Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          EYU/lQ71rtPoVraK4Mt+KcH7t8JGwypAq0PGKkwo2GU=
Subject key identifier:   60:FE:F4:DF:2D:99:C7:7F:6B:4B:E8:8F:D9:C8:A6:1A:AB:06:AE:C9
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       019A71B7FD0E48CFF0839613906D3A1262CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:01:14 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:14 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:14 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: aeb8AFf+tl4Ne3yxOd36aV6hH8vUSgIlw/vTvXHbSQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:fd:0e:48:cf:f0:83:96:13:90:6d:3a:12:62:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Nov 11 07:01:14 2025 GMT
            Not After : Nov 12 07:01:14 2025 GMT
        Subject: CN=60fef4df2d99c77f6b4be88fd9c8a61aab06aec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7a:5c:bf:46:1d:92:66:9f:49:58:f5:42:98:
                    a1:2a:b5:7b:48:bb:86:65:ef:d7:18:11:14:ae:48:
                    a9:1f:74:23:97:ed:27:2b:85:bf:28:cf:04:7f:99:
                    21:95:64:53:c8:5e:98:1b:fb:fc:e6:67:ec:b1:9f:
                    50:06:81:ae:27:30:d2:25:7c:23:ed:75:33:f6:8f:
                    67:13:ed:ee:9e:12:bc:87:be:6e:e9:46:43:e4:b5:
                    d1:1a:37:20:2d:76:be:39:8c:12:33:c9:45:1b:da:
                    b5:44:80:f6:22:29:e0:f1:71:73:62:bf:c1:9f:71:
                    93:48:81:43:e1:bd:b0:61:6a:a5:88:a7:f5:e0:2e:
                    d3:83:2a:a7:25:ca:c5:18:26:dd:bf:9f:61:cc:92:
                    17:19:d6:a8:c4:7a:52:e7:c6:3d:a7:d9:fe:72:24:
                    4e:da:dd:37:c3:82:9f:ab:00:c8:a8:58:1b:95:a2:
                    c3:d3:e1:56:05:5b:85:10:b4:24:48:f0:c4:35:15:
                    b7:24:2c:d2:f1:58:2a:da:c4:17:19:3a:2c:36:a2:
                    f5:41:49:b2:6d:4a:ce:71:48:a3:39:33:c8:ec:db:
                    7f:b7:c5:4d:80:14:14:53:02:3d:8c:af:ae:57:7e:
                    16:54:66:bd:24:9b:51:50:b8:21:2d:fd:2f:e5:e0:
                    7b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:FE:F4:DF:2D:99:C7:7F:6B:4B:E8:8F:D9:C8:A6:1A:AB:06:AE:C9
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:ba:89:17:94:01:5a:49:52:2e:e1:0f:88:25:b0:31:e6:31:
         ee:19:da:56:b5:ba:f0:74:8f:c3:8f:6d:a2:6a:2b:37:cd:d7:
         e5:36:47:58:cd:dd:1b:48:72:b8:71:a8:c7:80:de:13:3d:36:
         0a:a7:17:fb:aa:1e:35:93:2d:64:14:f1:4c:3e:19:e6:8a:4f:
         a4:c2:28:d9:cc:64:8c:ed:5e:45:ef:8d:3c:bc:f2:60:90:9d:
         db:a0:d6:01:19:38:59:50:65:41:84:ee:50:cb:8c:a8:f9:9b:
         c5:d4:6d:d4:f7:21:8a:b3:87:b1:93:83:73:1e:fd:a3:86:b5:
         de:85:bc:38:e5:3d:d9:da:09:78:15:f5:95:cd:16:ef:6e:b0:
         bb:9d:0c:fb:0f:8e:dd:64:10:80:ce:64:69:6d:bb:d4:ad:a5:
         09:84:31:f6:e1:bb:fa:a7:e5:10:c8:d7:37:ea:a5:d5:6b:e4:
         02:30:a3:c7:ce:82:5d:8b:46:3a:13:b3:b1:9d:33:6e:cd:48:
         d2:2c:f3:bf:8b:8d:93:81:bc:5c:69:99:f4:97:b0:1f:02:b3:
         4d:2f:96:44:74:29:99:28:ad:61:27:69:ab:3b:4c:df:e1:60:
         25:21:b4:e0:c1:67:60:db:eb:7c:52:a5:69:60:12:80:71:32:
         b3:02:34:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/0OSM/wg5YTkG06EmLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjUxMTExMDcwMTE0WhcNMjUxMTEyMDcwMTE0WjAzMTEwLwYDVQQD
Eyg2MGZlZjRkZjJkOTljNzdmNmI0YmU4OGZkOWM4YTYxYWFiMDZhZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXpcv0YdkmafSVj1QpihKrV7SLuG
Ze/XGBEUrkipH3Qjl+0nK4W/KM8Ef5khlWRTyF6YG/v85mfssZ9QBoGuJzDSJXwj
7XUz9o9nE+3unhK8h75u6UZD5LXRGjcgLXa+OYwSM8lFG9q1RID2Iing8XFzYr/B
n3GTSIFD4b2wYWqliKf14C7TgyqnJcrFGCbdv59hzJIXGdaoxHpS58Y9p9n+ciRO
2t03w4KfqwDIqFgblaLD0+FWBVuFELQkSPDENRW3JCzS8Vgq2sQXGTosNqL1QUmy
bUrOcUijOTPI7Nt/t8VNgBQUUwI9jK+uV34WVGa9JJtRULghLf0v5eB7vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGD+9N8tmcd/a0voj9nIphqrBq7JMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrqJF5QB
WklSLuEPiCWwMeYx7hnaVrW68HSPw49tomorN83X5TZHWM3dG0hyuHGox4DeEz02
CqcX+6oeNZMtZBTxTD4Z5opPpMIo2cxkjO1eRe+NPLzyYJCd26DWARk4WVBlQYTu
UMuMqPmbxdRt1PchirOHsZODcx79o4a13oW8OOU92doJeBX1lc0W726wu50M+w+O
3WQQgM5kaW271K2lCYQx9uG7+qflEMjXN+ql1WvkAjCjx86CXYtGOhOzsZ0zbs1I
0izzv4uNk4G8XGmZ9JewHwKzTS+WRHQpmSitYSdpqztM3+FgJSG04MFnYNvrfFKl
aWASgHEyswI0Nw==
-----END CERTIFICATE-----