Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
File:                     aBHhJcs1cHby-jE4yT6aJoGxeJM.mft (raw, json)
Hash identifier:          pAvn4PZ5MCZSUkdWt25P/drBO5p8Rurn+Htgvq8qRAg=
Subject key identifier:   BB:B8:D2:AB:0A:10:6C:9C:7B:C2:F9:28:CA:9D:B1:C8:B4:85:15:40
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Certificate issuer:       /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial:       0197B6A05D0E14AE8F2F8FD7EF707F56EA37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
Manifest number:          15B5
Signing time:             Sat 28 Jun 2025 13:00:52 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:52 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:52 +0000
Files and hashes:         1: aBHhJcs1cHby-jE4yT6aJoGxeJM.crl (hash: xVCxpWPdfn+kpEOpMD3IFLm4WPiMC/DJUg8qEs0StvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:5d:0e:14:ae:8f:2f:8f:d7:ef:70:7f:56:ea:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
        Validity
            Not Before: Jun 28 13:00:52 2025 GMT
            Not After : Jun 29 13:00:52 2025 GMT
        Subject: CN=bbb8d2ab0a106c9c7bc2f928ca9db1c8b4851540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c7:f1:60:d3:12:73:b8:b1:48:2d:ea:cc:aa:
                    13:de:ab:1d:fa:df:70:2a:dc:be:e0:a7:29:b5:b0:
                    ba:9a:79:84:b6:a8:f6:f4:31:09:0d:65:dc:94:75:
                    b4:db:6f:b1:97:aa:d1:80:44:45:c8:a8:9b:aa:34:
                    e3:7a:77:53:eb:e1:a7:ba:e7:77:e6:7a:30:28:10:
                    08:3d:cb:53:8c:10:f0:4d:fb:06:96:64:c5:9f:1a:
                    80:2c:6f:fe:91:05:b1:19:ff:28:ea:0f:ee:97:5d:
                    8c:68:f1:7e:cb:66:ae:ca:cf:d4:57:e5:60:d3:df:
                    f1:73:b1:1f:ed:9d:93:a9:d3:e3:da:71:7d:8b:3a:
                    1a:eb:af:c0:d9:76:fa:2b:79:2c:c0:d0:f4:fc:82:
                    21:d6:18:d9:eb:b0:35:7e:3b:c3:ed:f1:5e:ab:0a:
                    dc:a3:5d:2f:51:bb:67:87:ca:01:78:d7:f9:db:7d:
                    08:06:22:b4:98:a7:bb:40:6a:a7:cd:76:08:84:1a:
                    6a:d4:e7:67:0b:48:0a:9d:33:bb:14:3c:26:ff:de:
                    68:2c:9a:05:65:f3:36:bc:d5:0a:62:8f:04:b0:88:
                    18:4d:70:bb:da:8e:41:77:30:fd:28:b9:ee:62:c9:
                    2f:41:95:ed:17:7f:47:15:55:fc:74:51:27:80:b3:
                    60:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B8:D2:AB:0A:10:6C:9C:7B:C2:F9:28:CA:9D:B1:C8:B4:85:15:40
            X509v3 Authority Key Identifier:
                keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:27:28:4f:7c:29:06:b9:15:f4:62:fa:d7:36:9c:1f:00:dd:
         50:fc:5e:a5:6d:e2:aa:a5:55:0e:02:9c:0a:23:3b:e4:a1:9c:
         d4:e4:02:d2:91:df:cd:9c:28:9e:c3:a4:c7:7d:cf:e2:a0:51:
         e5:cc:ca:c6:91:2a:7a:6f:75:84:b4:c6:67:c0:00:d7:31:0a:
         6c:72:2a:d8:4f:aa:60:8a:14:94:6a:3e:c4:10:fd:71:5b:00:
         d6:3c:28:14:1d:33:00:11:0b:f7:55:fc:b1:e5:2a:92:a9:b5:
         80:c5:84:0b:1a:82:0d:81:e1:c5:e2:f5:34:a7:62:cc:f1:d9:
         3b:f8:77:f6:8c:a7:15:46:75:95:b0:e9:5e:78:f2:12:9a:b9:
         96:ae:97:20:87:d0:0a:31:ee:d9:da:1e:8e:e0:41:2a:1e:b4:
         29:61:6b:91:25:bc:3d:fd:43:1e:87:06:2b:9d:45:13:81:49:
         38:d9:f5:70:af:5f:7c:db:70:89:ba:73:90:ff:51:1d:1c:30:
         d0:20:58:ff:84:4b:07:b3:93:1f:95:ae:c9:09:58:c4:81:54:
         25:db:f5:83:98:a3:a4:df:cd:4c:98:ff:a0:4b:79:3f:72:7f:
         28:4d:84:a6:99:66:82:14:90:13:6a:27:44:01:2b:fd:36:e5:
         ff:5e:76:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oF0OFK6PL4/X73B/Vuo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjUwNjI4MTMwMDUyWhcNMjUwNjI5MTMwMDUyWjAzMTEwLwYDVQQD
EyhiYmI4ZDJhYjBhMTA2YzljN2JjMmY5MjhjYTlkYjFjOGI0ODUxNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsfxYNMSc7ixSC3qzKoT3qsd+t9w
Kty+4KcptbC6mnmEtqj29DEJDWXclHW022+xl6rRgERFyKibqjTjendT6+Gnuud3
5nowKBAIPctTjBDwTfsGlmTFnxqALG/+kQWxGf8o6g/ul12MaPF+y2auys/UV+Vg
09/xc7Ef7Z2TqdPj2nF9izoa66/A2Xb6K3kswND0/IIh1hjZ67A1fjvD7fFeqwrc
o10vUbtnh8oBeNf5230IBiK0mKe7QGqnzXYIhBpq1OdnC0gKnTO7FDwm/95oLJoF
ZfM2vNUKYo8EsIgYTXC72o5BdzD9KLnuYskvQZXtF39HFVX8dFEngLNgRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLu40qsKEGyce8L5KMqdsci0hRVAMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEScoT3wp
BrkV9GL61zacHwDdUPxepW3iqqVVDgKcCiM75KGc1OQC0pHfzZwonsOkx33P4qBR
5czKxpEqem91hLTGZ8AA1zEKbHIq2E+qYIoUlGo+xBD9cVsA1jwoFB0zABEL91X8
seUqkqm1gMWECxqCDYHhxeL1NKdizPHZO/h39oynFUZ1lbDpXnjyEpq5lq6XIIfQ
CjHu2doejuBBKh60KWFrkSW8Pf1DHocGK51FE4FJONn1cK9ffNtwibpzkP9RHRww
0CBY/4RLB7OTH5WuyQlYxIFUJdv1g5ijpN/NTJj/oEt5P3J/KE2EpplmghSQE2on
RAEr/Tbl/152Vw==
-----END CERTIFICATE-----