Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
File:                     28lQCYQ2KBzuVCoedFRlUeHlUoM.mft (raw, json)
Hash identifier:          fSmuHWECw0p/t3Q9/Ab9IFX/9uNJhXQ0VZHNpIrRobk=
Subject key identifier:   A3:5B:3F:1B:2D:5E:0B:20:14:5E:95:B4:4B:89:34:69:55:46:D8:01
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Certificate issuer:       /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial:       019A02FEE6A27030492EECB4294256E36B12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
Manifest number:          16E8
Signing time:             Mon 20 Oct 2025 19:00:50 +0000
Manifest this update:     Mon 20 Oct 2025 19:00:50 +0000
Manifest next update:     Tue 21 Oct 2025 19:00:50 +0000
Files and hashes:         1: 28lQCYQ2KBzuVCoedFRlUeHlUoM.crl (hash: Cd4hNx3JjYp4rRlFsRHnBm3zH+5tjVUJayCieQ0BC78=)
                          2: 5OG6iGTbUMv4yreuCzltBDVdDTU.roa (hash: B8Cg7jxvmm1JBGJPeKqbsREjncwII7bdGdlW3Ml3/PA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:fe:e6:a2:70:30:49:2e:ec:b4:29:42:56:e3:6b:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
        Validity
            Not Before: Oct 20 19:00:50 2025 GMT
            Not After : Oct 21 19:00:50 2025 GMT
        Subject: CN=a35b3f1b2d5e0b20145e95b44b8934695546d801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:74:54:6e:83:8f:29:72:98:1d:5e:bb:66:76:
                    27:38:ff:3e:71:b2:75:d2:39:44:1a:9a:16:32:9c:
                    d2:a9:95:d8:93:0a:8f:2c:9c:6d:7f:10:37:db:e5:
                    df:81:e7:64:29:8b:4e:64:a1:f7:8a:6f:1b:45:b0:
                    be:e9:2f:9e:fd:85:03:7e:1b:a4:e4:58:f4:80:77:
                    f9:af:53:3c:d5:46:8c:11:91:dd:30:df:4a:fe:32:
                    66:51:00:fc:5f:ce:ee:e8:85:3b:82:8c:6b:7e:30:
                    3e:61:ea:f9:ea:0c:62:1c:1d:e7:18:c5:e1:c1:ad:
                    4f:1b:34:94:f8:cf:f1:ca:a1:a0:91:01:3d:d0:d7:
                    d3:2d:37:fd:26:b7:8f:c6:b2:9a:70:ad:75:3b:33:
                    b1:b3:91:98:57:12:4d:d1:60:8e:ae:33:b7:a0:da:
                    0a:83:d9:85:85:5f:f6:c1:4a:99:6b:73:5c:3d:05:
                    4a:fe:52:e2:fa:e8:67:0c:d2:b6:ff:dd:52:c4:85:
                    34:24:8c:72:cb:6c:6b:d3:a0:b0:ab:c9:0c:2b:51:
                    e4:e0:a1:08:62:a4:31:10:68:9e:11:9d:9a:4d:35:
                    65:c0:10:1a:f5:fa:96:9e:5e:0b:ce:4e:d2:be:ff:
                    f1:8d:52:80:2d:c6:65:9b:9c:f9:f2:74:f9:28:de:
                    04:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:5B:3F:1B:2D:5E:0B:20:14:5E:95:B4:4B:89:34:69:55:46:D8:01
            X509v3 Authority Key Identifier:
                keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:9a:85:a6:c8:33:a1:b1:9c:96:ee:88:9b:d6:58:30:7e:f2:
         b8:17:90:a2:fa:ba:b2:fe:ed:41:76:53:15:d9:e7:45:d5:f3:
         43:c6:08:6a:5c:c1:d6:ef:3c:6f:0c:b7:ed:ca:fc:0f:cd:8a:
         5d:f1:b9:82:78:d2:30:ff:9a:a8:79:25:11:a7:13:69:0f:e4:
         70:2d:0d:b4:d0:11:5c:e5:f5:92:20:ff:ca:78:c0:2f:f7:da:
         fc:94:67:91:37:68:3b:c3:63:26:02:17:5a:76:90:de:a4:51:
         b6:6e:7a:fa:9e:74:06:7f:42:f1:b1:6c:3e:55:a5:42:1b:7f:
         13:18:3d:1c:a8:ec:41:22:11:c0:bd:fc:0e:31:73:6f:c4:82:
         1c:2a:6d:c6:61:ac:e9:52:2c:82:72:20:dd:52:90:cc:1e:51:
         b5:bd:7d:52:8b:81:f8:88:5e:9b:78:b2:e4:db:6c:2a:d9:2d:
         ee:4f:3b:b4:e2:4a:53:1d:59:2c:ed:39:7c:89:3a:2a:39:7f:
         1f:42:ab:f0:23:8a:24:ad:ca:8a:d0:85:5d:7d:a4:0e:70:23:
         0d:e5:97:5b:8e:71:b1:f0:3c:87:c7:0b:1d:5f:81:38:20:ba:
         a7:a1:3e:88:92:db:4d:9c:b0:95:7c:d7:18:ca:e0:50:bc:fb:
         7a:6d:ed:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoC/uaicDBJLuy0KUJW42sSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjUxMDIwMTkwMDUwWhcNMjUxMDIxMTkwMDUwWjAzMTEwLwYDVQQD
EyhhMzViM2YxYjJkNWUwYjIwMTQ1ZTk1YjQ0Yjg5MzQ2OTU1NDZkODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXRUboOPKXKYHV67ZnYnOP8+cbJ1
0jlEGpoWMpzSqZXYkwqPLJxtfxA32+XfgedkKYtOZKH3im8bRbC+6S+e/YUDfhuk
5Fj0gHf5r1M81UaMEZHdMN9K/jJmUQD8X87u6IU7goxrfjA+Yer56gxiHB3nGMXh
wa1PGzSU+M/xyqGgkQE90NfTLTf9JrePxrKacK11OzOxs5GYVxJN0WCOrjO3oNoK
g9mFhV/2wUqZa3NcPQVK/lLi+uhnDNK2/91SxIU0JIxyy2xr06Cwq8kMK1Hk4KEI
YqQxEGieEZ2aTTVlwBAa9fqWnl4Lzk7Svv/xjVKALcZlm5z58nT5KN4EUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNbPxstXgsgFF6VtEuJNGlVRtgBMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy
LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJqFpsgz
obGclu6Im9ZYMH7yuBeQovq6sv7tQXZTFdnnRdXzQ8YIalzB1u88bwy37cr8D82K
XfG5gnjSMP+aqHklEacTaQ/kcC0NtNARXOX1kiD/ynjAL/fa/JRnkTdoO8NjJgIX
WnaQ3qRRtm56+p50Bn9C8bFsPlWlQht/Exg9HKjsQSIRwL38DjFzb8SCHCptxmGs
6VIsgnIg3VKQzB5Rtb19UouB+Ihem3iy5NtsKtkt7k87tOJKUx1ZLO05fIk6Kjl/
H0Kr8COKJK3KitCFXX2kDnAjDeWXW45xsfA8h8cLHV+BOCC6p6E+iJLbTZywlXzX
GMrgULz7em3t3g==
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:07:51 2025 by rpki-client