d:ce:d7:b3:
         d8:5e:0b:c6:72:61:bd:63:2e:04:7d:a2:f5:c1:15:68:3a:ad:
         7b:11:32:d2:6a:48:f6:61:50:f4:4e:76:cc:e6:39:c7:5c:59:
         4f:e4:7f:8b:02:bb:b7:aa:ed:5a:c7:79:60:43:9e:7d:74:af:
         e9:ea:6b:e8:6f:41:c6:74:99:fe:85:96:25:6b:c7:ac:66:b8:
         02:72:2e:ae:67:79:da:4b:a8:7a:9a:9f:2d:eb:e5:48:92:2e:
         21:bc:f2:e1:b1:03:e4:f2:df:28:3c:27:ef:6d:ae:87:4a:9d:
         3c:a0:c4:4d:88:95:a2:fc:c3:09:32:b1:cf:81:57:6c:20:2b:
         15:9d:e8:c6:91:eb:3f:dc:1f:17:f7:9d:a4:ce:17:f5:d7:cd:
         b2:ee:dc:2b:f8:3a:9b:03:59:0d:d2:07:79:5e:61:f6:74:35:
         1b:76:ac:06:60:eb:73:e8:1f:43:18:3c:59:79:80:ea:1e:27:
         a6:b1:71:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76yAXHltstEBW4Zx0ynclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjUxMDE5MTAwMTU0WhcNMjUxMDIwMTAwMTU0WjAzMTEwLwYDVQQD
EygxZGRiYmFiZDMzMDc2MWY5YWYxYTNiZWUxYzg3MmNkY2E2M2EwNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwudwm7tWGIZfpiYo8ze2p0aXIAaX
QYsN6TQzWjyefelZAZcAjP+EoaDdlwXXAZw7hRndm+Zwy9J118OWUUPBtjZPePTB
LBTh76+jnJzM/hwsSmrrzDbt8VNy/656VbV1FDpuYHEcHj036uOtWFsfow51Txj8
Swm87JvDatC5TLDmuk1qAFT6ROtrEoEOQIrkBZleM7oJAKoj0kCNs+itvGm6bSAk
RXIayA6VKEBUG2RL0/d/LG9M1dxIgLoLiPukWjLu+OSyTil3VmZDk2u+rPhBEMDe
ItwQsM7p5p9kCyyE2wLnuxR+lp54xFvkEviMO2X0YVfEMqlSgihSUwdnPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3bur0zB2H5rxo77hyHLNymOga1MB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAezjGXv6P
2J6iIeq7dsOCJuzpRus/Y48neLqhluSOqZOEjn6bmSvnKlbLZPa0ftM+kVSiXmNs
eEMRTpENaP3h9G69SliNztez2F4LxnJhvWMuBH2i9cEVaDqtexEy0mpI9mFQ9E52
zOY5x1xZT+R/iwK7t6rtWsd5YEOefXSv6epr6G9BxnSZ/oWWJWvHrGa4AnIurmd5
2kuoepqfLevlSJIuIbzy4bED5PLfKDwn722uh0qdPKDETYiVovzDCTKxz4FXbCAr
FZ3oxpHrP9wfF/edpM4X9dfNsu7cK/g6mwNZDdIHeV5h9nQ1G3asBmDrc+gfQxg8
WXmA6h4nprFx+A==
-----END CERTIFICATE-----