Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          R+sLch51WSVCvg2elPYL4eCBLy3LCW5FxSUT8sqU2rw=
Subject key identifier:   A8:7F:80:07:6D:83:06:BF:48:DA:34:21:01:11:6E:BC:06:B6:FD:F6
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       019A522C99E01CC5AE2F328C7BE75FEBEC17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          10D4
Signing time:             Wed 05 Nov 2025 04:00:45 +0000
Manifest this update:     Wed 05 Nov 2025 04:00:45 +0000
Manifest next update:     Thu 06 Nov 2025 04:00:45 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: 5RIaRNG5J7M+SQfqj3+8xoWGQPrJXWWn/pyBcgSmG7Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:2c:99:e0:1c:c5:ae:2f:32:8c:7b:e7:5f:eb:ec:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Nov  5 04:00:45 2025 GMT
            Not After : Nov  6 04:00:45 2025 GMT
        Subject: CN=a87f80076d8306bf48da342101116ebc06b6fdf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0c:dc:11:6a:62:36:89:d9:56:1b:c0:51:97:
                    aa:51:5a:24:b3:b2:41:b8:3d:19:1e:ca:37:36:62:
                    92:7c:38:ac:a3:d8:52:33:5d:87:63:78:cf:64:83:
                    4e:d5:68:7e:6d:75:26:c8:b8:56:20:6a:00:38:0d:
                    9b:9f:71:de:b4:72:ce:c4:1e:f5:77:05:1d:1c:1e:
                    09:91:84:11:6d:64:60:58:94:92:bb:ad:01:0e:c3:
                    18:b1:5b:fb:7e:f6:76:45:b3:94:fe:24:58:b8:b7:
                    af:48:a0:f0:71:7a:a2:73:9b:7a:df:27:86:9a:b3:
                    4c:5e:c7:20:8b:76:4a:98:9f:90:4c:70:74:c5:e7:
                    54:f5:6d:85:af:7e:c4:70:a7:24:c1:6b:cb:64:95:
                    44:a5:a1:ff:33:7b:78:9e:03:62:37:86:e4:4e:21:
                    66:d1:60:28:33:57:ea:fe:51:b7:ac:f3:61:ce:2a:
                    d1:d0:6d:57:93:3b:2f:77:e8:ce:d7:49:a0:34:d2:
                    b0:02:ed:11:30:f8:a1:50:67:6b:c7:50:ea:28:01:
                    f1:89:04:5d:da:b7:eb:6d:ff:fa:28:38:03:f9:3e:
                    5e:09:bd:54:02:71:da:a0:dc:30:e2:88:35:f4:74:
                    8e:2a:c9:9e:1f:bc:bd:8c:ff:51:34:cf:be:30:dd:
                    75:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:7F:80:07:6D:83:06:BF:48:DA:34:21:01:11:6E:BC:06:B6:FD:F6
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:62:75:1e:75:44:58:23:f3:76:e1:12:49:b0:ae:34:4a:56:
         d9:16:2a:33:73:8e:10:87:73:d4:89:91:3a:89:8b:cc:4e:fd:
         4a:bd:4d:ef:b0:d7:89:42:c7:aa:d4:7e:99:09:c7:0c:a8:f9:
         6a:d8:99:3d:25:ef:64:6d:ca:b4:93:e9:cd:88:e9:2d:56:17:
         9a:32:5d:f7:4b:fd:35:a9:16:38:09:be:5b:fa:cc:f7:93:eb:
         78:64:a2:e0:2d:26:f1:1b:7a:cc:d5:1a:83:ba:ec:0c:5d:b4:
         7a:ee:5c:6d:95:d5:7f:3c:6e:80:a1:1d:2a:c0:5e:ea:92:b6:
         61:01:6e:cc:fc:6a:dc:18:4c:db:67:c4:51:97:df:76:71:48:
         50:05:30:53:c5:af:bd:1c:4a:ed:24:88:6c:2d:4e:13:60:cc:
         05:94:10:2e:69:59:e8:4c:be:9d:be:78:3f:ba:d3:89:d5:12:
         f2:8f:3e:de:0e:06:c2:40:d6:ab:33:87:f0:19:2d:df:e0:63:
         05:9f:89:b4:14:ce:fd:57:a6:2a:0e:8c:18:e9:b9:fa:cb:47:
         53:7a:8f:fe:1f:3a:ed:d2:7c:7f:53:6c:3a:3d:38:a1:5c:41:
         9f:89:c3:31:0d:bc:aa:55:92:bf:dd:69:f7:fb:70:5e:0e:6b:
         ec:fd:1e:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLJngHMWuLzKMe+df6+wXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjUxMTA1MDQwMDQ1WhcNMjUxMTA2MDQwMDQ1WjAzMTEwLwYDVQQD
EyhhODdmODAwNzZkODMwNmJmNDhkYTM0MjEwMTExNmViYzA2YjZmZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQzcEWpiNonZVhvAUZeqUVoks7JB
uD0ZHso3NmKSfDiso9hSM12HY3jPZINO1Wh+bXUmyLhWIGoAOA2bn3HetHLOxB71
dwUdHB4JkYQRbWRgWJSSu60BDsMYsVv7fvZ2RbOU/iRYuLevSKDwcXqic5t63yeG
mrNMXscgi3ZKmJ+QTHB0xedU9W2Fr37EcKckwWvLZJVEpaH/M3t4ngNiN4bkTiFm
0WAoM1fq/lG3rPNhzirR0G1Xkzsvd+jO10mgNNKwAu0RMPihUGdrx1DqKAHxiQRd
2rfrbf/6KDgD+T5eCb1UAnHaoNww4og19HSOKsmeH7y9jP9RNM++MN11BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKh/gAdtgwa/SNo0IQERbrwGtv32MB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGJ1HnVE
WCPzduESSbCuNEpW2RYqM3OOEIdz1ImROomLzE79Sr1N77DXiULHqtR+mQnHDKj5
atiZPSXvZG3KtJPpzYjpLVYXmjJd90v9NakWOAm+W/rM95PreGSi4C0m8Rt6zNUa
g7rsDF20eu5cbZXVfzxugKEdKsBe6pK2YQFuzPxq3BhM22fEUZffdnFIUAUwU8Wv
vRxK7SSIbC1OE2DMBZQQLmlZ6Ey+nb54P7rTidUS8o8+3g4GwkDWqzOH8Bkt3+Bj
BZ+JtBTO/VemKg6MGOm5+stHU3qP/h867dJ8f1NsOj04oVxBn4nDMQ28qlWSv91p
9/twXg5r7P0eHg==
-----END CERTIFICATE-----