Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
File:                     DdgdNYjH4QqJmw0EgVZubZSNrdA.mft (raw, json)
Hash identifier:          +irB9G6kBX0DCpe+48BdDYsW3fvkU9vccetXPJgZSnw=
Subject key identifier:   11:C0:74:83:C2:6D:08:B8:18:2C:E0:FC:5B:64:24:48:2C:46:91:07
Authority key identifier: 0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0
Certificate issuer:       /CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
Certificate serial:       0198D5BC0445AB0CDC5DD6CD31CE8086761E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 07:02:05 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:05 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:05 +0000
Files and hashes:         1: DdgdNYjH4QqJmw0EgVZubZSNrdA.crl (hash: gtzjtHbFdR4m/x1RysNtmtEx6oZ0w/K4wGnp6uideBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:04:45:ab:0c:dc:5d:d6:cd:31:ce:80:86:76:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
        Validity
            Not Before: Aug 23 07:02:05 2025 GMT
            Not After : Aug 24 07:02:05 2025 GMT
        Subject: CN=11c07483c26d08b8182ce0fc5b6424482c469107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:95:e1:59:e9:41:0e:be:fc:85:f5:30:03:72:
                    b7:83:68:2c:c0:d3:81:c9:90:71:4e:ff:64:ca:2f:
                    2e:86:8f:77:9c:fa:81:c7:73:cb:c8:76:90:e2:90:
                    29:a8:b3:fa:51:cb:9f:d0:e2:8f:d1:c3:34:36:f5:
                    51:51:1f:fb:90:f0:08:c8:5f:9c:7e:be:b8:97:d1:
                    a4:60:e4:85:b9:6c:11:e9:bf:d7:62:b8:f5:84:00:
                    3d:76:82:b0:8d:2b:52:34:ef:69:e7:7b:4b:5e:db:
                    38:a2:22:0f:ef:bf:d0:a9:93:93:45:65:20:81:e7:
                    f9:37:63:d5:80:40:f4:4d:11:b5:29:aa:76:8d:cc:
                    5d:85:7d:b3:47:21:81:66:7f:41:86:28:37:f5:9d:
                    e0:74:41:69:d0:e9:39:fe:d0:d8:f5:a7:49:f9:71:
                    9f:59:49:1f:85:61:5c:cb:0a:74:19:22:46:b6:e8:
                    de:8c:c1:b4:1b:dd:d7:99:cf:95:04:9e:fa:9e:e4:
                    aa:ca:ba:13:d7:c0:23:75:1e:62:60:be:2d:d9:c2:
                    8f:17:53:ba:d6:a8:52:a4:45:a7:f6:2d:6b:1d:0e:
                    83:ce:67:92:a2:99:61:33:cc:11:6c:48:dd:fc:df:
                    7c:58:22:e7:2e:8f:f5:c2:47:9b:7e:2a:fd:fb:78:
                    35:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:C0:74:83:C2:6D:08:B8:18:2C:E0:FC:5B:64:24:48:2C:46:91:07
            X509v3 Authority Key Identifier:
                keyid:0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:14:b7:e4:a8:c5:42:4c:ab:3b:17:f1:8c:29:19:c1:66:01:
         c4:72:63:3c:6a:12:1a:1d:90:eb:15:95:4b:c6:dc:6a:f7:5a:
         09:f8:22:f1:22:72:d7:fb:07:d9:7b:db:65:19:43:f0:ad:10:
         21:50:b9:0f:ee:47:9e:c0:05:e6:7f:10:6c:e9:7b:4d:61:28:
         f2:c9:b4:5f:38:af:1f:c6:e7:96:52:09:db:4c:54:c1:8a:22:
         ec:93:da:ed:a5:ee:65:91:c1:6f:83:ec:d7:dd:b2:3c:df:81:
         a5:b5:17:f9:5e:d7:ea:5f:54:1c:4a:7b:22:5a:08:f4:b0:ce:
         58:71:45:ae:16:90:a2:fc:01:60:be:9b:25:2c:c7:69:69:76:
         ae:c2:b7:3f:47:a5:e2:f5:eb:73:b8:85:61:39:bb:08:89:77:
         ec:c3:d5:17:48:58:d7:ff:6d:c7:f3:30:4d:07:4c:62:a3:63:
         31:62:6f:81:25:db:7b:0b:dd:cc:b2:78:2a:46:e1:c5:c6:e2:
         48:35:1b:ec:84:17:09:7e:ce:e1:71:ff:b0:c3:90:3e:66:49:
         8b:73:e5:dc:16:42:4d:3d:c1:7e:57:ac:9f:d0:f7:21:cd:04:
         a9:18:94:23:35:a0:9c:74:ea:72:9b:9f:71:9b:61:bf:2b:85:
         80:26:f6:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvARFqwzcXdbNMc6AhnYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDgxZDM1ODhjN2UxMGE4OTliMGQwNDgxNTY2ZTZkOTQ4
ZGFkZDAwHhcNMjUwODIzMDcwMjA1WhcNMjUwODI0MDcwMjA1WjAzMTEwLwYDVQQD
EygxMWMwNzQ4M2MyNmQwOGI4MTgyY2UwZmM1YjY0MjQ0ODJjNDY5MTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppXhWelBDr78hfUwA3K3g2gswNOB
yZBxTv9kyi8uho93nPqBx3PLyHaQ4pApqLP6Ucuf0OKP0cM0NvVRUR/7kPAIyF+c
fr64l9GkYOSFuWwR6b/XYrj1hAA9doKwjStSNO9p53tLXts4oiIP77/QqZOTRWUg
gef5N2PVgED0TRG1Kap2jcxdhX2zRyGBZn9Bhig39Z3gdEFp0Ok5/tDY9adJ+XGf
WUkfhWFcywp0GSJGtujejMG0G93Xmc+VBJ76nuSqyroT18AjdR5iYL4t2cKPF1O6
1qhSpEWn9i1rHQ6DzmeSoplhM8wRbEjd/N98WCLnLo/1wkebfir9+3g1YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHAdIPCbQi4GCzg/FtkJEgsRpEHMB8GA1UdIwQY
MBaAFA3YHTWIx+EKiZsNBIFWbm2Uja3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzkt
Yzc2YjhkYjVhZDE0LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzktYzc2YjhkYjVhZDE0
LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAThS35KjF
QkyrOxfxjCkZwWYBxHJjPGoSGh2Q6xWVS8bcavdaCfgi8SJy1/sH2XvbZRlD8K0Q
IVC5D+5HnsAF5n8QbOl7TWEo8sm0XzivH8bnllIJ20xUwYoi7JPa7aXuZZHBb4Ps
192yPN+BpbUX+V7X6l9UHEp7IloI9LDOWHFFrhaQovwBYL6bJSzHaWl2rsK3P0el
4vXrc7iFYTm7CIl37MPVF0hY1/9tx/MwTQdMYqNjMWJvgSXbewvdzLJ4Kkbhxcbi
SDUb7IQXCX7O4XH/sMOQPmZJi3Pl3BZCTT3Bflesn9D3Ic0EqRiUIzWgnHTqcpuf
cZthvyuFgCb2AQ==
-----END CERTIFICATE-----