Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
File:                     dbh4BinZITNXwHDBwBBgU0dIg8E.mft (raw, json)
Hash identifier:          EjtZTMWUGSH+A2yHGKIll43pIqPAOUAaDh7i5LXofmE=
Subject key identifier:   EC:9A:DA:2A:61:1A:64:AB:99:F8:CC:66:5D:DA:DD:72:21:56:E2:23
Authority key identifier: 75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1
Certificate issuer:       /CN=75b8780629d9213357c070c1c0106053474883c1
Certificate serial:       019D3A53BB4BAFF3E74E9739B1E3A29B289F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
Manifest number:          0EB4
Signing time:             Sun 29 Mar 2026 16:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:59 +0000
Files and hashes:         1: dbh4BinZITNXwHDBwBBgU0dIg8E.crl (hash: WzvJHhGhK1fkqLrzXMnNuEF46RuRAKHr/f1lBLhNKqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:bb:4b:af:f3:e7:4e:97:39:b1:e3:a2:9b:28:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75b8780629d9213357c070c1c0106053474883c1
        Validity
            Not Before: Mar 29 16:00:59 2026 GMT
            Not After : Mar 30 16:00:59 2026 GMT
        Subject: CN=ec9ada2a611a64ab99f8cc665ddadd722156e223
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:0e:f0:01:43:38:ae:aa:7d:7a:f8:72:55:db:
                    60:b7:61:00:21:48:15:4e:d2:60:3b:4d:df:e9:cc:
                    fd:a1:7c:d7:75:04:8c:3a:45:2b:0b:45:47:f4:24:
                    b1:e8:e1:e0:e2:b4:2d:2c:d6:ec:09:2d:95:e6:07:
                    37:c3:82:33:d3:d1:60:ee:bb:7f:d6:c8:e8:26:31:
                    7f:73:09:f5:51:66:5f:03:62:fb:dc:83:e7:79:f3:
                    3f:e0:9c:8b:b5:0e:45:4a:23:5b:01:d4:a9:d1:14:
                    8c:18:29:c4:28:52:89:72:c2:b9:6a:d2:02:55:7a:
                    4d:5d:31:72:84:ca:73:70:61:ed:e6:1a:09:5d:ad:
                    a8:4f:95:92:29:ac:47:34:53:ab:30:5e:5f:ab:7f:
                    e3:67:fd:87:1e:0c:7a:35:d2:ea:91:5a:b6:c6:28:
                    8d:76:78:93:96:37:c5:17:d7:35:42:e1:16:96:da:
                    c6:0d:f0:1e:7c:78:0c:0d:6e:e6:a9:bf:d8:0c:b9:
                    ed:c9:33:e1:c9:45:fc:1e:ca:07:7e:71:5f:20:60:
                    fa:dd:9f:bb:60:f1:b6:ca:2c:c5:d4:ec:02:01:4b:
                    f8:54:1a:4a:ce:17:e8:f3:6e:5b:88:0d:a1:04:a5:
                    33:a7:df:10:3d:23:01:2a:cc:a0:d0:ed:26:e3:c1:
                    c4:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:9A:DA:2A:61:1A:64:AB:99:F8:CC:66:5D:DA:DD:72:21:56:E2:23
            X509v3 Authority Key Identifier:
                keyid:75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:8c:7d:36:c2:1f:9a:7e:47:5a:5e:5a:aa:29:ae:a7:fe:40:
         94:02:68:71:cf:cc:5b:a1:ee:1a:9d:51:35:4e:38:b2:68:5f:
         e9:10:b3:64:e5:94:20:ad:6f:d9:df:24:76:f3:ae:c1:21:a1:
         ea:5a:14:4a:b1:06:57:d2:37:b1:b1:6f:0f:a0:2e:91:1d:ab:
         18:e4:b4:f2:fa:63:b6:10:8a:34:d9:c6:85:48:36:ec:b0:09:
         fd:92:8f:04:0b:be:f2:3a:38:46:e3:71:70:b6:ae:4c:45:4c:
         ab:d2:ee:7f:89:36:81:12:35:03:24:f6:19:58:f2:2b:f8:74:
         71:42:10:1c:d2:97:94:6b:66:6e:09:6e:c4:75:43:c9:fc:e6:
         41:de:a6:48:07:05:f1:a2:a5:03:73:e9:3e:97:3d:5c:08:81:
         57:35:e2:59:44:c8:dc:01:21:bd:8a:91:35:eb:e3:01:68:ce:
         5a:7e:f7:be:d3:a3:d7:66:b7:7b:9f:cd:87:95:09:52:90:89:
         ec:c1:8d:6f:5d:64:8a:6b:ee:04:cd:ce:ac:17:b7:95:35:15:
         35:ed:f1:f6:76:21:b0:53:b4:30:4b:f3:19:22:fc:3f:48:a6:
         27:f6:01:2e:43:ec:82:47:47:53:cc:a3:f0:8a:3c:ff:e6:68:
         30:3d:24:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U7tLr/PnTpc5seOimyifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yjg3ODA2MjlkOTIxMzM1N2MwNzBjMWMwMTA2MDUzNDc0
ODgzYzEwHhcNMjYwMzI5MTYwMDU5WhcNMjYwMzMwMTYwMDU5WjAzMTEwLwYDVQQD
EyhlYzlhZGEyYTYxMWE2NGFiOTlmOGNjNjY1ZGRhZGQ3MjIxNTZlMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8A7wAUM4rqp9evhyVdtgt2EAIUgV
TtJgO03f6cz9oXzXdQSMOkUrC0VH9CSx6OHg4rQtLNbsCS2V5gc3w4Iz09Fg7rt/
1sjoJjF/cwn1UWZfA2L73IPnefM/4JyLtQ5FSiNbAdSp0RSMGCnEKFKJcsK5atIC
VXpNXTFyhMpzcGHt5hoJXa2oT5WSKaxHNFOrMF5fq3/jZ/2HHgx6NdLqkVq2xiiN
dniTljfFF9c1QuEWltrGDfAefHgMDW7mqb/YDLntyTPhyUX8HsoHfnFfIGD63Z+7
YPG2yizF1OwCAUv4VBpKzhfo825biA2hBKUzp98QPSMBKsyg0O0m48HE6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOya2iphGmSrmfjMZl3a3XIhVuIjMB8GA1UdIwQY
MBaAFHW4eAYp2SEzV8BwwcAQYFNHSIPBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEt
ZDkxMGI3NzIxZDIwLzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEtZDkxMGI3NzIxZDIw
LzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhIx9NsIf
mn5HWl5aqimup/5AlAJocc/MW6HuGp1RNU44smhf6RCzZOWUIK1v2d8kdvOuwSGh
6loUSrEGV9I3sbFvD6AukR2rGOS08vpjthCKNNnGhUg27LAJ/ZKPBAu+8jo4RuNx
cLauTEVMq9Luf4k2gRI1AyT2GVjyK/h0cUIQHNKXlGtmbgluxHVDyfzmQd6mSAcF
8aKlA3PpPpc9XAiBVzXiWUTI3AEhvYqRNevjAWjOWn73vtOj12a3e5/Nh5UJUpCJ
7MGNb11kimvuBM3OrBe3lTUVNe3x9nYhsFO0MEvzGSL8P0imJ/YBLkPsgkdHU8yj
8Io8/+ZoMD0kOg==
-----END CERTIFICATE-----