Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          ReaUIVq6fTohsej5/xK0ZsPzZvkZU2QuG/kHLFkD9+E=
Subject key identifier:   61:01:EB:C2:5E:A8:16:60:D4:C6:D6:B7:A0:EE:6B:6F:99:A1:89:F0
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       0197B5FC5CF4DBD09DA61930ECEFB6CB9214
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          0F7A
Signing time:             Sat 28 Jun 2025 10:01:44 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:44 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:44 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: LC9AHJIcKXE9aXpIB6OVydphTBCRDJYgNIzcDzKpNow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:5c:f4:db:d0:9d:a6:19:30:ec:ef:b6:cb:92:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Jun 28 10:01:44 2025 GMT
            Not After : Jun 29 10:01:44 2025 GMT
        Subject: CN=6101ebc25ea81660d4c6d6b7a0ee6b6f99a189f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ad:dd:53:4d:c0:67:30:f9:1c:fe:9e:b5:5f:
                    c5:a9:46:7d:a3:82:69:dc:ac:9c:9b:c2:56:95:c8:
                    da:b3:1c:9b:0f:f1:ed:55:01:70:73:c3:bf:d3:33:
                    de:c9:ba:86:8c:f0:27:ad:8c:a0:4b:c6:b1:e4:3f:
                    bd:09:e8:b6:c4:46:5b:dc:ed:17:d3:7f:e8:a1:be:
                    e8:0b:5b:76:2e:03:08:5d:39:f1:88:37:e3:f4:fd:
                    8b:ca:0c:bd:bd:1d:1e:23:41:cb:68:30:f7:de:39:
                    e6:4e:90:92:1a:ee:fd:13:06:7b:65:ab:54:00:c0:
                    95:2d:64:9b:72:a9:1a:84:53:ec:69:f3:48:5d:3b:
                    fa:7e:b9:ca:f3:50:dd:6b:2d:bc:1c:7b:ae:6e:40:
                    10:51:d6:56:79:99:5a:64:66:d9:69:68:de:21:5c:
                    07:31:04:ec:18:b3:95:f0:36:9e:f6:04:3c:7c:ef:
                    70:ab:7e:83:77:2d:4d:cd:2a:d2:36:b5:9c:d5:32:
                    31:69:e6:81:4d:b5:93:d5:8b:af:fb:64:b5:89:65:
                    38:31:7c:ed:99:8c:53:1f:fd:ed:d7:b0:98:8e:fe:
                    ef:dc:b2:59:2b:df:ac:a3:52:45:17:1c:a0:cd:85:
                    bf:01:54:b2:f9:11:35:ca:07:db:a0:43:00:61:45:
                    7b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:01:EB:C2:5E:A8:16:60:D4:C6:D6:B7:A0:EE:6B:6F:99:A1:89:F0
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:1b:1b:46:66:55:b2:b0:d4:57:4f:a5:ae:cc:df:bf:2b:18:
         d7:34:e2:c8:52:31:03:5f:3e:b1:1b:91:8b:58:5b:64:4c:f2:
         2e:c9:ce:e9:6c:e1:4a:4e:7a:54:bd:13:d5:6a:01:5c:96:79:
         a6:a8:b7:03:07:9f:2e:ba:8f:dc:1d:6a:93:d4:43:fb:fa:3a:
         2b:a7:41:04:9d:fc:4d:57:a7:59:32:06:3d:8b:ea:69:81:7e:
         e6:1d:f4:ca:d1:55:98:0b:66:fe:41:a8:bd:53:4f:ec:6d:13:
         33:28:72:49:42:14:5e:be:4b:75:b4:4f:19:bf:e1:4c:6c:27:
         d9:46:89:27:ac:74:bb:fa:e4:60:f9:9d:8f:08:c1:68:d9:ba:
         88:6c:08:f7:ea:7e:e0:c1:a4:fd:51:db:76:5f:b8:1a:97:36:
         67:0c:c2:0d:66:93:e3:45:d7:b9:23:a0:b3:fb:cd:99:a5:1a:
         5c:60:4e:d4:00:51:7e:3a:11:61:c8:c0:cf:54:34:05:b6:d2:
         1a:b9:36:7c:52:9a:55:52:4a:0b:37:e6:4e:44:1e:73:8b:5a:
         5d:84:ac:74:c6:6e:dd:d9:c1:9e:a0:28:f1:05:39:29:88:10:
         81:12:18:b4:ae:01:13:b1:b8:b7:75:54:d3:b0:3f:d6:26:a2:
         3e:ab:95:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/Fz029Cdphkw7O+2y5IUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjUwNjI4MTAwMTQ0WhcNMjUwNjI5MTAwMTQ0WjAzMTEwLwYDVQQD
Eyg2MTAxZWJjMjVlYTgxNjYwZDRjNmQ2YjdhMGVlNmI2Zjk5YTE4OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa3dU03AZzD5HP6etV/FqUZ9o4Jp
3Kycm8JWlcjasxybD/HtVQFwc8O/0zPeybqGjPAnrYygS8ax5D+9Cei2xEZb3O0X
03/oob7oC1t2LgMIXTnxiDfj9P2Lygy9vR0eI0HLaDD33jnmTpCSGu79EwZ7ZatU
AMCVLWSbcqkahFPsafNIXTv6frnK81Dday28HHuubkAQUdZWeZlaZGbZaWjeIVwH
MQTsGLOV8Dae9gQ8fO9wq36Ddy1NzSrSNrWc1TIxaeaBTbWT1Yuv+2S1iWU4MXzt
mYxTH/3t17CYjv7v3LJZK9+so1JFFxygzYW/AVSy+RE1ygfboEMAYUV7qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEB68JeqBZg1MbWt6Dua2+ZoYnwMB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBsbRmZV
srDUV0+lrszfvysY1zTiyFIxA18+sRuRi1hbZEzyLsnO6WzhSk56VL0T1WoBXJZ5
pqi3AwefLrqP3B1qk9RD+/o6K6dBBJ38TVenWTIGPYvqaYF+5h30ytFVmAtm/kGo
vVNP7G0TMyhySUIUXr5LdbRPGb/hTGwn2UaJJ6x0u/rkYPmdjwjBaNm6iGwI9+p+
4MGk/VHbdl+4Gpc2ZwzCDWaT40XXuSOgs/vNmaUaXGBO1ABRfjoRYcjAz1Q0BbbS
Grk2fFKaVVJKCzfmTkQec4taXYSsdMZu3dnBnqAo8QU5KYgQgRIYtK4BE7G4t3VU
07A/1iaiPquVsw==
-----END CERTIFICATE-----