Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
File:                     dbzZGxsvmvS3QhSm1njOBxlo4c8.mft (raw, json)
Hash identifier:          uBnYdKfHJNTR1k5RxxSa8793E1gy8jzpnSQx9vaR5jY=
Subject key identifier:   7B:BC:62:FB:51:D7:17:91:EC:36:0C:18:27:70:85:10:99:37:B9:61
Authority key identifier: 75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF
Certificate issuer:       /CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
Certificate serial:       0199FBEADD405AB4F4DD26DCE9B2F163CA63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
Manifest number:          090B
Signing time:             Sun 19 Oct 2025 10:01:37 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:37 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:37 +0000
Files and hashes:         1: dbzZGxsvmvS3QhSm1njOBxlo4c8.crl (hash: Nmc44Gda7xr5mskX9iLt2WTRGT+zj/541FPrEqALVQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:dd:40:5a:b4:f4:dd:26:dc:e9:b2:f1:63:ca:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
        Validity
            Not Before: Oct 19 10:01:37 2025 GMT
            Not After : Oct 20 10:01:37 2025 GMT
        Subject: CN=7bbc62fb51d71791ec360c18277085109937b961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:9c:b7:20:52:34:d2:f6:21:3d:28:2b:4d:15:
                    94:d1:6b:aa:7b:63:35:b0:59:cb:f9:74:32:68:46:
                    96:43:1e:5a:59:56:5e:ee:6b:85:92:38:83:0e:80:
                    c8:f5:af:d8:cc:db:7d:51:5c:77:74:aa:b8:50:d4:
                    39:62:e8:d8:05:45:8e:ee:98:6a:6f:58:09:bc:c3:
                    76:c5:c7:1e:b3:2d:e1:85:a8:32:87:70:0c:14:c2:
                    88:54:f9:b0:68:16:69:dd:22:d3:d0:62:59:e0:be:
                    9d:6a:f7:87:ab:0b:85:a4:7e:c3:a1:59:da:83:da:
                    2c:f0:b7:bc:97:84:df:db:e7:74:65:e9:1e:9a:d7:
                    11:7c:48:2d:cd:1e:04:02:f4:7f:17:6e:5d:cf:dc:
                    f2:ae:fd:93:a8:25:ce:43:40:c2:8c:9d:54:cd:9b:
                    f0:e5:4f:bc:c5:33:04:c7:d2:06:a7:02:89:01:db:
                    2d:00:51:b0:75:f1:99:d5:9e:24:e8:a7:a1:0d:13:
                    5d:d4:23:81:3f:50:aa:e3:d6:80:96:73:67:a2:5b:
                    36:18:6d:9e:23:c4:ee:8c:de:52:30:8b:cf:f2:93:
                    d6:16:db:4b:7a:e2:e1:ba:2f:e7:14:ff:ee:9a:a3:
                    c5:f9:62:8b:dc:10:c8:c3:83:c9:73:22:97:1d:a1:
                    0b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:BC:62:FB:51:D7:17:91:EC:36:0C:18:27:70:85:10:99:37:B9:61
            X509v3 Authority Key Identifier:
                keyid:75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:13:54:fd:59:5e:80:9a:d7:2a:e5:c0:72:5e:eb:2f:05:55:
         04:13:bb:0e:9d:07:b6:6f:2a:da:16:b2:db:0c:b2:75:4c:39:
         d2:90:29:91:1d:78:11:ad:b7:02:b8:94:9a:1d:89:da:a6:35:
         54:50:b7:48:4a:22:d6:19:ab:3f:96:7c:bd:fa:dc:0f:e7:a2:
         52:5b:c5:69:32:a9:be:49:70:ab:ff:4a:33:53:75:e6:39:29:
         b8:7b:e9:e5:38:84:e9:ee:30:c8:67:ad:08:dc:c4:78:f7:f5:
         7e:41:d7:ba:8b:b9:0a:98:6b:0e:0f:04:70:be:a7:8b:b2:18:
         29:b0:68:55:b9:fc:37:96:43:c2:72:b7:d4:6b:1a:62:d6:7d:
         c2:d6:74:fd:bb:18:b4:b0:ee:4c:e4:f3:68:6a:ef:c9:d1:7a:
         53:19:1d:17:ee:4a:7b:19:85:2b:30:26:cb:47:a4:3d:9d:0f:
         89:5d:c5:79:a0:9a:8a:fe:77:63:d9:51:22:be:08:74:45:ff:
         b5:07:de:0d:86:b6:4a:99:78:e1:1b:a7:07:44:e8:fe:8f:46:
         ec:06:ee:40:e9:05:10:e3:ae:51:e6:3e:c7:92:a1:2d:da:21:
         8e:5a:21:e5:ef:74:84:af:e4:4d:1e:df:26:f9:e2:85:8b:4b:
         e6:f0:9e:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76t1AWrT03Sbc6bLxY8pjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmNkOTFiMWIyZjlhZjRiNzQyMTRhNmQ2NzhjZTA3MTk2
OGUxY2YwHhcNMjUxMDE5MTAwMTM3WhcNMjUxMDIwMTAwMTM3WjAzMTEwLwYDVQQD
Eyg3YmJjNjJmYjUxZDcxNzkxZWMzNjBjMTgyNzcwODUxMDk5MzdiOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupy3IFI00vYhPSgrTRWU0Wuqe2M1
sFnL+XQyaEaWQx5aWVZe7muFkjiDDoDI9a/YzNt9UVx3dKq4UNQ5YujYBUWO7phq
b1gJvMN2xccesy3hhagyh3AMFMKIVPmwaBZp3SLT0GJZ4L6daveHqwuFpH7DoVna
g9os8Le8l4Tf2+d0ZekemtcRfEgtzR4EAvR/F25dz9zyrv2TqCXOQ0DCjJ1UzZvw
5U+8xTMEx9IGpwKJAdstAFGwdfGZ1Z4k6KehDRNd1COBP1Cq49aAlnNnols2GG2e
I8TujN5SMIvP8pPWFttLeuLhui/nFP/umqPF+WKL3BDIw4PJcyKXHaELEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHu8YvtR1xeR7DYMGCdwhRCZN7lhMB8GA1UdIwQY
MBaAFHW82RsbL5r0t0IUptZ4zgcZaOHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2Qt
MWMwNTc1NTI2OTFlLzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2QtMWMwNTc1NTI2OTFl
LzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXhNU/Vle
gJrXKuXAcl7rLwVVBBO7Dp0Htm8q2hay2wyydUw50pApkR14Ea23AriUmh2J2qY1
VFC3SEoi1hmrP5Z8vfrcD+eiUlvFaTKpvklwq/9KM1N15jkpuHvp5TiE6e4wyGet
CNzEePf1fkHXuou5CphrDg8EcL6ni7IYKbBoVbn8N5ZDwnK31GsaYtZ9wtZ0/bsY
tLDuTOTzaGrvydF6UxkdF+5KexmFKzAmy0ekPZ0PiV3FeaCaiv53Y9lRIr4IdEX/
tQfeDYa2Spl44RunB0To/o9G7AbuQOkFEOOuUeY+x5KhLdohjloh5e90hK/kTR7f
JvnihYtL5vCeXg==
-----END CERTIFICATE-----