Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          HI5RK6KKOMY1gltYorNGu5WnUA9u+PBb4k6qGXdFnpo=
Subject key identifier:   65:6F:A2:D4:99:6D:A1:E3:AA:12:A4:04:97:D5:B2:28:32:83:A8:35
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019A0147AE694A2D57B0C3338D06D5C89F24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          03F9
Signing time:             Mon 20 Oct 2025 11:01:06 +0000
Manifest this update:     Mon 20 Oct 2025 11:01:06 +0000
Manifest next update:     Tue 21 Oct 2025 11:01:06 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: e2s6B+oQI/k+lrP2emP+E4kSjJUb3Y7TDOT/hqn45yU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 11:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:47:ae:69:4a:2d:57:b0:c3:33:8d:06:d5:c8:9f:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Oct 20 11:01:06 2025 GMT
            Not After : Oct 21 11:01:06 2025 GMT
        Subject: CN=656fa2d4996da1e3aa12a40497d5b2283283a835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1e:41:aa:aa:51:84:4e:07:14:db:73:20:92:
                    f2:b5:62:61:00:df:a9:d5:01:1f:36:6b:bc:49:d8:
                    7a:e8:b9:2e:0e:ae:93:89:e3:e7:b7:4c:5e:66:ad:
                    05:ee:ae:3b:4d:d2:07:99:51:79:54:44:8e:f5:c9:
                    96:1f:80:1d:fe:70:36:5f:4e:5f:c7:78:13:eb:20:
                    44:5c:2f:b1:3b:dc:84:24:8b:39:ca:a1:3e:27:de:
                    87:2f:68:5e:53:f7:63:bc:22:08:47:4e:65:24:6a:
                    f0:c3:2e:ea:f2:b1:8d:b0:38:ac:5f:16:0d:2d:a0:
                    2e:07:92:30:95:79:98:f8:6d:d1:73:cd:aa:66:72:
                    3a:d9:0c:3d:84:2d:09:f1:32:cf:2a:ac:1b:cf:f4:
                    18:61:de:35:6c:34:d8:07:a4:f6:9d:6a:9a:73:4c:
                    6f:a4:ef:43:4e:05:ff:f3:1f:9e:1d:3d:2a:1b:d8:
                    f7:23:98:91:8b:db:13:4b:6b:d7:ce:22:d1:d7:8b:
                    2d:24:22:e1:4a:e1:e2:10:3b:64:1f:73:02:55:66:
                    81:7c:e4:2e:3e:91:a8:d1:2e:4c:ae:7a:d2:7c:5d:
                    1a:1d:45:3d:8d:ab:b1:6a:b1:8f:49:85:76:bf:c3:
                    fe:3e:fc:c5:f8:55:85:d3:96:c6:1f:e5:74:ad:c5:
                    bf:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:6F:A2:D4:99:6D:A1:E3:AA:12:A4:04:97:D5:B2:28:32:83:A8:35
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:ef:b6:0e:0b:ff:cd:a7:9e:1c:e9:0d:24:61:41:e4:2a:e4:
         e1:3d:f7:86:77:e7:d1:18:9b:c4:45:13:7b:89:e2:e9:4f:b9:
         10:67:af:77:ab:04:e4:64:de:00:4b:f6:cc:34:9f:e9:38:f4:
         c4:ea:58:b2:1e:2d:2d:58:11:d1:da:06:2a:67:2e:a7:80:2c:
         d6:e4:db:55:db:2b:c0:73:cb:4a:83:5e:80:7f:b6:3a:f4:d0:
         9e:69:c4:b3:13:25:b4:cc:67:94:26:24:a1:69:1b:c8:be:f6:
         ae:f5:ca:50:1a:1c:c4:ce:45:23:33:c2:ad:54:74:d9:a1:12:
         63:c7:16:0a:16:a3:fa:3d:69:89:98:05:73:ee:a7:35:65:a2:
         00:e0:db:0e:62:cd:1f:df:e5:e7:cd:32:06:7a:79:e6:dc:e4:
         d2:89:1f:c3:03:d3:73:fe:cc:62:e5:38:6c:cc:2d:77:90:31:
         71:25:fb:72:9c:38:7e:f7:e7:7f:1f:f8:e1:31:ea:30:06:7b:
         09:3d:9a:3f:79:24:e0:52:a4:b0:04:be:56:34:61:ed:16:d8:
         c4:fd:ba:83:a1:05:b3:08:83:74:58:cf:4e:20:5b:33:9b:dd:
         f9:91:08:9f:7b:8a:40:b0:51:17:da:70:a9:e4:45:08:c8:68:
         76:97:f7:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR65pSi1XsMMzjQbVyJ8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUxMDIwMTEwMTA2WhcNMjUxMDIxMTEwMTA2WjAzMTEwLwYDVQQD
Eyg2NTZmYTJkNDk5NmRhMWUzYWExMmE0MDQ5N2Q1YjIyODMyODNhODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx5BqqpRhE4HFNtzIJLytWJhAN+p
1QEfNmu8Sdh66LkuDq6TiePnt0xeZq0F7q47TdIHmVF5VESO9cmWH4Ad/nA2X05f
x3gT6yBEXC+xO9yEJIs5yqE+J96HL2heU/djvCIIR05lJGrwwy7q8rGNsDisXxYN
LaAuB5IwlXmY+G3Rc82qZnI62Qw9hC0J8TLPKqwbz/QYYd41bDTYB6T2nWqac0xv
pO9DTgX/8x+eHT0qG9j3I5iRi9sTS2vXziLR14stJCLhSuHiEDtkH3MCVWaBfOQu
PpGo0S5MrnrSfF0aHUU9jauxarGPSYV2v8P+PvzF+FWF05bGH+V0rcW/WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVvotSZbaHjqhKkBJfVsigyg6g1MB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPO+2Dgv/
zaeeHOkNJGFB5Crk4T33hnfn0RibxEUTe4ni6U+5EGevd6sE5GTeAEv2zDSf6Tj0
xOpYsh4tLVgR0doGKmcup4As1uTbVdsrwHPLSoNegH+2OvTQnmnEsxMltMxnlCYk
oWkbyL72rvXKUBocxM5FIzPCrVR02aESY8cWChaj+j1piZgFc+6nNWWiAODbDmLN
H9/l580yBnp55tzk0okfwwPTc/7MYuU4bMwtd5AxcSX7cpw4fvfnfx/44THqMAZ7
CT2aP3kk4FKksAS+VjRh7RbYxP26g6EFswiDdFjPTiBbM5vd+ZEIn3uKQLBRF9pw
qeRFCMhodpf3QQ==
-----END CERTIFICATE-----