Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          d30EVFiwKtpyj/VCSihCMLx8XyEkGIhrz2Rdr26mmG8=
Subject key identifier:   E6:E8:8D:76:CB:FC:19:59:1B:FC:D3:7D:B7:8E:E0:F7:AB:05:E8:13
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       019A71B8A809EC8C4A6AC959B712FB81C84B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0FD4
Signing time:             Tue 11 Nov 2025 07:01:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:58 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: DSjb2RAsLPZW74KAr1oIWByCi1gxq9wjXqnm0m+krzI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a8:09:ec:8c:4a:6a:c9:59:b7:12:fb:81:c8:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Nov 11 07:01:58 2025 GMT
            Not After : Nov 12 07:01:58 2025 GMT
        Subject: CN=e6e88d76cbfc19591bfcd37db78ee0f7ab05e813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:71:42:69:c5:56:8d:1e:c8:dc:25:a7:d6:20:
                    4c:7f:29:cc:f2:08:52:a3:36:17:69:31:56:4f:17:
                    12:b3:26:2f:f0:c4:40:7f:aa:ee:1a:4a:8f:aa:0e:
                    0f:c7:71:d1:a4:0c:cc:85:1b:2f:38:74:33:79:d9:
                    4f:56:69:f6:56:c9:0e:70:c9:e2:bf:dd:ba:c0:7e:
                    4b:a8:2d:68:cd:02:cb:0e:91:30:b3:64:7d:b3:cf:
                    0d:85:50:e9:66:15:fd:01:00:31:7b:13:7e:0d:36:
                    ad:d9:0c:16:23:65:ab:70:28:34:03:e1:f4:57:f9:
                    07:a9:9d:b2:b4:d8:c6:e7:0f:cf:00:e8:8c:02:b3:
                    78:72:ae:08:88:c2:5b:d1:3b:f5:9c:6c:73:6a:b4:
                    0f:5e:7d:5e:ee:a9:ff:3c:31:fe:bc:b1:2d:5d:58:
                    fa:c7:e5:6d:1f:77:1f:96:8e:f8:f6:32:1f:8b:be:
                    40:41:0e:f1:53:c1:23:53:e4:36:41:08:36:ff:9e:
                    bb:30:2b:f9:ab:03:99:7f:7e:93:4f:83:43:55:5e:
                    57:85:73:4d:fe:6b:10:47:26:ae:03:ac:4e:f0:75:
                    ae:6f:00:7a:6a:75:e1:bf:0d:37:3f:03:c9:60:d2:
                    f8:ce:c5:7e:38:67:05:d4:56:44:93:b5:4e:43:6a:
                    c0:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:E8:8D:76:CB:FC:19:59:1B:FC:D3:7D:B7:8E:E0:F7:AB:05:E8:13
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:e1:23:81:b7:1b:18:ec:f5:7a:77:bf:66:6b:cd:86:22:fa:
         f4:93:41:39:df:48:b2:c4:a3:ec:d7:6b:92:10:8d:38:a0:97:
         1c:d9:04:06:1e:e0:a0:8f:e4:03:14:d9:f0:fa:7a:4f:d4:1d:
         80:8f:65:12:52:8d:29:25:96:7a:25:e4:1f:83:01:73:b5:39:
         8b:25:6f:f8:23:89:99:8f:67:d4:76:6f:60:0b:44:56:92:b8:
         e7:3c:c1:b4:f1:2c:4a:88:25:96:52:9c:cf:ab:38:c4:b4:20:
         77:fa:52:cc:a6:90:eb:22:7f:90:8f:ac:63:7f:93:8e:ca:bb:
         25:f3:f8:64:64:a9:cc:a8:14:db:3d:af:93:06:1d:52:8b:9b:
         38:a1:b6:81:de:6b:10:4f:d6:60:b0:dd:30:14:67:6f:45:8a:
         c2:e9:af:51:dd:ef:7e:eb:97:43:01:b9:f8:d3:4c:d4:19:64:
         17:0b:12:0e:83:84:d8:e6:e4:47:5c:8f:31:13:cf:4f:16:9e:
         0f:3f:91:e7:7e:9b:45:4a:b2:a4:66:1d:a0:d9:86:68:80:d3:
         ef:f9:48:ac:9e:be:51:68:fd:bf:ca:4c:4c:44:a3:67:6f:5f:
         1c:a7:8d:59:6e:30:65:b0:d0:b2:40:00:de:0b:e3:af:0c:39:
         de:28:3d:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKgJ7IxKaslZtxL7gchLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
EyhlNmU4OGQ3NmNiZmMxOTU5MWJmY2QzN2RiNzhlZTBmN2FiMDVlODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnFCacVWjR7I3CWn1iBMfynM8ghS
ozYXaTFWTxcSsyYv8MRAf6ruGkqPqg4Px3HRpAzMhRsvOHQzedlPVmn2VskOcMni
v926wH5LqC1ozQLLDpEws2R9s88NhVDpZhX9AQAxexN+DTat2QwWI2WrcCg0A+H0
V/kHqZ2ytNjG5w/PAOiMArN4cq4IiMJb0Tv1nGxzarQPXn1e7qn/PDH+vLEtXVj6
x+VtH3cflo749jIfi75AQQ7xU8EjU+Q2QQg2/567MCv5qwOZf36TT4NDVV5XhXNN
/msQRyauA6xO8HWubwB6anXhvw03PwPJYNL4zsV+OGcF1FZEk7VOQ2rABQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObojXbL/BlZG/zTfbeO4PerBegTMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcOEjgbcb
GOz1ene/ZmvNhiL69JNBOd9IssSj7NdrkhCNOKCXHNkEBh7goI/kAxTZ8Pp6T9Qd
gI9lElKNKSWWeiXkH4MBc7U5iyVv+COJmY9n1HZvYAtEVpK45zzBtPEsSoglllKc
z6s4xLQgd/pSzKaQ6yJ/kI+sY3+Tjsq7JfP4ZGSpzKgU2z2vkwYdUoubOKG2gd5r
EE/WYLDdMBRnb0WKwumvUd3vfuuXQwG5+NNM1BlkFwsSDoOE2ObkR1yPMRPPTxae
Dz+R536bRUqypGYdoNmGaIDT7/lIrJ6+UWj9v8pMTESjZ29fHKeNWW4wZbDQskAA
3gvjrww53ig9jg==
-----END CERTIFICATE-----