Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
File:                     k-DpokYd9Py54i53cLJhOgckE4g.mft (raw, json)
Hash identifier:          eHs+Aqzc48XqQ/rrVRfVXileXAMo00L4PYE7PJiNZJw=
Subject key identifier:   65:42:3B:50:D9:7E:3B:0C:92:7F:49:A9:1A:0D:96:33:C0:53:F4:00
Authority key identifier: 93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88
Certificate issuer:       /CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
Certificate serial:       01989F035B009AC5ABC7D28E74C0BB801619
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
Manifest number:          15BC
Signing time:             Tue 12 Aug 2025 16:00:53 +0000
Manifest this update:     Tue 12 Aug 2025 16:00:53 +0000
Manifest next update:     Wed 13 Aug 2025 16:00:53 +0000
Files and hashes:         1: k-DpokYd9Py54i53cLJhOgckE4g.crl (hash: A1MJSTP41J5JKnKN9Ppx0TQl4gkHZpjIx6h5HR2CSCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:03:5b:00:9a:c5:ab:c7:d2:8e:74:c0:bb:80:16:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
        Validity
            Not Before: Aug 12 16:00:53 2025 GMT
            Not After : Aug 13 16:00:53 2025 GMT
        Subject: CN=65423b50d97e3b0c927f49a91a0d9633c053f400
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:87:d3:8f:42:47:53:97:4e:d9:03:ba:f4:7d:
                    a3:c8:1c:21:77:f6:bb:c6:2b:1b:82:f2:25:df:25:
                    0c:54:19:a5:bf:5d:b0:e6:b8:4d:e2:63:a7:01:83:
                    95:ce:7c:b8:d2:9d:99:c3:81:47:4d:a0:52:d3:22:
                    66:33:08:52:64:09:67:1e:ce:0b:5b:23:5d:85:b1:
                    11:3e:01:9f:7e:ed:ac:88:4b:4a:ec:85:20:57:ec:
                    a9:6b:21:23:df:21:fd:ca:21:dc:b9:88:79:10:49:
                    ea:b8:3d:1d:f1:13:16:cc:7b:8a:6d:ed:2a:db:ec:
                    7f:b9:59:ca:3c:e9:ed:e5:68:ab:08:64:21:31:80:
                    c8:83:59:cf:42:50:24:c1:57:7d:21:fb:e7:2f:61:
                    f8:aa:a5:05:55:a0:d2:2b:7d:fd:28:16:f7:04:0f:
                    9a:bd:50:12:10:f1:e9:74:6d:d7:52:1d:16:ef:0e:
                    57:1e:dd:64:83:91:9c:fd:cc:87:6c:0d:1b:89:b8:
                    25:50:05:52:2d:8b:89:0c:b9:e5:f1:31:3a:a5:ab:
                    c8:ff:7c:b3:c9:35:01:fc:e5:b1:c2:1a:ab:4a:28:
                    ee:37:dc:3e:b9:1c:84:92:c7:25:8a:d5:0b:9d:d6:
                    a2:19:87:f9:b1:fa:b9:4d:0a:bd:9a:35:26:10:f7:
                    2c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:42:3B:50:D9:7E:3B:0C:92:7F:49:A9:1A:0D:96:33:C0:53:F4:00
            X509v3 Authority Key Identifier:
                keyid:93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:b7:b5:4e:53:b5:82:27:ad:5b:07:58:e2:8f:ee:77:80:9b:
         28:d2:45:59:7d:80:72:97:c7:92:64:42:38:c7:f2:8a:c6:a5:
         84:70:3f:57:92:25:ce:ea:bb:d4:e4:1b:c6:b0:5c:96:ba:fc:
         7f:df:01:4c:b3:96:b3:ab:ae:f5:7e:57:43:b1:cb:1e:26:49:
         19:7c:96:79:8a:91:53:d3:95:47:39:7d:01:b0:51:b4:c1:03:
         e1:05:a8:c0:45:a1:eb:d1:f1:c4:28:b8:a1:fe:02:18:61:9f:
         14:d7:e6:b0:23:07:5c:20:35:ed:e2:54:93:1d:d9:2c:4f:2e:
         d5:0b:d3:47:5b:39:80:0a:be:d3:ac:ef:5a:8f:25:fa:a3:a1:
         f6:68:29:dc:a2:63:d1:d9:e0:6d:f0:35:c2:e3:1c:c8:c9:3f:
         52:b6:a6:3c:b1:e7:ba:a7:27:1e:60:29:ee:82:cc:37:3a:a9:
         dd:65:a3:cf:3a:78:88:b6:8b:e8:58:7c:61:54:7c:12:f9:ef:
         a6:b1:e7:4e:26:49:63:5d:cc:bc:cb:4d:c8:da:ee:a4:49:16:
         af:d4:89:79:e7:4e:24:9f:90:bf:3e:9e:df:16:d0:a6:0c:cd:
         45:35:cf:d0:dc:d4:bd:35:6a:44:4f:29:3a:fb:d1:98:9f:35:
         1d:a6:14:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifA1sAmsWrx9KOdMC7gBYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZTBlOWEyNDYxZGY0ZmNiOWUyMmU3NzcwYjI2MTNhMDcy
NDEzODgwHhcNMjUwODEyMTYwMDUzWhcNMjUwODEzMTYwMDUzWjAzMTEwLwYDVQQD
Eyg2NTQyM2I1MGQ5N2UzYjBjOTI3ZjQ5YTkxYTBkOTYzM2MwNTNmNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYfTj0JHU5dO2QO69H2jyBwhd/a7
xisbgvIl3yUMVBmlv12w5rhN4mOnAYOVzny40p2Zw4FHTaBS0yJmMwhSZAlnHs4L
WyNdhbERPgGffu2siEtK7IUgV+ypayEj3yH9yiHcuYh5EEnquD0d8RMWzHuKbe0q
2+x/uVnKPOnt5WirCGQhMYDIg1nPQlAkwVd9IfvnL2H4qqUFVaDSK339KBb3BA+a
vVASEPHpdG3XUh0W7w5XHt1kg5Gc/cyHbA0bibglUAVSLYuJDLnl8TE6pavI/3yz
yTUB/OWxwhqrSijuN9w+uRyEksclitULndaiGYf5sfq5TQq9mjUmEPcsRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVCO1DZfjsMkn9JqRoNljPAU/QAMB8GA1UdIwQY
MBaAFJPg6aJGHfT8ueIud3CyYToHJBOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEt
MGUyZTM2MDE5ODQ5LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEtMGUyZTM2MDE5ODQ5
LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwbe1TlO1
gietWwdY4o/ud4CbKNJFWX2AcpfHkmRCOMfyisalhHA/V5Ilzuq71OQbxrBclrr8
f98BTLOWs6uu9X5XQ7HLHiZJGXyWeYqRU9OVRzl9AbBRtMED4QWowEWh69HxxCi4
of4CGGGfFNfmsCMHXCA17eJUkx3ZLE8u1QvTR1s5gAq+06zvWo8l+qOh9mgp3KJj
0dngbfA1wuMcyMk/UramPLHnuqcnHmAp7oLMNzqp3WWjzzp4iLaL6Fh8YVR8Evnv
prHnTiZJY13MvMtNyNrupEkWr9SJeedOJJ+Qvz6e3xbQpgzNRTXP0NzUvTVqRE8p
OvvRmJ81HaYU+g==
-----END CERTIFICATE-----