Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          Vvj78E+zKkmLpzRzQAg5dpqq0BNPNerM7CcgnK1mVgM=
Subject key identifier:   75:36:00:5A:D4:F3:8E:12:E8:50:83:D8:58:30:EC:23:3E:37:21:A9
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       019A722660C823AC167BEC61345476410E95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          0575
Signing time:             Tue 11 Nov 2025 09:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:48 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: oVOUKBuNiN3rLt6sJsDkdUi7G6QrUnVydLBrDeazglI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:60:c8:23:ac:16:7b:ec:61:34:54:76:41:0e:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Nov 11 09:01:48 2025 GMT
            Not After : Nov 12 09:01:48 2025 GMT
        Subject: CN=7536005ad4f38e12e85083d85830ec233e3721a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:53:62:c8:75:a1:91:48:2d:44:0a:33:25:81:
                    41:de:61:2b:9f:3c:94:7e:50:9d:5a:cb:a8:7b:07:
                    3a:2f:24:3a:88:82:ba:62:5a:5e:6a:ad:d2:ab:20:
                    eb:78:21:4e:3f:fa:fd:2c:83:f9:28:3c:36:c2:c7:
                    1f:c6:23:11:e9:79:41:0e:1f:f0:10:94:91:7b:7b:
                    65:84:52:00:73:94:5e:cb:35:a2:1a:91:bc:ba:34:
                    49:ce:47:8e:c4:d6:f5:74:9d:c5:02:7f:16:a7:b1:
                    ea:21:70:bd:f2:56:ae:62:23:f8:1e:b5:71:61:3f:
                    a2:a6:2f:cd:77:bf:e5:cb:78:49:6a:c6:a1:08:45:
                    01:b5:27:67:f1:43:e0:1b:17:63:e8:cd:7a:3f:81:
                    d8:14:ba:8b:e3:7b:9a:65:52:8c:7a:e2:f6:c2:84:
                    81:f9:f1:46:e2:6b:27:84:ae:dd:8e:1e:c8:f3:62:
                    9c:29:5c:1c:d1:1a:17:96:dd:c9:d4:52:40:80:57:
                    6a:66:e8:a0:6c:b1:bc:a7:9a:5d:b2:a6:6b:e5:51:
                    ae:d5:63:81:a0:8e:aa:f2:59:63:ee:d3:f3:a1:38:
                    0d:90:7f:88:c6:b4:7e:e8:93:1a:5a:b8:1a:e5:39:
                    05:49:4f:62:f0:fd:54:21:04:cb:05:1b:a5:7c:2b:
                    98:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:36:00:5A:D4:F3:8E:12:E8:50:83:D8:58:30:EC:23:3E:37:21:A9
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:83:ba:e1:e7:17:56:80:5a:4f:81:68:07:40:48:5a:bb:1b:
         7f:1c:0d:88:13:85:ff:a7:7f:2f:63:41:48:40:4c:8d:fe:fc:
         e9:bb:e8:72:8f:59:f5:ea:3b:8f:33:b3:b9:50:61:81:34:65:
         7d:d2:0b:ac:00:d4:7d:24:d8:68:f6:27:40:e1:21:f3:7a:e6:
         e1:4c:fc:15:52:7b:e1:ab:1d:63:ac:12:b9:fc:f5:4e:43:c7:
         cb:da:7a:80:81:8e:15:75:48:89:47:58:26:6e:7c:b3:34:e6:
         8d:e9:a6:3d:44:80:fe:81:e8:9e:0b:d7:f6:08:60:11:12:96:
         aa:cb:a0:e8:00:e7:54:9e:f9:01:57:50:2c:ea:f6:33:69:dc:
         2f:0d:03:0e:3c:e9:5f:9f:da:c5:99:2f:3c:8c:88:57:df:11:
         ea:63:00:7b:44:79:67:de:69:98:57:da:93:a5:e2:ef:d7:6b:
         aa:f1:3e:ca:14:f6:4b:cd:bb:ec:1b:af:2d:d6:4c:ad:39:95:
         0b:75:a7:7c:18:0d:7b:8c:7d:8c:ee:17:cf:f3:d1:ad:d0:7c:
         ca:3e:f1:fd:55:fe:93:5a:4e:52:4c:55:d7:7d:a3:aa:44:44:
         09:36:01:f2:cd:23:e7:a9:fd:b7:05:59:53:2f:a5:da:ad:4a:
         16:02:08:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmDII6wWe+xhNFR2QQ6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjUxMTExMDkwMTQ4WhcNMjUxMTEyMDkwMTQ4WjAzMTEwLwYDVQQD
Eyg3NTM2MDA1YWQ0ZjM4ZTEyZTg1MDgzZDg1ODMwZWMyMzNlMzcyMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFNiyHWhkUgtRAozJYFB3mErnzyU
flCdWsuoewc6LyQ6iIK6Ylpeaq3SqyDreCFOP/r9LIP5KDw2wscfxiMR6XlBDh/w
EJSRe3tlhFIAc5ReyzWiGpG8ujRJzkeOxNb1dJ3FAn8Wp7HqIXC98lauYiP4HrVx
YT+ipi/Nd7/ly3hJasahCEUBtSdn8UPgGxdj6M16P4HYFLqL43uaZVKMeuL2woSB
+fFG4msnhK7djh7I82KcKVwc0RoXlt3J1FJAgFdqZuigbLG8p5pdsqZr5VGu1WOB
oI6q8llj7tPzoTgNkH+IxrR+6JMaWrga5TkFSU9i8P1UIQTLBRulfCuYNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU2AFrU844S6FCD2Fgw7CM+NyGpMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4O64ecX
VoBaT4FoB0BIWrsbfxwNiBOF/6d/L2NBSEBMjf786bvoco9Z9eo7jzOzuVBhgTRl
fdILrADUfSTYaPYnQOEh83rm4Uz8FVJ74asdY6wSufz1TkPHy9p6gIGOFXVIiUdY
Jm58szTmjemmPUSA/oHongvX9ghgERKWqsug6ADnVJ75AVdQLOr2M2ncLw0DDjzp
X5/axZkvPIyIV98R6mMAe0R5Z95pmFfak6Xi79drqvE+yhT2S8277BuvLdZMrTmV
C3WnfBgNe4x9jO4Xz/PRrdB8yj7x/VX+k1pOUkxV132jqkRECTYB8s0j56n9twVZ
Uy+l2q1KFgIINQ==
-----END CERTIFICATE-----