Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
File:                     dbh4BinZITNXwHDBwBBgU0dIg8E.mft (raw, json)
Hash identifier:          OuUyga8RDakgABE8ud5Wf0SG4LxNYe6WZyCD85VHz8s=
Subject key identifier:   3A:12:6D:09:F0:5E:80:FC:05:EB:6E:3C:B0:7C:B5:50:61:36:3A:BA
Authority key identifier: 75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1
Certificate issuer:       /CN=75b8780629d9213357c070c1c0106053474883c1
Certificate serial:       019D2704741C8D724EF3BF7CE11691C148E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
Manifest number:          0EAA
Signing time:             Wed 25 Mar 2026 22:01:36 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:36 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:36 +0000
Files and hashes:         1: dbh4BinZITNXwHDBwBBgU0dIg8E.crl (hash: +NMOXQrAv+GpxQdUs0uXfSYatiVA60G3jBFSvTsZptA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:74:1c:8d:72:4e:f3:bf:7c:e1:16:91:c1:48:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75b8780629d9213357c070c1c0106053474883c1
        Validity
            Not Before: Mar 25 22:01:36 2026 GMT
            Not After : Mar 26 22:01:36 2026 GMT
        Subject: CN=3a126d09f05e80fc05eb6e3cb07cb55061363aba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b4:8f:d3:fc:bc:01:57:f8:2d:87:b1:4e:3a:
                    97:7d:00:25:fe:23:ef:58:1e:8d:04:92:4d:13:82:
                    48:74:2a:ae:59:a5:55:f0:df:50:9e:0d:db:1a:ee:
                    51:e8:b3:41:60:fb:44:bc:ff:1a:26:56:77:fc:fb:
                    06:77:fa:61:7f:a7:55:ea:f9:a6:92:f1:8a:14:fb:
                    4c:5b:96:83:52:1d:bd:a3:72:7b:2b:2d:16:e1:83:
                    c5:c7:c9:aa:78:4b:21:69:e0:9d:cd:1b:c5:f0:a3:
                    5d:cb:7f:f8:16:0f:36:c1:58:26:41:6b:cd:45:59:
                    6f:e4:ee:15:b0:f2:6a:16:68:8a:da:61:41:0f:0b:
                    ab:30:11:14:a0:ab:42:2d:e6:0e:c5:01:53:37:11:
                    92:6f:4e:15:86:46:ef:e2:7b:f1:27:ef:75:ee:75:
                    b8:83:53:42:ed:0f:d2:58:c3:e8:69:ed:59:47:de:
                    20:d1:8d:38:52:8b:9d:d0:71:f5:70:57:b2:23:ea:
                    8f:00:d4:1c:61:60:59:82:c7:30:d2:9f:8a:b8:4f:
                    c7:ac:85:07:b8:0f:a9:fd:93:21:88:56:8e:5f:70:
                    34:28:12:94:44:6c:85:15:fc:41:7d:25:77:6b:b1:
                    d3:16:dc:86:07:45:e3:0d:bd:ad:39:5c:4e:c5:c0:
                    c7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:12:6D:09:F0:5E:80:FC:05:EB:6E:3C:B0:7C:B5:50:61:36:3A:BA
            X509v3 Authority Key Identifier:
