Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          dYiMNcDJEZhtGeRVvq7zCDBuW71GiwlnvLS4NOQp2kM=
Subject key identifier:   26:41:EE:7F:32:C4:EE:FB:48:F0:3D:C4:C3:9F:42:02:0D:E7:10:87
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       019880C1D962D273160CC08CA8A69E1F4F4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          0FE3
Signing time:             Wed 06 Aug 2025 19:00:44 +0000
Manifest this update:     Wed 06 Aug 2025 19:00:44 +0000
Manifest next update:     Thu 07 Aug 2025 19:00:44 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: RDFUhTwh1h1D88JvjmiE7lzYhfVFYW9zpVrwAG8gGa0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c1:d9:62:d2:73:16:0c:c0:8c:a8:a6:9e:1f:4f:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Aug  6 19:00:44 2025 GMT
            Not After : Aug  7 19:00:44 2025 GMT
        Subject: CN=2641ee7f32c4eefb48f03dc4c39f42020de71087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:96:3f:86:cb:96:4f:09:d3:df:92:5f:2c:05:
                    e1:bb:f6:bf:c5:3d:04:3b:e4:95:9f:95:35:68:26:
                    19:61:5b:ba:33:82:8e:de:65:5c:c4:42:42:06:ba:
                    a0:b5:68:98:5e:11:96:c7:c4:00:d3:2e:e0:8b:3e:
                    d0:56:18:aa:5e:91:06:ab:78:dc:fc:26:7c:d2:c9:
                    4c:f1:a9:ee:2b:cd:43:3e:d6:00:dd:3b:20:bf:4e:
                    2e:c7:0a:cd:d5:4d:89:d4:81:68:9a:d4:fb:b2:5b:
                    28:74:2d:0c:22:3e:6a:3d:51:13:15:c4:af:34:96:
                    68:86:fa:e1:c7:28:9e:a0:3b:d3:9e:73:1f:fc:0a:
                    ab:6b:90:e0:8f:7d:0c:d9:aa:15:73:48:25:ee:2e:
                    23:2e:00:bb:27:d5:d8:0d:97:9b:47:f4:26:31:f1:
                    3b:d6:99:a7:1d:c6:18:13:bc:79:9e:14:02:38:19:
                    a2:0e:e5:80:58:44:bc:f2:29:a8:6f:83:66:df:d5:
                    bf:63:d7:36:76:9f:2b:c7:75:98:dd:d0:43:9b:f9:
                    08:f1:3f:bd:8e:98:d0:72:db:ac:a2:dc:1c:dd:4a:
                    6e:d4:b5:99:0e:3b:f8:8a:7e:6b:fe:94:b7:0d:85:
                    dd:6f:44:e0:cc:7c:cd:09:88:ee:00:ac:3c:c0:67:
                    9c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:41:EE:7F:32:C4:EE:FB:48:F0:3D:C4:C3:9F:42:02:0D:E7:10:87
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:7f:f0:af:14:e7:48:88:73:6a:dd:8e:08:c8:06:71:80:12:
         bb:e1:db:f3:a7:9a:ec:25:8a:f4:99:5e:c2:05:8d:71:63:d6:
         aa:6f:0f:3d:7e:74:2a:56:5b:6f:ac:3a:64:04:48:f2:ef:ed:
         8e:60:f9:ac:9a:bb:bd:1f:94:f9:ee:bd:be:f6:3e:c5:ab:e2:
         bf:f6:55:23:52:d2:7c:32:aa:04:41:af:dd:1a:61:d4:89:3f:
         87:c0:83:24:e9:67:2d:e5:0b:78:00:4f:56:21:d9:a2:fd:f5:
         eb:11:f5:fe:bf:eb:8f:b4:cf:8b:e0:ad:ab:20:b4:c2:ed:cc:
         51:73:55:a2:3e:a0:80:a2:0d:3e:96:4f:dc:ca:e5:80:05:2b:
         d4:a7:98:18:52:ae:9e:6f:e5:8f:69:07:ee:fb:99:1c:57:3a:
         93:0b:60:9a:60:6c:7f:9d:0a:89:0e:fb:da:98:de:8f:13:71:
         44:01:6e:e3:98:51:67:10:60:35:2e:31:30:dd:b6:24:90:69:
         5d:ca:17:47:5b:7d:4a:62:c2:e3:c6:f7:0d:0b:e1:9f:ce:e8:
         d4:8e:f4:1e:cc:de:3c:b7:f9:34:19:02:ca:92:56:71:d0:e9:
         a1:99:37:33:44:90:25:f0:24:a6:5c:fa:a1:42:77:0d:5e:f6:
         4d:7b:3c:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwdli0nMWDMCMqKaeH09OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjUwODA2MTkwMDQ0WhcNMjUwODA3MTkwMDQ0WjAzMTEwLwYDVQQD
EygyNjQxZWU3ZjMyYzRlZWZiNDhmMDNkYzRjMzlmNDIwMjBkZTcxMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JY/hsuWTwnT35JfLAXhu/a/xT0E
O+SVn5U1aCYZYVu6M4KO3mVcxEJCBrqgtWiYXhGWx8QA0y7giz7QVhiqXpEGq3jc
/CZ80slM8anuK81DPtYA3Tsgv04uxwrN1U2J1IFomtT7slsodC0MIj5qPVETFcSv
NJZohvrhxyieoDvTnnMf/Aqra5Dgj30M2aoVc0gl7i4jLgC7J9XYDZebR/QmMfE7
1pmnHcYYE7x5nhQCOBmiDuWAWES88imob4Nm39W/Y9c2dp8rx3WY3dBDm/kI8T+9
jpjQctusotwc3Upu1LWZDjv4in5r/pS3DYXdb0TgzHzNCYjuAKw8wGecSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZB7n8yxO77SPA9xMOfQgIN5xCHMB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeH/wrxTn
SIhzat2OCMgGcYASu+Hb86ea7CWK9JlewgWNcWPWqm8PPX50KlZbb6w6ZARI8u/t
jmD5rJq7vR+U+e69vvY+xaviv/ZVI1LSfDKqBEGv3Rph1Ik/h8CDJOlnLeULeABP
ViHZov316xH1/r/rj7TPi+CtqyC0wu3MUXNVoj6ggKINPpZP3MrlgAUr1KeYGFKu
nm/lj2kH7vuZHFc6kwtgmmBsf50KiQ772pjejxNxRAFu45hRZxBgNS4xMN22JJBp
XcoXR1t9SmLC48b3DQvhn87o1I70HszePLf5NBkCypJWcdDpoZk3M0SQJfAkplz6
oUJ3DV72TXs8tA==
-----END CERTIFICATE-----