Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          yN5imQ8ODMSrOkJx8uudvW7jzun4OPlMzxuyF19pWuo=
Subject key identifier:   C5:DC:01:06:34:AC:BB:95:D1:D8:F5:EF:BC:16:D8:50:6C:B7:EC:CA
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       0197BA0F3B3146B2531BCC08ED7A21352FD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          02CB
Signing time:             Sun 29 Jun 2025 05:00:49 +0000
Manifest this update:     Sun 29 Jun 2025 05:00:49 +0000
Manifest next update:     Mon 30 Jun 2025 05:00:49 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: p6qXWgiL69AZ1yrQtSGSCdgknYsuuEJM8oQpQKa35pg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:0f:3b:31:46:b2:53:1b:cc:08:ed:7a:21:35:2f:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Jun 29 05:00:49 2025 GMT
            Not After : Jun 30 05:00:49 2025 GMT
        Subject: CN=c5dc010634acbb95d1d8f5efbc16d8506cb7ecca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b7:81:26:0f:3d:dd:14:94:7c:a0:27:86:46:
                    bb:95:6e:25:8c:10:7b:c3:3b:32:78:d5:14:68:5c:
                    2b:7d:09:ce:04:b0:18:d4:09:1f:a1:5a:54:96:fc:
                    e4:45:71:f4:9d:34:98:67:70:fe:41:fd:c4:92:92:
                    3c:d3:ea:43:76:86:2b:dd:23:d7:5a:80:5a:64:73:
                    64:d3:a1:3d:80:8b:c5:38:bf:54:54:26:08:0e:28:
                    c1:0d:32:55:8c:9e:04:f7:1d:69:e0:0a:39:26:67:
                    65:fe:e9:29:ef:5b:c3:4d:59:51:20:86:2a:20:da:
                    f0:78:fc:d8:2b:cf:32:99:20:58:94:3a:44:cf:48:
                    11:31:60:54:7e:73:69:f6:ac:b8:a0:c0:19:57:da:
                    11:aa:6e:56:60:22:29:51:7a:be:e4:9a:e6:2d:ad:
                    a8:86:c2:e5:aa:6b:14:f3:b6:f1:30:f6:1e:88:48:
                    c0:90:74:28:87:48:96:d8:0c:b0:78:b7:be:4e:87:
                    ce:6e:c4:ca:82:2f:76:7a:d3:9f:da:29:82:44:3f:
                    69:d6:18:a2:9c:77:53:a1:73:da:4c:c6:0b:ed:f0:
                    b0:4a:8f:70:1e:fe:09:29:8f:11:f3:5e:19:c0:65:
                    b6:f5:c6:be:06:98:17:14:82:a5:2e:2c:1b:8b:89:
                    73:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:DC:01:06:34:AC:BB:95:D1:D8:F5:EF:BC:16:D8:50:6C:B7:EC:CA
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:70:be:06:a2:c1:c4:29:ee:91:20:ca:ec:19:20:57:92:fd:
         95:fb:8f:6c:dd:73:1c:cf:18:f7:77:59:05:64:42:0e:e7:bd:
         9d:f9:ab:a1:b3:51:f2:4a:12:a4:a8:95:55:b2:d3:07:a6:22:
         d2:da:c6:17:6c:0e:93:c4:4d:65:69:36:f8:55:65:2c:ae:fb:
         dd:95:61:d9:72:95:33:33:26:bc:14:9c:0a:f7:6d:e7:33:62:
         a6:f0:4f:53:11:5e:8b:55:f1:0a:5f:30:33:a4:a3:71:eb:91:
         c4:f1:64:87:43:43:42:dd:48:f8:eb:e2:a7:c3:35:00:01:e5:
         ee:91:df:4b:fb:a5:41:be:3f:d3:4f:18:74:05:67:23:c4:45:
         45:5f:ab:58:a0:c1:ae:eb:8b:c5:ff:1b:b7:6d:dc:d1:a5:e4:
         c8:95:12:9d:f7:eb:b0:d8:81:11:68:b4:d3:48:f7:32:63:b8:
         da:1a:47:7e:7e:1f:8f:7d:b4:9c:d3:b7:46:50:44:66:e5:34:
         5c:84:fe:5d:73:b8:26:67:2a:2b:34:b3:59:8c:fc:16:c7:18:
         ec:e2:7a:9f:e8:75:20:20:31:bd:ae:0c:b3:50:cb:53:65:6a:
         00:4e:3e:dd:9c:12:49:23:62:89:90:09:9f:5b:12:d4:ef:96:
         0d:ef:22:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6DzsxRrJTG8wI7XohNS/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwNjI5MDUwMDQ5WhcNMjUwNjMwMDUwMDQ5WjAzMTEwLwYDVQQD
EyhjNWRjMDEwNjM0YWNiYjk1ZDFkOGY1ZWZiYzE2ZDg1MDZjYjdlY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnreBJg893RSUfKAnhka7lW4ljBB7
wzsyeNUUaFwrfQnOBLAY1AkfoVpUlvzkRXH0nTSYZ3D+Qf3EkpI80+pDdoYr3SPX
WoBaZHNk06E9gIvFOL9UVCYIDijBDTJVjJ4E9x1p4Ao5Jmdl/ukp71vDTVlRIIYq
INrwePzYK88ymSBYlDpEz0gRMWBUfnNp9qy4oMAZV9oRqm5WYCIpUXq+5JrmLa2o
hsLlqmsU87bxMPYeiEjAkHQoh0iW2AyweLe+TofObsTKgi92etOf2imCRD9p1hii
nHdToXPaTMYL7fCwSo9wHv4JKY8R814ZwGW29ca+BpgXFIKlLiwbi4lz3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXcAQY0rLuV0dj177wW2FBst+zKMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVnC+BqLB
xCnukSDK7BkgV5L9lfuPbN1zHM8Y93dZBWRCDue9nfmrobNR8koSpKiVVbLTB6Yi
0trGF2wOk8RNZWk2+FVlLK773ZVh2XKVMzMmvBScCvdt5zNipvBPUxFei1XxCl8w
M6SjceuRxPFkh0NDQt1I+Ovip8M1AAHl7pHfS/ulQb4/008YdAVnI8RFRV+rWKDB
ruuLxf8bt23c0aXkyJUSnffrsNiBEWi000j3MmO42hpHfn4fj320nNO3RlBEZuU0
XIT+XXO4JmcqKzSzWYz8FscY7OJ6n+h1ICAxva4Ms1DLU2VqAE4+3ZwSSSNiiZAJ
n1sS1O+WDe8i9g==
-----END CERTIFICATE-----