Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
File:                     dbzZGxsvmvS3QhSm1njOBxlo4c8.mft (raw, json)
Hash identifier:          YjAJdyM1xJEIjahX4wJGIS0bSspwS3amRVqniJ9SQ90=
Subject key identifier:   84:95:F1:C2:C5:B5:8C:76:C2:85:88:1C:8B:B1:1F:FF:A8:02:BE:92
Authority key identifier: 75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF
Certificate issuer:       /CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
Certificate serial:       0198D65F0D685189BCD7AC98C78603AA0A7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
Manifest number:          0873
Signing time:             Sat 23 Aug 2025 10:00:10 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:10 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:10 +0000
Files and hashes:         1: dbzZGxsvmvS3QhSm1njOBxlo4c8.crl (hash: eOIq/xJq2eaf/YCQIM2VgZOlDlQKzh2HuPVIUVlTFRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:0d:68:51:89:bc:d7:ac:98:c7:86:03:aa:0a:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf
        Validity
            Not Before: Aug 23 10:00:10 2025 GMT
            Not After : Aug 24 10:00:10 2025 GMT
        Subject: CN=8495f1c2c5b58c76c285881c8bb11fffa802be92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:cb:64:fc:03:1b:95:fb:0e:8b:77:0e:4a:94:
                    1f:dd:96:40:6a:1b:e7:3d:1a:08:6c:eb:d7:d3:be:
                    c3:c4:41:fc:a5:26:60:b8:89:f3:d7:3f:a2:2b:a4:
                    a5:67:2e:92:74:42:ba:e5:58:4d:3c:f8:2d:88:a4:
                    db:eb:0b:97:48:5b:e5:cc:9a:c9:4f:eb:08:5d:77:
                    a4:c6:de:a0:db:ef:cf:f0:08:b5:dc:75:4d:1e:0a:
                    d1:ab:a4:e5:f0:59:6c:1e:69:3b:f0:48:df:8f:35:
                    83:f9:a0:c6:4a:35:11:80:82:9d:42:75:98:db:c2:
                    d9:87:cb:50:ee:b6:0a:b0:6c:9d:ba:66:cb:eb:e5:
                    d5:9a:d4:12:8b:f1:4e:68:da:8c:55:43:81:7b:f1:
                    29:3f:a5:05:2a:49:48:3a:07:8a:50:12:76:c1:5c:
                    a8:86:38:f9:7a:96:04:8a:27:9d:e2:de:aa:d7:b7:
                    70:97:e0:06:e4:06:b9:d8:19:7a:9d:35:11:dc:ec:
                    dd:60:08:50:90:6e:c1:47:c2:ec:ef:2e:07:9d:d9:
                    ff:85:97:34:81:5b:2c:7b:fc:7c:1e:c9:ba:cb:2d:
                    43:86:b4:68:49:d6:e8:b3:ea:1a:86:55:c4:94:ee:
                    cb:a4:2e:cf:ab:6d:5f:c5:b9:08:92:f2:b1:f5:49:
                    1b:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:95:F1:C2:C5:B5:8C:76:C2:85:88:1C:8B:B1:1F:FF:A8:02:BE:92
            X509v3 Authority Key Identifier:
                keyid:75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:ad:62:8d:ff:a5:3b:82:96:b5:26:b8:b2:f7:b6:3a:0c:11:
         a0:b3:6d:65:60:d4:1e:55:35:70:f2:a1:c6:31:df:1b:d6:ed:
         5a:a2:ca:94:03:a8:e7:84:6d:e4:ce:92:8a:10:81:26:6c:59:
         cc:d4:8a:98:2e:ce:d5:a8:ed:ba:a4:66:d5:13:f2:dc:b1:58:
         6e:92:e5:69:43:58:57:d0:09:df:50:33:74:fe:cf:8b:6e:bc:
         18:ce:ef:8f:c2:33:bd:2e:50:02:a9:ca:66:de:de:82:f2:e6:
         3b:eb:ac:d5:e8:11:03:1f:52:4c:5d:bb:64:ae:3f:8a:70:36:
         49:e1:24:54:40:62:cc:64:2d:89:a8:a0:87:49:c4:f0:fb:b6:
         69:bf:90:0d:56:e3:b2:7d:00:05:81:ff:ca:bb:96:93:17:15:
         2f:f4:35:c5:1a:e3:97:30:d0:cd:5f:4b:7b:11:30:27:7b:b9:
         84:b3:11:81:c1:ad:b6:3c:96:71:9c:26:37:1f:3e:d1:ed:04:
         17:d3:36:d1:e5:1a:3f:ce:a2:d7:25:d9:8f:69:ad:32:b1:4c:
         20:d1:f2:31:6b:da:67:ac:88:ce:9f:67:dd:9b:00:86:fe:a8:
         b3:de:0a:63:8e:67:f3:d7:c5:41:7c:fc:80:d9:ed:b4:2f:7a:
         36:e8:dd:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXw1oUYm816yYx4YDqgp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmNkOTFiMWIyZjlhZjRiNzQyMTRhNmQ2NzhjZTA3MTk2
OGUxY2YwHhcNMjUwODIzMTAwMDEwWhcNMjUwODI0MTAwMDEwWjAzMTEwLwYDVQQD
Eyg4NDk1ZjFjMmM1YjU4Yzc2YzI4NTg4MWM4YmIxMWZmZmE4MDJiZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMtk/AMblfsOi3cOSpQf3ZZAahvn
PRoIbOvX077DxEH8pSZguInz1z+iK6SlZy6SdEK65VhNPPgtiKTb6wuXSFvlzJrJ
T+sIXXekxt6g2+/P8Ai13HVNHgrRq6Tl8FlsHmk78EjfjzWD+aDGSjURgIKdQnWY
28LZh8tQ7rYKsGydumbL6+XVmtQSi/FOaNqMVUOBe/EpP6UFKklIOgeKUBJ2wVyo
hjj5epYEiied4t6q17dwl+AG5Aa52Bl6nTUR3OzdYAhQkG7BR8Ls7y4Hndn/hZc0
gVsse/x8Hsm6yy1DhrRoSdbos+oahlXElO7LpC7Pq21fxbkIkvKx9UkbzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISV8cLFtYx2woWIHIuxH/+oAr6SMB8GA1UdIwQY
MBaAFHW82RsbL5r0t0IUptZ4zgcZaOHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2Qt
MWMwNTc1NTI2OTFlLzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2QtMWMwNTc1NTI2OTFl
LzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsK1ijf+l
O4KWtSa4sve2OgwRoLNtZWDUHlU1cPKhxjHfG9btWqLKlAOo54Rt5M6SihCBJmxZ
zNSKmC7O1ajtuqRm1RPy3LFYbpLlaUNYV9AJ31AzdP7Pi268GM7vj8IzvS5QAqnK
Zt7egvLmO+us1egRAx9STF27ZK4/inA2SeEkVEBizGQtiaigh0nE8Pu2ab+QDVbj
sn0ABYH/yruWkxcVL/Q1xRrjlzDQzV9LexEwJ3u5hLMRgcGttjyWcZwmNx8+0e0E
F9M20eUaP86i1yXZj2mtMrFMINHyMWvaZ6yIzp9n3ZsAhv6os94KY45n89fFQXz8
gNnttC96Nujd0w==
-----END CERTIFICATE-----