Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
File:                     vdI1_DzDTEVIxqhONeSVMyhTm-E.mft (raw, json)
Hash identifier:          aoi4ybFUucGuizSMzTBH0jNNxkREjdnVofyNlFCB2fc=
Subject key identifier:   09:B1:89:4D:55:B9:F3:E2:B6:61:B0:2E:15:76:8C:AD:3D:E2:E5:EE
Authority key identifier: BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1
Certificate issuer:       /CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
Certificate serial:       0199FCFD9CDFD233CC00C3D5EABAF53B57DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
Manifest number:          10EC
Signing time:             Sun 19 Oct 2025 15:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:43 +0000
Files and hashes:         1: vdI1_DzDTEVIxqhONeSVMyhTm-E.crl (hash: N/coGBZseJ5nlpjpFpNLWFCDXwgGZdADo8mknqf5iWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:9c:df:d2:33:cc:00:c3:d5:ea:ba:f5:3b:57:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
        Validity
            Not Before: Oct 19 15:01:43 2025 GMT
            Not After : Oct 20 15:01:43 2025 GMT
        Subject: CN=09b1894d55b9f3e2b661b02e15768cad3de2e5ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a3:1a:3b:70:11:ea:a1:83:9d:07:57:40:72:
                    1a:64:11:b5:29:b3:f2:cc:bd:f9:b7:66:0e:6c:10:
                    b1:cb:35:bf:a2:fe:9d:75:22:44:bb:48:37:fc:27:
                    19:20:0c:11:28:b4:9b:ca:1d:3f:5a:1e:5c:7c:c2:
                    a2:75:cb:20:0b:5b:8f:e7:ef:b5:4d:9a:41:fb:0d:
                    47:9d:a5:6b:79:f2:4f:62:68:3c:2d:27:c1:ee:1f:
                    14:68:4b:d6:0d:4c:9b:86:fd:5d:fb:90:06:87:fe:
                    c8:78:8b:27:33:c3:ad:be:bf:6c:39:50:5d:62:11:
                    78:56:a9:2f:c2:f3:14:5a:6e:e8:d4:cc:5c:9e:e0:
                    69:7d:47:3d:bf:ad:43:47:4c:1d:76:a9:3f:bd:fe:
                    26:a0:a5:12:68:36:93:e0:d7:88:e4:d2:b9:05:a0:
                    e7:94:c7:4c:fb:94:5b:29:35:09:c4:07:ed:04:3c:
                    d6:28:e1:c2:9a:04:ad:b3:7b:29:f4:e0:10:66:e2:
                    e3:ae:d5:d6:bc:22:21:7a:d5:5f:dc:85:df:be:98:
                    e5:82:a8:f8:70:9a:dc:e2:a3:08:a6:fc:3a:1c:5b:
                    b8:d2:d6:38:ef:e0:b0:57:73:4d:e1:5e:96:ed:44:
                    37:e1:0e:c2:1b:e4:f4:7e:85:fb:ac:1e:29:ab:85:
                    0b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:B1:89:4D:55:B9:F3:E2:B6:61:B0:2E:15:76:8C:AD:3D:E2:E5:EE
            X509v3 Authority Key Identifier:
                keyid:BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:7c:74:46:15:d0:07:99:86:49:69:36:17:9b:1e:cb:1a:89:
         99:06:62:21:ad:76:d1:24:4b:05:70:8e:da:71:fc:50:47:49:
         51:54:3e:9b:f6:3e:76:bc:7a:85:6d:e5:ba:67:c5:4f:dc:36:
         8f:8f:cf:54:4a:e6:8c:e0:f6:23:96:99:e4:56:b4:6f:f8:5a:
         3b:18:79:db:ad:00:2b:bc:95:1b:e3:99:54:9f:e8:4d:ed:15:
         4f:51:33:c5:82:06:f5:47:07:a7:bd:d9:2c:7b:f2:b5:11:6c:
         30:6c:69:74:53:83:23:69:93:92:93:a9:17:9c:2b:1b:20:a3:
         26:a3:5c:e5:78:93:98:30:ca:cf:33:32:76:b5:00:c0:89:e6:
         d4:83:19:6d:10:89:d8:a1:b5:ba:d7:ee:4f:5c:5e:8a:9b:69:
         df:4c:05:1a:8a:ca:f4:ba:ac:ae:6f:28:07:d4:91:62:d0:20:
         a1:17:d7:9f:11:c0:1b:f7:70:10:29:57:c8:d6:df:e6:f2:0b:
         e3:3e:af:d0:36:92:52:c8:85:45:50:a1:86:99:ec:1a:f4:46:
         5a:39:16:38:56:ab:f8:19:77:68:7c:62:08:cd:09:f9:4b:3e:
         68:94:90:fc:9b:56:fa:31:b7:23:7e:19:d2:bd:b4:69:7d:c8:
         4d:1a:a7:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Zzf0jPMAMPV6rr1O1ffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDIzNWZjM2NjMzRjNDU0OGM2YTg0ZTM1ZTQ5NTMzMjg1
MzliZTEwHhcNMjUxMDE5MTUwMTQzWhcNMjUxMDIwMTUwMTQzWjAzMTEwLwYDVQQD
EygwOWIxODk0ZDU1YjlmM2UyYjY2MWIwMmUxNTc2OGNhZDNkZTJlNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKMaO3AR6qGDnQdXQHIaZBG1KbPy
zL35t2YObBCxyzW/ov6ddSJEu0g3/CcZIAwRKLSbyh0/Wh5cfMKidcsgC1uP5++1
TZpB+w1HnaVrefJPYmg8LSfB7h8UaEvWDUybhv1d+5AGh/7IeIsnM8Otvr9sOVBd
YhF4VqkvwvMUWm7o1MxcnuBpfUc9v61DR0wddqk/vf4moKUSaDaT4NeI5NK5BaDn
lMdM+5RbKTUJxAftBDzWKOHCmgSts3sp9OAQZuLjrtXWvCIhetVf3IXfvpjlgqj4
cJrc4qMIpvw6HFu40tY47+CwV3NN4V6W7UQ34Q7CG+T0foX7rB4pq4UL0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmxiU1VufPitmGwLhV2jK094uXuMB8GA1UdIwQY
MBaAFL3SNfw8w0xFSMaoTjXklTMoU5vhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMt
MWVjZjFlZDY0ODdiLzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMtMWVjZjFlZDY0ODdi
LzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnx0RhXQ
B5mGSWk2F5seyxqJmQZiIa120SRLBXCO2nH8UEdJUVQ+m/Y+drx6hW3lumfFT9w2
j4/PVErmjOD2I5aZ5Fa0b/haOxh5260AK7yVG+OZVJ/oTe0VT1EzxYIG9UcHp73Z
LHvytRFsMGxpdFODI2mTkpOpF5wrGyCjJqNc5XiTmDDKzzMydrUAwInm1IMZbRCJ
2KG1utfuT1xeiptp30wFGorK9Lqsrm8oB9SRYtAgoRfXnxHAG/dwEClXyNbf5vIL
4z6v0DaSUsiFRVChhpnsGvRGWjkWOFar+Bl3aHxiCM0J+Us+aJSQ/JtW+jG3I34Z
0r20aX3ITRqn4A==
-----END CERTIFICATE-----