Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          bEVwC/1R6eh2cBBRrsBtIiDrfcPa7thTcI18d1tQWZQ=
Subject key identifier:   37:5B:3D:DE:72:6A:AB:D5:54:00:5D:F2:7E:77:E8:26:14:18:05:B8
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       0199FB463B2320D49310FF9F260990AD17BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          10A7
Signing time:             Sun 19 Oct 2025 07:01:47 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:47 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:47 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: iZgvHqES/6H81KMlgxsOVB9WRy54PdEfyYM981Q1rQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:46:3b:23:20:d4:93:10:ff:9f:26:09:90:ad:17:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Oct 19 07:01:47 2025 GMT
            Not After : Oct 20 07:01:47 2025 GMT
        Subject: CN=375b3dde726aabd554005df27e77e826141805b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:92:e7:28:cf:a1:8a:86:7d:91:6c:82:a9:67:
                    92:34:76:e0:de:be:ea:23:b7:c7:9f:13:85:d5:34:
                    32:89:cc:58:b2:ac:53:b1:9b:6f:66:9a:33:58:91:
                    3c:23:ea:6a:62:c2:57:d2:40:35:79:8f:bf:b8:5a:
                    e9:50:c2:c4:36:60:7c:f0:45:e4:64:6f:d5:53:90:
                    0e:f2:d4:d3:05:74:25:74:8a:76:87:2a:cb:36:44:
                    c8:1d:19:f1:9f:a9:19:c4:f6:b5:6d:ea:a4:b1:0d:
                    dd:25:0c:14:13:a5:0e:b6:e3:d4:75:8b:b4:e7:cc:
                    ba:a2:a6:90:73:06:fc:24:57:fd:4e:d3:a5:3a:68:
                    d8:72:4f:20:f9:6d:58:ad:a1:69:97:87:b3:92:14:
                    1a:56:26:be:f5:93:3d:33:40:98:d9:2a:41:09:7e:
                    11:b1:5d:12:08:da:ec:71:f2:02:b4:a5:ca:0b:7d:
                    76:fc:3d:8b:40:bc:27:70:98:42:93:59:06:f9:43:
                    2e:05:2c:ce:71:b3:49:a6:17:9b:d7:eb:b2:5c:ca:
                    28:20:db:72:ed:db:f5:97:f4:8b:13:b1:c9:c8:43:
                    74:84:ed:91:4c:b4:d2:e5:bf:51:92:51:e6:67:36:
                    63:0d:5f:66:f8:25:67:9a:26:08:80:b1:d1:27:e4:
                    f6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:5B:3D:DE:72:6A:AB:D5:54:00:5D:F2:7E:77:E8:26:14:18:05:B8
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:51:cd:dd:71:bb:45:d0:8a:4d:bd:c8:4a:f7:44:db:83:34:
         15:b8:09:6b:6a:0b:8e:bf:5e:66:23:64:ea:2c:88:06:d3:7b:
         ca:04:de:9c:37:23:e3:42:58:65:08:3f:61:96:4c:db:6d:ec:
         04:4e:6a:b1:8b:96:10:89:b5:8d:1c:8f:cd:c1:f0:85:f6:a5:
         27:01:92:ea:50:de:f8:d1:c4:9b:de:80:dc:6d:bd:d0:34:90:
         68:01:54:f1:1a:b8:61:6e:08:76:60:01:37:af:80:68:db:82:
         de:fa:d3:ad:48:96:4d:2d:b7:08:3e:80:18:bf:85:7a:59:26:
         0a:df:a9:cf:3b:84:9c:80:97:2e:b8:62:95:1a:23:fb:6a:ea:
         be:25:60:b4:b3:b3:48:23:58:79:80:b0:fa:ae:72:ad:df:f8:
         f6:34:6b:5f:b6:b1:3f:50:a9:b3:f1:74:7c:b2:cd:14:0f:8e:
         00:f9:4c:6c:9a:29:30:1c:03:40:88:dc:93:80:04:46:7b:e4:
         25:b1:b0:45:4d:70:b2:10:f5:5c:39:53:ed:6f:a0:04:30:9c:
         21:44:21:30:d0:9d:e5:1f:0f:07:8d:1f:b1:21:fd:b8:77:06:
         c5:e5:78:cb:ce:1e:cd:53:73:12:9b:8e:78:45:ca:fc:84:4b:
         f5:4a:fe:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RjsjINSTEP+fJgmQrRe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjUxMDE5MDcwMTQ3WhcNMjUxMDIwMDcwMTQ3WjAzMTEwLwYDVQQD
EygzNzViM2RkZTcyNmFhYmQ1NTQwMDVkZjI3ZTc3ZTgyNjE0MTgwNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JLnKM+hioZ9kWyCqWeSNHbg3r7q
I7fHnxOF1TQyicxYsqxTsZtvZpozWJE8I+pqYsJX0kA1eY+/uFrpUMLENmB88EXk
ZG/VU5AO8tTTBXQldIp2hyrLNkTIHRnxn6kZxPa1beqksQ3dJQwUE6UOtuPUdYu0
58y6oqaQcwb8JFf9TtOlOmjYck8g+W1YraFpl4ezkhQaVia+9ZM9M0CY2SpBCX4R
sV0SCNrscfICtKXKC312/D2LQLwncJhCk1kG+UMuBSzOcbNJpheb1+uyXMooINty
7dv1l/SLE7HJyEN0hO2RTLTS5b9RklHmZzZjDV9m+CVnmiYIgLHRJ+T2FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdbPd5yaqvVVABd8n536CYUGAW4MB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs1HN3XG7
RdCKTb3ISvdE24M0FbgJa2oLjr9eZiNk6iyIBtN7ygTenDcj40JYZQg/YZZM223s
BE5qsYuWEIm1jRyPzcHwhfalJwGS6lDe+NHEm96A3G290DSQaAFU8Rq4YW4IdmAB
N6+AaNuC3vrTrUiWTS23CD6AGL+FelkmCt+pzzuEnICXLrhilRoj+2rqviVgtLOz
SCNYeYCw+q5yrd/49jRrX7axP1Cps/F0fLLNFA+OAPlMbJopMBwDQIjck4AERnvk
JbGwRU1wshD1XDlT7W+gBDCcIUQhMNCd5R8PB40fsSH9uHcGxeV4y84ezVNzEpuO
eEXK/IRL9Ur+Fw==
-----END CERTIFICATE-----