Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
File:                     dbh4BinZITNXwHDBwBBgU0dIg8E.mft (raw, json)
Hash identifier:          XAPTgOGmlpQytQBBOSWd9bORh4wPocc/RFTbuW6WzzI=
Subject key identifier:   5A:E2:B9:B4:8C:97:2A:DF:39:42:86:C1:27:AB:80:FC:B7:4D:2B:CF
Authority key identifier: 75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1
Certificate issuer:       /CN=75b8780629d9213357c070c1c0106053474883c1
Certificate serial:       019A71B7B0D1808D10714CA25D9593B11CED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
Manifest number:          0D43
Signing time:             Tue 11 Nov 2025 07:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:55 +0000
Files and hashes:         1: dbh4BinZITNXwHDBwBBgU0dIg8E.crl (hash: zSr8Rd87FbsogKhKqWvgFzya0MFKFBqq3oCOP1/1IYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:b0:d1:80:8d:10:71:4c:a2:5d:95:93:b1:1c:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75b8780629d9213357c070c1c0106053474883c1
        Validity
            Not Before: Nov 11 07:00:55 2025 GMT
            Not After : Nov 12 07:00:55 2025 GMT
        Subject: CN=5ae2b9b48c972adf394286c127ab80fcb74d2bcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:8c:31:6d:61:ee:d2:de:e7:26:91:1a:e0:65:
                    d6:f1:63:f4:f1:dc:7f:14:aa:86:2b:53:49:a5:26:
                    77:8f:ce:54:94:86:60:8e:2d:c3:68:59:0c:39:92:
                    2b:9b:59:5b:4b:1a:3c:f0:8a:87:68:12:ef:af:63:
                    78:77:ee:e4:fc:f0:26:8b:09:66:06:c6:f4:26:0c:
                    f2:a0:61:a6:c2:e7:6d:e0:1c:ef:04:cc:a2:ac:a0:
                    d2:97:23:85:64:63:0a:06:3b:d7:24:17:aa:10:72:
                    ea:c5:b1:04:ee:7b:c2:72:4b:c1:7b:54:2c:9a:4f:
                    e9:d2:18:6a:ad:1b:2e:1d:5e:63:65:e3:15:f0:ee:
                    cd:0d:41:19:65:8d:07:7c:70:ff:e4:6b:9a:8d:39:
                    c4:ca:83:8f:30:0d:da:d5:8f:6f:61:c7:07:04:fe:
                    50:c4:38:b7:77:23:c7:80:d7:78:ab:ec:c1:6f:d3:
                    3b:20:4f:82:ea:61:ad:94:46:df:36:fc:fe:87:04:
                    1a:b3:5e:05:71:4a:f8:41:e2:d4:a7:7c:4f:b5:a6:
                    1d:ee:f9:eb:9b:ea:3c:a7:dc:a8:4c:c1:ed:87:ba:
                    24:75:33:9d:77:b5:d6:fb:57:16:1f:c5:ce:92:36:
                    bc:c8:1d:84:b8:bf:89:13:b1:f2:25:c2:ac:37:92:
                    b1:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E2:B9:B4:8C:97:2A:DF:39:42:86:C1:27:AB:80:FC:B7:4D:2B:CF
            X509v3 Authority Key Identifier:
                keyid:75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:a6:3e:c5:57:ee:7f:bd:a1:bc:4a:bb:0f:1d:94:8e:c4:f4:
         cd:75:d0:b7:02:c6:c4:59:9b:c3:e3:a7:ab:16:56:9c:d1:c2:
         81:3e:4e:d3:00:74:56:20:66:ba:67:6b:1e:e6:8a:c0:50:1d:
         ef:4b:25:66:ee:c4:55:75:9f:b1:ed:0c:d4:0d:a1:f7:a6:3a:
         a5:b4:77:bd:3b:00:54:94:9b:94:ee:f8:47:bd:02:4d:c2:c3:
         20:29:95:31:1d:a7:0e:5a:f1:25:6b:dd:df:3e:ce:0f:ef:6f:
         f0:69:7a:f7:74:9a:07:3f:4a:a5:20:38:d7:9a:49:56:54:03:
         6a:b4:ae:ae:31:9c:e6:c7:51:df:83:a4:60:9a:05:83:71:ad:
         85:5a:df:29:4b:9d:fd:b8:fb:03:63:4e:da:5e:b6:af:bb:8d:
         a8:da:59:5f:62:73:e0:a4:53:d4:78:7e:be:57:31:17:43:2e:
         24:6e:98:05:c9:aa:f8:78:2d:73:67:07:f6:c2:fe:ae:fa:41:
         5b:40:79:d3:ac:8c:f3:af:e1:78:73:0b:ee:e6:6c:02:ee:9c:
         54:23:7d:36:be:2e:df:5c:4f:db:78:80:e8:76:74:0c:0a:1c:
         02:0f:db:6a:3c:87:de:b9:b2:62:54:f2:5b:a7:96:ee:3f:f7:
         d8:7f:a4:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7DRgI0QcUyiXZWTsRztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yjg3ODA2MjlkOTIxMzM1N2MwNzBjMWMwMTA2MDUzNDc0
ODgzYzEwHhcNMjUxMTExMDcwMDU1WhcNMjUxMTEyMDcwMDU1WjAzMTEwLwYDVQQD
Eyg1YWUyYjliNDhjOTcyYWRmMzk0Mjg2YzEyN2FiODBmY2I3NGQyYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YwxbWHu0t7nJpEa4GXW8WP08dx/
FKqGK1NJpSZ3j85UlIZgji3DaFkMOZIrm1lbSxo88IqHaBLvr2N4d+7k/PAmiwlm
Bsb0JgzyoGGmwudt4BzvBMyirKDSlyOFZGMKBjvXJBeqEHLqxbEE7nvCckvBe1Qs
mk/p0hhqrRsuHV5jZeMV8O7NDUEZZY0HfHD/5GuajTnEyoOPMA3a1Y9vYccHBP5Q
xDi3dyPHgNd4q+zBb9M7IE+C6mGtlEbfNvz+hwQas14FcUr4QeLUp3xPtaYd7vnr
m+o8p9yoTMHth7okdTOdd7XW+1cWH8XOkja8yB2EuL+JE7HyJcKsN5KxvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFriubSMlyrfOUKGwSergPy3TSvPMB8GA1UdIwQY
MBaAFHW4eAYp2SEzV8BwwcAQYFNHSIPBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEt
ZDkxMGI3NzIxZDIwLzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEtZDkxMGI3NzIxZDIw
LzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6Y+xVfu
f72hvEq7Dx2UjsT0zXXQtwLGxFmbw+OnqxZWnNHCgT5O0wB0ViBmumdrHuaKwFAd
70slZu7EVXWfse0M1A2h96Y6pbR3vTsAVJSblO74R70CTcLDICmVMR2nDlrxJWvd
3z7OD+9v8Gl693SaBz9KpSA415pJVlQDarSurjGc5sdR34OkYJoFg3GthVrfKUud
/bj7A2NO2l62r7uNqNpZX2Jz4KRT1Hh+vlcxF0MuJG6YBcmq+Hgtc2cH9sL+rvpB
W0B506yM86/heHML7uZsAu6cVCN9Nr4u31xP23iA6HZ0DAocAg/bajyH3rmyYlTy
W6eW7j/32H+kKw==
-----END CERTIFICATE-----