Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
File:                     dbh4BinZITNXwHDBwBBgU0dIg8E.mft (raw, json)
Hash identifier:          Abk9CvJkIF8dvV9B5dLwQ2M3WmIkoUriELPmTPJ7hoA=
Subject key identifier:   2D:D9:E1:37:90:91:F6:1C:22:97:4B:12:E9:BA:55:9E:B7:9A:E8:AA
Authority key identifier: 75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1
Certificate issuer:       /CN=75b8780629d9213357c070c1c0106053474883c1
Certificate serial:       019653495E65E5F92D04306A95414B468FA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
Manifest number:          0B21
Signing time:             Sun 20 Apr 2025 13:00:39 +0000
Manifest this update:     Sun 20 Apr 2025 13:00:39 +0000
Manifest next update:     Mon 21 Apr 2025 13:00:39 +0000
Files and hashes:         1: dbh4BinZITNXwHDBwBBgU0dIg8E.crl (hash: LHBCFexH5m+SFlgtl5sHAANxYzA04horedAJn8JoCqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:5e:65:e5:f9:2d:04:30:6a:95:41:4b:46:8f:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75b8780629d9213357c070c1c0106053474883c1
        Validity
            Not Before: Apr 20 13:00:39 2025 GMT
            Not After : Apr 21 13:00:39 2025 GMT
        Subject: CN=2dd9e1379091f61c22974b12e9ba559eb79ae8aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:16:9c:1a:43:2f:90:3d:72:15:70:b2:45:b2:
                    70:44:f6:a6:cf:f1:21:50:8c:1b:c1:f1:5f:f9:7c:
                    f3:a6:07:a3:86:d5:f4:97:0f:35:aa:6d:e6:69:f8:
                    0b:0d:13:4a:f9:20:48:98:8c:75:d3:b9:57:4a:b6:
                    1f:2a:d8:73:88:ea:f6:a5:2a:1b:ab:64:a9:8e:bf:
                    33:c0:81:5b:6d:01:6f:9b:83:b8:3b:2e:51:e6:7b:
                    8e:43:eb:b0:8a:23:e7:dd:4f:d2:76:b4:6c:11:82:
                    00:c6:6e:1f:43:5f:c9:e8:a4:85:c5:80:97:d1:bd:
                    b0:fd:6c:ce:8d:a4:7b:87:87:ab:a1:21:51:c1:fd:
                    96:b5:82:c0:13:9d:a0:82:01:fb:1e:c1:cf:ca:8d:
                    8c:be:42:bc:fe:6c:fb:6c:bc:a6:6e:19:3f:10:e9:
                    ee:f9:fd:3f:1e:0f:b3:e3:fd:d3:86:7a:ee:fc:a0:
                    0b:ff:ab:4c:64:9d:4f:eb:00:9e:cc:69:1d:eb:25:
                    22:12:8f:fe:74:0b:86:e8:80:bf:a2:ce:75:ad:46:
                    c5:8b:62:c6:fc:1b:bf:65:be:c6:2d:f9:78:4a:b6:
                    4c:39:81:e0:a9:36:12:15:f8:ef:3e:58:db:d7:2d:
                    0d:30:0c:fa:fc:58:48:57:7b:52:dd:f0:24:ea:c3:
                    29:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D9:E1:37:90:91:F6:1C:22:97:4B:12:E9:BA:55:9E:B7:9A:E8:AA
            X509v3 Authority Key Identifier:
                keyid:75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:aa:9a:97:be:2f:2d:ee:98:0b:60:15:39:20:70:64:bd:9c:
         95:2f:43:e9:48:da:2e:69:00:c3:6f:5a:c8:da:71:82:df:90:
         bc:db:f3:c7:01:de:77:94:d7:46:36:03:00:2b:08:a2:43:57:
         e3:00:79:20:64:a8:05:6e:91:87:71:f3:8c:41:5d:20:5b:30:
         1c:bc:96:87:ff:e4:fb:b9:8f:49:2e:88:08:4d:68:7c:bb:41:
         db:e0:68:6c:c0:4a:1b:e3:8e:1c:00:46:40:d9:77:16:93:1f:
         ea:aa:56:a9:46:d0:fc:87:9c:a4:b4:30:96:8c:d5:39:6a:19:
         30:c2:d0:41:17:a7:df:1a:62:ba:65:09:88:b0:da:e6:f0:e1:
         cc:95:27:ec:7d:0d:78:7e:27:6f:e0:49:1d:ea:e2:12:9f:ec:
         5c:a7:28:ba:a3:77:e0:dd:7c:1d:80:e1:31:02:48:b5:56:18:
         b1:56:c8:e6:bc:5a:08:5f:af:5a:e7:bd:1c:dd:57:11:0d:38:
         2b:d3:01:66:17:e6:3f:d3:fe:d0:c2:32:7b:40:4c:76:5d:c7:
         86:db:4b:2d:54:e2:43:14:83:b0:9e:f8:97:db:27:ef:b5:e1:
         2b:ef:f6:00:03:6a:26:22:04:8c:d3:7a:ab:f4:31:76:07:58:
         39:db:45:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSV5l5fktBDBqlUFLRo+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yjg3ODA2MjlkOTIxMzM1N2MwNzBjMWMwMTA2MDUzNDc0
ODgzYzEwHhcNMjUwNDIwMTMwMDM5WhcNMjUwNDIxMTMwMDM5WjAzMTEwLwYDVQQD
EygyZGQ5ZTEzNzkwOTFmNjFjMjI5NzRiMTJlOWJhNTU5ZWI3OWFlOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBacGkMvkD1yFXCyRbJwRPamz/Eh
UIwbwfFf+XzzpgejhtX0lw81qm3mafgLDRNK+SBImIx107lXSrYfKthziOr2pSob
q2Spjr8zwIFbbQFvm4O4Oy5R5nuOQ+uwiiPn3U/SdrRsEYIAxm4fQ1/J6KSFxYCX
0b2w/WzOjaR7h4eroSFRwf2WtYLAE52gggH7HsHPyo2MvkK8/mz7bLymbhk/EOnu
+f0/Hg+z4/3Thnru/KAL/6tMZJ1P6wCezGkd6yUiEo/+dAuG6IC/os51rUbFi2LG
/Bu/Zb7GLfl4SrZMOYHgqTYSFfjvPljb1y0NMAz6/FhIV3tS3fAk6sMpdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3Z4TeQkfYcIpdLEum6VZ63muiqMB8GA1UdIwQY
MBaAFHW4eAYp2SEzV8BwwcAQYFNHSIPBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEt
ZDkxMGI3NzIxZDIwLzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEtZDkxMGI3NzIxZDIw
LzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqqal74v
Le6YC2AVOSBwZL2clS9D6UjaLmkAw29ayNpxgt+QvNvzxwHed5TXRjYDACsIokNX
4wB5IGSoBW6Rh3HzjEFdIFswHLyWh//k+7mPSS6ICE1ofLtB2+BobMBKG+OOHABG
QNl3FpMf6qpWqUbQ/IecpLQwlozVOWoZMMLQQRen3xpiumUJiLDa5vDhzJUn7H0N
eH4nb+BJHeriEp/sXKcouqN34N18HYDhMQJItVYYsVbI5rxaCF+vWue9HN1XEQ04
K9MBZhfmP9P+0MIye0BMdl3HhttLLVTiQxSDsJ74l9sn77XhK+/2AANqJiIEjNN6
q/QxdgdYOdtF+g==
-----END CERTIFICATE-----