Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
File:                     28sc89PzzcNCb7SfCgwz3ATIaBw.mft (raw, json)
Hash identifier:          LRzOo4paIEQjlSH6QsrOngmzqJ7eIsCYo4Uzo/M5cQA=
Subject key identifier:   67:B9:A7:10:49:B2:F8:F3:0A:38:C1:82:B2:74:FC:EA:1D:3C:7E:04
Authority key identifier: DB:CB:1C:F3:D3:F3:CD:C3:42:6F:B4:9F:0A:0C:33:DC:04:C8:68:1C
Certificate issuer:       /CN=dbcb1cf3d3f3cdc3426fb49f0a0c33dc04c8681c
Certificate serial:       0199FC8F41162901C115B4B64C3E2C8538B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
Manifest number:          1078
Signing time:             Sun 19 Oct 2025 13:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:10 +0000
Files and hashes:         1: 28sc89PzzcNCb7SfCgwz3ATIaBw.crl (hash: JYQJijnPFw9FN/+35MeFRmr4jTOvP2LquHQlcaCEGec=)
                          2: I5ms-9-HDQyJVXC11lx_-uEpynE.roa (hash: +pNOsJjPZEu3zURh4NPSrLLV4Ki6TCXOgrQW5jhS4rs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:41:16:29:01:c1:15:b4:b6:4c:3e:2c:85:38:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbcb1cf3d3f3cdc3426fb49f0a0c33dc04c8681c
        Validity
            Not Before: Oct 19 13:01:10 2025 GMT
            Not After : Oct 20 13:01:10 2025 GMT
        Subject: CN=67b9a71049b2f8f30a38c182b274fcea1d3c7e04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:48:8e:54:c2:a8:ba:7d:28:b9:cf:22:af:95:
                    21:c5:4a:db:0d:13:6f:d6:30:ee:79:29:e9:21:b5:
                    34:9e:a5:f9:13:bc:ee:5b:87:ef:88:f0:02:04:88:
                    d2:0f:17:7a:41:43:7d:03:58:30:2f:dd:13:d5:26:
                    82:ad:af:78:cf:73:56:c2:3e:66:47:87:de:f5:be:
                    28:38:81:81:36:c5:f6:ed:f6:56:7a:4b:fd:3f:fa:
                    b2:47:98:4c:ba:0e:5d:47:3d:50:88:b3:10:10:23:
                    7f:b3:35:c7:91:cf:7e:92:ca:e0:aa:da:00:ba:a0:
                    27:ef:47:34:56:29:60:ad:a5:46:aa:94:65:7c:a1:
                    81:ea:f1:45:b2:c9:df:71:91:43:92:e6:04:7c:7e:
                    1d:0b:01:3e:20:3d:26:db:84:60:ae:44:ab:55:46:
                    47:a6:e6:90:05:36:70:c2:00:cb:3d:fd:89:b5:49:
                    41:3b:48:bd:07:d6:cd:7a:c2:62:72:0d:f8:e9:d7:
                    9e:23:85:cd:36:38:70:41:30:5d:fe:de:a7:10:dc:
                    15:9e:18:74:90:24:b2:cb:64:4f:57:97:73:08:dc:
                    b5:7a:66:b0:1e:5b:aa:3b:0d:cb:65:8f:60:ee:e0:
                    a5:0c:88:f2:69:fa:a1:f2:1c:fa:48:6c:90:1d:00:
                    78:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:B9:A7:10:49:B2:F8:F3:0A:38:C1:82:B2:74:FC:EA:1D:3C:7E:04
