Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          4fz+eSCACe6R0Ubzomx38Uf16F7mvjgmoReyiJ1DhCQ=
Subject key identifier:   AB:8E:2F:71:23:45:3E:30:E9:C5:69:5F:C4:AD:D0:A5:A8:95:BE:74
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       0199FC58F9E0D754D69402E0534370F24BB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:53 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:53 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:53 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: qLAB01BEUBoQ6+K53yLY0fHhrAuiQdB8Cir2cZZzAtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:f9:e0:d7:54:d6:94:02:e0:53:43:70:f2:4b:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Oct 19 12:01:53 2025 GMT
            Not After : Oct 20 12:01:53 2025 GMT
        Subject: CN=ab8e2f7123453e30e9c5695fc4add0a5a895be74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:8e:49:34:ec:40:e0:e5:ca:0a:8e:9f:c4:d3:
                    95:15:04:09:d4:b5:b8:65:20:e8:3e:d0:71:c6:12:
                    98:52:60:ef:18:3d:f7:9a:9f:2a:93:77:9e:b2:57:
                    4d:90:68:94:aa:32:8c:14:57:f0:d7:8d:89:86:db:
                    ad:e8:42:d0:2b:13:1b:65:e4:20:ae:fc:ee:d7:63:
                    48:f6:a8:ff:70:80:76:4f:d1:7c:e5:37:23:d1:52:
                    87:e2:c9:b0:72:b1:7c:7d:9e:09:17:e8:37:53:53:
                    60:f6:99:32:76:01:c9:ae:b0:fd:75:5e:8b:4a:b6:
                    b8:0d:d4:fa:b0:ab:66:a0:dd:e5:ec:35:c8:a7:13:
                    9f:a7:3c:85:83:99:df:67:f2:cb:2e:f9:2c:af:5c:
                    66:92:82:67:57:16:e2:0f:8a:34:63:65:7e:f8:e5:
                    47:dd:e7:33:46:3d:d9:f3:7e:2b:71:a1:bf:43:d7:
                    9c:f3:2c:45:f5:a2:a3:c2:a5:d7:85:12:20:10:7f:
                    6c:b6:c5:9b:8f:87:24:4b:bb:ad:16:9f:25:85:86:
                    61:a5:35:6b:29:65:0f:59:d3:6a:bb:3a:8a:42:29:
                    0e:1f:e7:20:d9:fd:d6:27:f8:36:9a:38:49:e9:49:
                    80:2d:38:03:02:bd:48:4f:70:c6:56:d6:86:81:96:
                    74:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:8E:2F:71:23:45:3E:30:E9:C5:69:5F:C4:AD:D0:A5:A8:95:BE:74
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f5:b4:15:f2:64:5d:74:1b:11:6f:92:fa:a4:c6:dc:a5:8e:
         02:d2:65:3a:f2:91:6c:c2:e6:76:a0:6e:d7:e2:ee:17:fa:a0:
         b7:67:80:2b:4a:10:3a:8e:38:bb:21:e3:d3:f1:01:77:52:2d:
         98:5d:0d:a1:ce:f4:9b:69:4e:a8:4f:50:48:ac:65:05:fc:f7:
         a3:87:b1:e1:4b:57:0b:10:85:e5:39:de:fb:73:bf:2a:6c:8f:
         53:4f:05:8b:cf:f1:24:d4:2a:9c:85:8e:d9:0a:be:53:40:30:
         ad:f4:62:cf:6e:7f:9e:d0:69:22:bb:b7:b0:40:59:3a:6b:1f:
         98:6a:30:4e:cd:e0:11:2c:13:7b:5c:23:28:c8:a9:be:24:fe:
         19:00:43:2d:45:42:0d:3a:3e:cd:6e:68:e7:55:f3:eb:9b:a0:
         26:17:37:32:0b:84:90:3e:36:bc:92:78:22:1e:2e:44:99:82:
         e3:cc:0c:49:01:9a:2c:76:5e:a4:04:7a:f0:25:a7:a0:8d:5c:
         47:28:57:7c:16:86:a9:60:07:2a:85:fd:f4:22:c6:1f:90:ea:
         15:52:fa:57:ce:1e:26:c3:ad:aa:fb:bf:bd:34:a2:12:eb:9a:
         bb:d7:e3:f5:63:31:c1:cc:49:29:24:69:17:82:3f:50:a2:0f:
         eb:37:7b:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WPng11TWlALgU0Nw8ku1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUxMDE5MTIwMTUzWhcNMjUxMDIwMTIwMTUzWjAzMTEwLwYDVQQD
EyhhYjhlMmY3MTIzNDUzZTMwZTljNTY5NWZjNGFkZDBhNWE4OTViZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6I5JNOxA4OXKCo6fxNOVFQQJ1LW4
ZSDoPtBxxhKYUmDvGD33mp8qk3eesldNkGiUqjKMFFfw142Jhtut6ELQKxMbZeQg
rvzu12NI9qj/cIB2T9F85Tcj0VKH4smwcrF8fZ4JF+g3U1Ng9pkydgHJrrD9dV6L
Sra4DdT6sKtmoN3l7DXIpxOfpzyFg5nfZ/LLLvksr1xmkoJnVxbiD4o0Y2V++OVH
3eczRj3Z834rcaG/Q9ec8yxF9aKjwqXXhRIgEH9stsWbj4ckS7utFp8lhYZhpTVr
KWUPWdNquzqKQikOH+cg2f3WJ/g2mjhJ6UmALTgDAr1IT3DGVtaGgZZ0mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuOL3EjRT4w6cVpX8St0KWolb50MB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/W0FfJk
XXQbEW+S+qTG3KWOAtJlOvKRbMLmdqBu1+LuF/qgt2eAK0oQOo44uyHj0/EBd1It
mF0Noc70m2lOqE9QSKxlBfz3o4ex4UtXCxCF5Tne+3O/KmyPU08Fi8/xJNQqnIWO
2Qq+U0AwrfRiz25/ntBpIru3sEBZOmsfmGowTs3gESwTe1wjKMipviT+GQBDLUVC
DTo+zW5o51Xz65ugJhc3MguEkD42vJJ4Ih4uRJmC48wMSQGaLHZepAR68CWnoI1c
RyhXfBaGqWAHKoX99CLGH5DqFVL6V84eJsOtqvu/vTSiEuuau9fj9WMxwcxJKSRp
F4I/UKIP6zd78g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:17 2025 by rpki-client