                keyid:75:B8:78:06:29:D9:21:33:57:C0:70:C1:C0:10:60:53:47:48:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbh4BinZITNXwHDBwBBgU0dIg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/96fb9d-ff9f-4d5d-b6c1-d910b7721d20/1/dbh4BinZITNXwHDBwBBgU0dIg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:a1:8f:b0:8f:cb:a8:93:11:9d:30:1a:b2:45:d3:1b:e1:da:
         dc:83:a6:5e:fe:38:93:52:4a:9e:e5:54:f8:09:46:4e:04:5f:
         91:75:df:b6:e8:93:24:6b:41:8e:ce:9d:1c:55:11:11:49:35:
         ff:66:09:9a:d5:bb:28:27:d8:eb:34:5b:35:38:0e:4b:fc:c9:
         9f:3e:d1:ba:3d:02:90:15:68:7e:a9:47:96:ee:f6:49:a8:80:
         cf:82:fa:a3:e1:2d:69:1a:bd:af:2d:61:4a:77:27:60:e6:a6:
         c8:b3:ff:96:e6:e0:e8:d4:31:91:6d:78:dc:ee:0c:86:aa:24:
         75:79:86:3d:91:e8:37:4f:c0:9e:d0:d5:8b:96:1a:da:d5:bc:
         ce:22:7a:f7:c3:cb:5e:7d:25:b7:64:6a:f4:83:7c:89:30:b2:
         88:c3:92:b5:fe:b9:10:c4:cb:d6:88:ab:d7:7c:02:2b:af:b9:
         6d:8e:ef:8b:bd:22:71:fc:b7:d1:37:bd:cc:f4:85:a0:48:18:
         cc:3e:dc:91:8d:78:ce:ba:64:ab:38:28:26:17:3b:90:b7:eb:
         a8:13:45:90:bd:ae:bf:da:ed:a0:5d:31:e8:66:8a:43:7e:ed:
         db:d4:46:d8:00:0f:38:75:11:4f:e9:d4:0c:77:1f:a2:f9:65:
         2c:ed:00:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHQcjXJO87984RaRwUjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Yjg3ODA2MjlkOTIxMzM1N2MwNzBjMWMwMTA2MDUzNDc0
ODgzYzEwHhcNMjYwMzI1MjIwMTM2WhcNMjYwMzI2MjIwMTM2WjAzMTEwLwYDVQQD
EygzYTEyNmQwOWYwNWU4MGZjMDVlYjZlM2NiMDdjYjU1MDYxMzYzYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bSP0/y8AVf4LYexTjqXfQAl/iPv
WB6NBJJNE4JIdCquWaVV8N9Qng3bGu5R6LNBYPtEvP8aJlZ3/PsGd/phf6dV6vmm
kvGKFPtMW5aDUh29o3J7Ky0W4YPFx8mqeEshaeCdzRvF8KNdy3/4Fg82wVgmQWvN
RVlv5O4VsPJqFmiK2mFBDwurMBEUoKtCLeYOxQFTNxGSb04Vhkbv4nvxJ+917nW4
g1NC7Q/SWMPoae1ZR94g0Y04Uoud0HH1cFeyI+qPANQcYWBZgscw0p+KuE/HrIUH
uA+p/ZMhiFaOX3A0KBKURGyFFfxBfSV3a7HTFtyGB0XjDb2tOVxOxcDHCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoSbQnwXoD8BetuPLB8tVBhNjq6MB8GA1UdIwQY
MBaAFHW4eAYp2SEzV8BwwcAQYFNHSIPBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEt
ZDkxMGI3NzIxZDIwLzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85NmZiOWQtZmY5Zi00ZDVkLWI2YzEtZDkxMGI3NzIxZDIw
LzEvZGJoNEJpblpJVE5Yd0hEQndCQmdVMGRJZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm6GPsI/L
qJMRnTAaskXTG+Ha3IOmXv44k1JKnuVU+AlGTgRfkXXftuiTJGtBjs6dHFUREUk1
/2YJmtW7KCfY6zRbNTgOS/zJnz7Ruj0CkBVofqlHlu72SaiAz4L6o+EtaRq9ry1h
SncnYOamyLP/lubg6NQxkW143O4MhqokdXmGPZHoN0/AntDVi5Ya2tW8ziJ698PL
Xn0lt2Rq9IN8iTCyiMOStf65EMTL1oir13wCK6+5bY7vi70icfy30Te9zPSFoEgY
zD7ckY14zrpkqzgoJhc7kLfrqBNFkL2uv9rtoF0x6GaKQ37t29RG2AAPOHURT+nU
DHcfovllLO0A6Q==
-----END CERTIFICATE-----