            X509v3 Authority Key Identifier:
                keyid:DB:CB:1C:F3:D3:F3:CD:C3:42:6F:B4:9F:0A:0C:33:DC:04:C8:68:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:22:d2:f7:b4:9e:9b:d2:68:06:ec:d3:c5:17:92:cf:17:6f:
         59:d6:0a:0a:dc:c3:a3:00:b3:1b:0e:6e:83:05:73:9b:81:aa:
         7c:97:76:c4:77:7e:30:47:18:83:4d:45:d4:6c:fd:b5:61:be:
         7c:aa:6a:c3:6a:dd:5d:05:11:93:91:96:44:d9:ed:9a:21:75:
         af:b1:1d:9e:57:68:15:91:5c:2d:c0:59:c7:6c:0a:56:d0:5e:
         ce:0b:64:a8:e0:7a:af:0b:34:60:04:44:42:9b:d6:30:5b:08:
         23:a6:3c:7a:27:8f:1b:73:2d:d7:78:05:c1:0b:fc:43:db:cb:
         c1:26:09:c3:92:65:7e:01:80:d3:27:4e:ff:34:ed:89:1b:97:
         d7:9c:36:b6:76:ec:a1:5b:c3:e2:79:1d:29:27:60:d9:18:44:
         12:6f:18:15:78:f8:39:93:0e:40:96:0e:37:b3:81:c8:2c:ee:
         29:06:6f:29:19:f1:24:d0:04:2e:ff:f6:22:3a:85:e4:40:54:
         72:89:b4:19:c2:4a:22:bd:0c:ce:2f:13:b6:66:fa:cb:8f:8f:
         40:1b:ba:ed:df:44:e5:7c:32:9e:9b:58:b0:82:f8:fb:51:9a:
         88:83:94:4f:53:6c:6f:ec:a4:31:47:93:13:ad:30:0f:eb:6a:
         f8:75:5f:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j0EWKQHBFbS2TD4shTizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2IxY2YzZDNmM2NkYzM0MjZmYjQ5ZjBhMGMzM2RjMDRj
ODY4MWMwHhcNMjUxMDE5MTMwMTEwWhcNMjUxMDIwMTMwMTEwWjAzMTEwLwYDVQQD
Eyg2N2I5YTcxMDQ5YjJmOGYzMGEzOGMxODJiMjc0ZmNlYTFkM2M3ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUiOVMKoun0ouc8ir5UhxUrbDRNv
1jDueSnpIbU0nqX5E7zuW4fviPACBIjSDxd6QUN9A1gwL90T1SaCra94z3NWwj5m
R4fe9b4oOIGBNsX27fZWekv9P/qyR5hMug5dRz1QiLMQECN/szXHkc9+ksrgqtoA
uqAn70c0VilgraVGqpRlfKGB6vFFssnfcZFDkuYEfH4dCwE+ID0m24RgrkSrVUZH
puaQBTZwwgDLPf2JtUlBO0i9B9bNesJicg346deeI4XNNjhwQTBd/t6nENwVnhh0
kCSyy2RPV5dzCNy1emawHluqOw3LZY9g7uClDIjyafqh8hz6SGyQHQB4IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGe5pxBJsvjzCjjBgrJ0/OodPH4EMB8GA1UdIwQY
MBaAFNvLHPPT883DQm+0nwoMM9wEyGgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hNDA4ZmItNWM4MC00ZGNhLTg0Mjgt
NzM2NjliYTYzZjdjLzEvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hNDA4ZmItNWM4MC00ZGNhLTg0MjgtNzM2NjliYTYzZjdj
LzEvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyLS97Se
m9JoBuzTxReSzxdvWdYKCtzDowCzGw5ugwVzm4GqfJd2xHd+MEcYg01F1Gz9tWG+
fKpqw2rdXQURk5GWRNntmiF1r7EdnldoFZFcLcBZx2wKVtBezgtkqOB6rws0YARE
QpvWMFsII6Y8eiePG3Mt13gFwQv8Q9vLwSYJw5JlfgGA0ydO/zTtiRuX15w2tnbs
oVvD4nkdKSdg2RhEEm8YFXj4OZMOQJYON7OByCzuKQZvKRnxJNAELv/2IjqF5EBU
com0GcJKIr0Mzi8Ttmb6y4+PQBu67d9E5XwynptYsIL4+1GaiIOUT1Nsb+ykMUeT
E60wD+tq+HVfrA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:34 2025 by rpki-client