Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          +VchWMgZjBiY3dPKQQjIkzgnJI5TieXuQmI5W0ADtU4=
Subject key identifier:   C7:D5:E9:16:EE:69:3A:36:9D:98:E7:B8:44:41:46:52:79:B2:EC:9E
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       0196AF8D99B42882DD3FD294708F7411BDCD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          0241
Signing time:             Thu 08 May 2025 11:00:14 +0000
Manifest this update:     Thu 08 May 2025 11:00:14 +0000
Manifest next update:     Fri 09 May 2025 11:00:14 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: xbYsrAiSYI2fR3OliMDzgW6xRMJz1AlpCRVQiG391BU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 11:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:af:8d:99:b4:28:82:dd:3f:d2:94:70:8f:74:11:bd:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: May  8 11:00:14 2025 GMT
            Not After : May  9 11:00:14 2025 GMT
        Subject: CN=c7d5e916ee693a369d98e7b84441465279b2ec9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:dd:5d:05:d1:ce:9c:b8:5a:f4:4c:68:ec:67:
                    17:bf:0d:1b:39:bd:e3:00:fb:51:2a:3f:18:8e:82:
                    13:10:98:9d:a7:b7:46:c4:09:e6:b0:d7:84:4f:1a:
                    94:76:32:29:02:32:35:03:4d:95:17:07:9e:45:42:
                    57:04:39:e6:16:91:29:5b:e7:9a:b8:00:29:d3:c6:
                    f5:ea:17:ef:27:2f:3d:76:fb:4d:62:7a:2e:98:4b:
                    79:cd:fa:f9:e7:a4:bf:f2:14:90:82:21:29:4e:19:
                    ad:73:29:7b:e0:25:07:97:6f:48:f9:10:ef:a2:ea:
                    e5:c3:77:e3:03:74:73:2b:02:89:66:37:81:81:21:
                    17:07:43:47:1a:c1:ed:9e:cc:18:7c:d4:91:db:c1:
                    b7:99:87:75:02:83:5e:10:37:6b:8e:75:a2:b7:94:
                    7b:10:66:c0:46:8d:95:71:ea:aa:28:d6:6b:19:10:
                    de:ef:43:8e:ef:21:38:66:07:6b:4a:87:6a:8d:90:
                    12:75:bc:b7:78:94:b8:97:eb:0e:77:0c:ec:de:de:
                    4b:fc:73:21:ea:64:20:0e:b7:70:e0:42:e5:1a:5d:
                    ba:4a:43:4b:27:6a:e5:89:1a:b1:f6:09:fc:f5:fe:
                    ec:4c:30:44:80:42:b6:9f:4c:28:a4:b0:16:30:b7:
                    d6:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:D5:E9:16:EE:69:3A:36:9D:98:E7:B8:44:41:46:52:79:B2:EC:9E
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:18:66:28:7d:1c:95:df:20:1b:1b:62:44:70:d7:58:42:cd:
         22:5f:2a:52:00:eb:ff:2c:28:f3:41:90:84:84:3d:0b:9a:5c:
         35:b7:cc:da:80:df:af:5c:0e:72:7f:bb:14:1c:df:76:c2:a3:
         42:52:b2:17:c4:fd:47:e8:b6:bb:41:6f:66:0c:b7:83:83:3b:
         93:3f:38:00:9f:e4:29:38:3b:5f:7a:ed:80:8b:8e:a1:e1:38:
         37:13:44:ec:a5:35:c7:38:4d:52:5a:84:26:a6:69:d6:3e:95:
         b7:9e:95:6c:91:09:ef:a7:7b:0d:76:e8:98:ec:98:54:87:27:
         c0:98:3e:36:12:5f:3a:ab:17:73:89:d0:dc:fa:f6:d0:17:21:
         26:f5:3f:d1:e4:9b:0c:a8:97:b0:9e:c6:61:75:cc:71:63:d4:
         70:cc:8b:9e:65:b2:66:64:11:6c:a6:43:75:2e:ca:a8:ab:84:
         75:e7:b2:99:b8:87:a3:2f:11:04:b3:71:8d:3c:65:86:58:a5:
         9c:da:7e:f3:02:54:95:2e:27:eb:80:a9:f8:1d:2a:ef:5c:9c:
         87:e2:b1:20:76:f0:e8:92:39:17:e8:3f:e0:04:07:64:50:cd:
         f0:81:32:e4:44:3f:b1:18:e4:51:d6:0d:07:b6:47:ae:c4:18:
         f7:ee:ed:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZavjZm0KILdP9KUcI90Eb3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwNTA4MTEwMDE0WhcNMjUwNTA5MTEwMDE0WjAzMTEwLwYDVQQD
EyhjN2Q1ZTkxNmVlNjkzYTM2OWQ5OGU3Yjg0NDQxNDY1Mjc5YjJlYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA991dBdHOnLha9Exo7GcXvw0bOb3j
APtRKj8YjoITEJidp7dGxAnmsNeETxqUdjIpAjI1A02VFweeRUJXBDnmFpEpW+ea
uAAp08b16hfvJy89dvtNYnoumEt5zfr556S/8hSQgiEpThmtcyl74CUHl29I+RDv
ourlw3fjA3RzKwKJZjeBgSEXB0NHGsHtnswYfNSR28G3mYd1AoNeEDdrjnWit5R7
EGbARo2VceqqKNZrGRDe70OO7yE4ZgdrSodqjZASdby3eJS4l+sOdwzs3t5L/HMh
6mQgDrdw4ELlGl26SkNLJ2rliRqx9gn89f7sTDBEgEK2n0wopLAWMLfWLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfV6RbuaTo2nZjnuERBRlJ5suyeMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApxhmKH0c
ld8gGxtiRHDXWELNIl8qUgDr/ywo80GQhIQ9C5pcNbfM2oDfr1wOcn+7FBzfdsKj
QlKyF8T9R+i2u0FvZgy3g4M7kz84AJ/kKTg7X3rtgIuOoeE4NxNE7KU1xzhNUlqE
JqZp1j6Vt56VbJEJ76d7DXbomOyYVIcnwJg+NhJfOqsXc4nQ3Pr20BchJvU/0eSb
DKiXsJ7GYXXMcWPUcMyLnmWyZmQRbKZDdS7KqKuEdeeymbiHoy8RBLNxjTxlhlil
nNp+8wJUlS4n64Cp+B0q71ych+KxIHbw6JI5F+g/4AQHZFDN8IEy5EQ/sRjkUdYN
B7ZHrsQY9+7t1w==
-----END CERTIFICATE-----