Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
File:                     DZxWoYyYei0aLnBEt-MbMhv3rBY.mft (raw, json)
Hash identifier:          4OIuYGv/DUHICJkxA8cWJjVo9w2cMaSga8o0wrpllT4=
Subject key identifier:   93:E1:B9:09:27:21:27:37:D9:EF:C4:58:44:B6:53:34:51:86:36:04
Authority key identifier: 0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16
Certificate issuer:       /CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
Certificate serial:       019A4EF55AE659F7DA2A2BBAD06B29B1FC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
Manifest number:          089E
Signing time:             Tue 04 Nov 2025 13:01:33 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:33 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:33 +0000
Files and hashes:         1: DZxWoYyYei0aLnBEt-MbMhv3rBY.crl (hash: GTrYbUVYzRRpOg9YPEKc700KFmIgu8eEYlr9rXgmuJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:5a:e6:59:f7:da:2a:2b:ba:d0:6b:29:b1:fc:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
        Validity
            Not Before: Nov  4 13:01:33 2025 GMT
            Not After : Nov  5 13:01:33 2025 GMT
        Subject: CN=93e1b90927212737d9efc45844b6533451863604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:69:c0:34:f6:56:45:a5:b2:c0:01:2f:32:2f:
                    2f:6f:35:c2:20:be:b7:5a:2d:d8:b4:55:c2:e1:40:
                    5a:14:71:f3:a2:34:f0:e6:48:a7:b3:69:50:ad:59:
                    82:e5:36:2f:5d:8c:7c:64:a2:f1:78:69:3f:5f:c7:
                    6b:68:97:58:b0:8e:c0:1c:c4:bd:93:e5:99:13:88:
                    dc:86:43:2f:12:a9:f2:08:e7:54:d9:7a:ed:09:5d:
                    b6:04:cc:0a:0d:03:86:e3:57:ee:a7:ed:da:43:d5:
                    32:c1:90:32:3f:a5:6b:05:5b:7c:2c:5b:91:45:14:
                    47:02:f6:67:ac:df:77:1c:7e:66:52:d5:d8:a2:c1:
                    56:3a:68:1a:a0:46:8f:5a:c3:bf:db:52:ab:18:58:
                    b1:fe:68:ed:0c:f6:71:01:4e:05:e0:00:64:4a:6a:
                    70:95:b4:22:1a:2b:fe:46:f5:d9:ab:f1:4c:0d:ae:
                    49:8b:ab:b2:e6:f0:aa:e6:c9:c2:c7:0d:2d:cf:e2:
                    5a:f1:a7:b0:2f:f7:ca:1e:91:bc:c5:75:45:11:c9:
                    0f:48:c7:1d:98:d4:5a:6d:1f:5f:c1:2d:42:16:18:
                    28:8e:54:90:2c:72:9b:3c:0d:1b:52:73:4b:9d:6e:
                    94:57:75:56:0d:d7:39:cd:b7:37:3e:9d:3c:da:b9:
                    39:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:E1:B9:09:27:21:27:37:D9:EF:C4:58:44:B6:53:34:51:86:36:04
            X509v3 Authority Key Identifier:
                keyid:0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:62:34:b3:af:58:2f:ba:38:41:c3:1f:02:3f:2c:47:c7:bf:
         47:72:83:d2:f4:c0:52:7b:22:91:e3:26:37:3a:df:1e:d7:cc:
         cf:9d:98:04:43:72:83:b3:cf:5e:c1:da:12:c4:ae:dd:21:e1:
         d0:1e:07:37:44:ca:92:b3:fb:3d:c3:bf:09:ea:fa:1c:83:e2:
         9e:46:49:43:85:ee:97:1c:8c:1d:0d:03:5d:b7:f8:5b:c6:5e:
         80:3a:6a:d9:ac:0f:50:85:ea:7b:a5:2b:ec:75:45:d4:c0:cc:
         48:85:42:a8:71:e6:d9:37:2f:03:fa:03:2a:d2:a1:46:75:2f:
         2e:b9:ec:28:7f:67:d5:b0:7f:04:42:73:9d:11:6f:1a:c7:51:
         10:a5:c4:54:bd:25:a5:ec:f8:2b:b3:23:7b:e3:de:3a:f6:15:
         40:29:4f:1e:ca:3f:13:0f:f1:4f:7b:43:7c:63:40:4f:95:09:
         19:76:a6:e5:8e:5a:14:c0:68:2f:b2:c4:72:3f:77:3e:33:73:
         c8:75:8f:07:c9:59:46:9e:01:89:d5:a8:51:b0:5b:e9:2c:a0:
         59:3c:74:7d:58:b1:62:21:35:d3:25:c3:b3:e4:7b:29:ff:4c:
         b5:6e:01:ec:8f:46:91:19:34:0d:ad:a0:46:2a:8f:9f:ca:88:
         70:6c:a5:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9VrmWffaKiu60GspsfxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOWM1NmExOGM5ODdhMmQxYTJlNzA0NGI3ZTMxYjMyMWJm
N2FjMTYwHhcNMjUxMTA0MTMwMTMzWhcNMjUxMTA1MTMwMTMzWjAzMTEwLwYDVQQD
Eyg5M2UxYjkwOTI3MjEyNzM3ZDllZmM0NTg0NGI2NTMzNDUxODYzNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWnANPZWRaWywAEvMi8vbzXCIL63
Wi3YtFXC4UBaFHHzojTw5kins2lQrVmC5TYvXYx8ZKLxeGk/X8draJdYsI7AHMS9
k+WZE4jchkMvEqnyCOdU2XrtCV22BMwKDQOG41fup+3aQ9UywZAyP6VrBVt8LFuR
RRRHAvZnrN93HH5mUtXYosFWOmgaoEaPWsO/21KrGFix/mjtDPZxAU4F4ABkSmpw
lbQiGiv+RvXZq/FMDa5Ji6uy5vCq5snCxw0tz+Ja8aewL/fKHpG8xXVFEckPSMcd
mNRabR9fwS1CFhgojlSQLHKbPA0bUnNLnW6UV3VWDdc5zbc3Pp082rk5rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPhuQknISc32e/EWES2UzRRhjYEMB8GA1UdIwQY
MBaAFA2cVqGMmHotGi5wRLfjGzIb96wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYt
NDVhYjNmNTIwZjAwLzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYtNDVhYjNmNTIwZjAw
LzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmI0s69Y
L7o4QcMfAj8sR8e/R3KD0vTAUnsikeMmNzrfHtfMz52YBENyg7PPXsHaEsSu3SHh
0B4HN0TKkrP7PcO/Cer6HIPinkZJQ4XulxyMHQ0DXbf4W8ZegDpq2awPUIXqe6Ur
7HVF1MDMSIVCqHHm2TcvA/oDKtKhRnUvLrnsKH9n1bB/BEJznRFvGsdREKXEVL0l
pez4K7Mje+PeOvYVQClPHso/Ew/xT3tDfGNAT5UJGXam5Y5aFMBoL7LEcj93PjNz
yHWPB8lZRp4BidWoUbBb6SygWTx0fVixYiE10yXDs+R7Kf9MtW4B7I9GkRk0Da2g
RiqPn8qIcGylAA==
-----END CERTIFICATE-----