Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          NIG8Lc73JS9YYSV45294fYZ/r93Y8hrNrxuuA1BE210=
Subject key identifier:   8D:46:40:84:6B:CF:74:A7:A9:F8:B1:F8:34:3F:C9:BD:6B:52:34:05
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       0198D7A8951ECCA40B315CE7B62D21F47517
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          1010
Signing time:             Sat 23 Aug 2025 16:00:06 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:06 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:06 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: +2Deu/vYUyoPFCsl88f/1BuTeuKY5SgBy0A0uL+dMwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:95:1e:cc:a4:0b:31:5c:e7:b6:2d:21:f4:75:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Aug 23 16:00:06 2025 GMT
            Not After : Aug 24 16:00:06 2025 GMT
        Subject: CN=8d4640846bcf74a7a9f8b1f8343fc9bd6b523405
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:57:dd:98:91:5c:0c:5c:d6:f8:d9:0e:6a:91:
                    ee:68:13:ce:18:22:27:0c:48:11:d5:e8:4b:d4:88:
                    b8:21:08:66:c8:b8:ec:bd:d3:3d:a8:45:d1:f3:12:
                    e3:09:a7:1c:c4:0e:13:ba:dc:4e:b5:d8:c6:60:2e:
                    a2:9d:35:05:57:6a:0b:07:bd:11:3e:8e:ba:7e:a4:
                    57:c5:b2:c9:24:5c:16:99:c0:58:7f:41:18:93:4b:
                    ae:c4:c5:58:1a:c4:df:b2:77:9a:66:20:9b:f7:fa:
                    5e:2e:06:c0:53:27:dd:e0:57:82:99:ec:7d:e2:10:
                    a5:aa:69:00:e0:58:8c:a8:25:db:79:74:c5:e0:e4:
                    77:a1:8a:6c:da:9d:b2:24:3e:00:79:45:9d:2c:8f:
                    54:2f:bc:fb:27:db:11:c4:51:e1:30:60:af:4f:25:
                    65:b8:0f:12:fd:40:41:c9:2e:df:de:28:13:a7:dc:
                    07:15:fe:af:9e:8d:3e:2d:23:3a:9e:9f:4c:2b:50:
                    84:b2:9d:67:cf:8b:e8:15:07:36:b2:72:89:46:3d:
                    e9:c1:19:4c:e7:ca:43:d4:f5:80:dd:72:99:7c:90:
                    2c:e0:b7:65:02:c5:40:00:3a:32:f2:af:85:39:df:
                    7d:04:63:12:33:0e:e2:82:20:38:e6:f0:30:a9:e5:
                    ed:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:46:40:84:6B:CF:74:A7:A9:F8:B1:F8:34:3F:C9:BD:6B:52:34:05
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:e1:aa:bb:20:5f:81:c0:13:b7:38:d6:81:84:54:5c:f7:d9:
         4d:e3:c9:e1:fd:4d:f7:8a:e2:46:99:1f:74:5f:ce:6a:41:ee:
         d7:ec:8f:eb:85:2c:c7:72:82:14:9e:bc:eb:55:59:e0:5f:7f:
         e2:48:6d:cc:eb:75:e3:4e:36:98:fe:74:1f:81:8c:bd:d5:e2:
         4f:b6:f0:93:ec:a2:2b:50:d7:3b:99:be:6a:13:bf:e6:ca:22:
         0f:1c:a6:24:f6:06:56:0b:a2:db:d6:16:43:38:19:f1:e0:a0:
         4b:d8:5b:15:0d:62:56:7d:6c:66:c6:96:4d:91:ef:b8:00:e0:
         a7:fe:4e:45:d0:e5:38:4a:07:66:e6:68:c5:73:f9:f6:d2:9b:
         b2:c2:b9:5e:ff:47:54:d1:40:c0:3d:ad:5b:47:cf:71:af:2a:
         f5:88:b8:c5:9c:6b:d4:b6:35:d6:b0:5e:a5:ed:36:b3:ce:8f:
         03:85:8b:e8:87:2f:67:8c:59:c5:79:be:f9:1a:8e:99:ae:97:
         a8:95:3a:b5:23:68:b7:ce:66:ad:23:3e:06:32:12:26:ac:bd:
         62:a2:02:bd:ad:06:48:9b:78:9b:fa:92:ef:08:aa:68:1a:f5:
         5c:80:c7:22:74:8e:5a:bc:41:3d:24:55:e1:aa:c2:f3:52:bb:
         f7:65:1a:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqJUezKQLMVznti0h9HUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjUwODIzMTYwMDA2WhcNMjUwODI0MTYwMDA2WjAzMTEwLwYDVQQD
Eyg4ZDQ2NDA4NDZiY2Y3NGE3YTlmOGIxZjgzNDNmYzliZDZiNTIzNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1fdmJFcDFzW+NkOapHuaBPOGCIn
DEgR1ehL1Ii4IQhmyLjsvdM9qEXR8xLjCaccxA4TutxOtdjGYC6inTUFV2oLB70R
Po66fqRXxbLJJFwWmcBYf0EYk0uuxMVYGsTfsneaZiCb9/peLgbAUyfd4FeCmex9
4hClqmkA4FiMqCXbeXTF4OR3oYps2p2yJD4AeUWdLI9UL7z7J9sRxFHhMGCvTyVl
uA8S/UBByS7f3igTp9wHFf6vno0+LSM6np9MK1CEsp1nz4voFQc2snKJRj3pwRlM
58pD1PWA3XKZfJAs4LdlAsVAADoy8q+FOd99BGMSMw7igiA45vAwqeXtpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1GQIRrz3Snqfix+DQ/yb1rUjQFMB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAneGquyBf
gcATtzjWgYRUXPfZTePJ4f1N94riRpkfdF/OakHu1+yP64Usx3KCFJ6861VZ4F9/
4khtzOt14042mP50H4GMvdXiT7bwk+yiK1DXO5m+ahO/5soiDxymJPYGVgui29YW
QzgZ8eCgS9hbFQ1iVn1sZsaWTZHvuADgp/5ORdDlOEoHZuZoxXP59tKbssK5Xv9H
VNFAwD2tW0fPca8q9Yi4xZxr1LY11rBepe02s86PA4WL6IcvZ4xZxXm++RqOma6X
qJU6tSNot85mrSM+BjISJqy9YqICva0GSJt4m/qS7wiqaBr1XIDHInSOWrxBPSRV
4arC81K792UaQg==
-----END CERTIFICATE-----