Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft
File:                     bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft (raw, json)
Hash identifier:          H2hmEYKhZuThGok9G09RGSku83sD+8mD/jI8vx3h0TU=
Subject key identifier:   FE:D2:86:0A:43:D8:16:3F:D3:D5:BE:8B:BD:73:FD:57:90:BC:5E:94
Authority key identifier: 6D:00:51:98:B7:45:72:A1:56:AB:63:F2:30:85:89:7B:D3:CC:D4:1B
Certificate issuer:       /CN=6d005198b74572a156ab63f23085897bd3ccd41b
Certificate serial:       0197B7EA9F3C9C92E96AC1450BD9B3D748D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft
Manifest number:          01DA
Signing time:             Sat 28 Jun 2025 19:01:36 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:36 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:36 +0000
Files and hashes:         1: bQBRmLdFcqFWq2PyMIWJe9PM1Bs.crl (hash: /EZW0VwPWlI3+hSjbQCqMR9mfXdNQ7KVChbKZJ0H89w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:9f:3c:9c:92:e9:6a:c1:45:0b:d9:b3:d7:48:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d005198b74572a156ab63f23085897bd3ccd41b
        Validity
            Not Before: Jun 28 19:01:36 2025 GMT
            Not After : Jun 29 19:01:36 2025 GMT
        Subject: CN=fed2860a43d8163fd3d5be8bbd73fd5790bc5e94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:59:bf:eb:1c:e3:74:87:f6:23:37:6e:ff:4e:
                    8c:10:af:b3:6a:35:18:25:10:43:68:7b:8a:50:0c:
                    70:51:5e:df:65:7e:ff:1a:d5:31:d5:4e:fd:dd:62:
                    c3:24:7c:1e:c3:51:2b:7d:dd:3d:0b:4b:22:d1:0d:
                    5a:82:4e:c1:52:d5:05:d9:06:70:12:ac:1d:de:c7:
                    d7:78:aa:9a:52:ca:c8:77:9a:c6:78:8a:33:75:e7:
                    19:88:d6:9f:bd:67:75:67:c4:f8:3e:f2:02:30:9d:
                    c0:ee:28:6e:f8:a8:0c:58:81:bf:ea:77:78:44:68:
                    62:8d:6b:e6:90:e5:f3:20:69:d2:aa:33:79:e4:ed:
                    9d:ec:af:42:4d:c5:47:85:e8:e7:20:7b:92:42:81:
                    c8:ba:43:05:6c:f3:00:1e:45:74:90:a1:11:be:a8:
                    6f:fb:6a:a6:1b:a0:b2:1a:65:d3:85:60:8a:ae:86:
                    29:f1:f6:8a:92:22:08:dc:5d:80:d2:98:f7:62:54:
                    aa:36:fb:7a:63:71:63:27:d6:23:23:ef:cf:2b:db:
                    20:aa:2e:ba:60:2c:2b:1a:24:fc:bc:cc:b9:47:97:
                    cf:e6:7b:08:bd:0e:8a:d1:36:6f:25:86:10:9c:b3:
                    8b:c5:64:f5:2d:17:e9:25:53:25:16:2e:6d:68:cd:
                    95:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:D2:86:0A:43:D8:16:3F:D3:D5:BE:8B:BD:73:FD:57:90:BC:5E:94
            X509v3 Authority Key Identifier:
                keyid:6D:00:51:98:B7:45:72:A1:56:AB:63:F2:30:85:89:7B:D3:CC:D4:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:8a:b4:e9:1f:a8:65:c2:66:86:d3:ec:e8:f5:89:e0:6c:ce:
         e3:30:e6:30:b3:42:19:73:c1:78:38:d2:b4:38:6d:29:02:45:
         fd:84:e8:d6:92:c1:ae:de:a7:b4:5b:53:7e:f0:ca:a2:1c:37:
         af:ad:40:61:6c:d7:42:be:0a:96:c5:cb:85:dc:cd:e1:a5:82:
         f3:f9:c9:d4:80:9b:f2:60:c8:d9:df:8e:77:5b:6b:b0:db:32:
         28:f3:30:39:b9:d3:d9:a5:23:58:1b:58:bd:a3:da:6d:fc:17:
         e1:68:6d:df:7e:c2:24:e1:27:08:60:5d:8f:d4:f6:dd:a9:8e:
         97:e2:9d:42:3e:f0:75:60:0b:eb:12:b0:25:33:68:a7:80:89:
         e8:94:fc:70:50:d5:01:81:90:96:3b:f0:c1:7c:f3:e3:07:f5:
         c1:19:9d:f9:e2:6b:3d:c2:74:2a:88:8f:df:1d:1e:1c:66:2f:
         bd:42:f7:7a:c3:ec:fc:1b:a4:45:30:8a:db:6f:c7:7e:ce:42:
         46:1e:04:6f:f7:93:7f:74:9e:f1:17:31:e3:cf:4e:f8:36:11:
         a1:39:b3:fd:c5:8a:a9:18:c5:af:48:54:02:98:3c:89:c3:02:
         7d:31:82:01:73:9b:37:64:ed:05:9a:f6:70:1e:f7:d6:e7:74:
         19:9f:d1:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36p88nJLpasFFC9mz10jTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDA1MTk4Yjc0NTcyYTE1NmFiNjNmMjMwODU4OTdiZDNj
Y2Q0MWIwHhcNMjUwNjI4MTkwMTM2WhcNMjUwNjI5MTkwMTM2WjAzMTEwLwYDVQQD
EyhmZWQyODYwYTQzZDgxNjNmZDNkNWJlOGJiZDczZmQ1NzkwYmM1ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVm/6xzjdIf2Izdu/06MEK+zajUY
JRBDaHuKUAxwUV7fZX7/GtUx1U793WLDJHwew1Erfd09C0si0Q1agk7BUtUF2QZw
Eqwd3sfXeKqaUsrId5rGeIozdecZiNafvWd1Z8T4PvICMJ3A7ihu+KgMWIG/6nd4
RGhijWvmkOXzIGnSqjN55O2d7K9CTcVHhejnIHuSQoHIukMFbPMAHkV0kKERvqhv
+2qmG6CyGmXThWCKroYp8faKkiII3F2A0pj3YlSqNvt6Y3FjJ9YjI+/PK9sgqi66
YCwrGiT8vMy5R5fP5nsIvQ6K0TZvJYYQnLOLxWT1LRfpJVMlFi5taM2VhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7ShgpD2BY/09W+i71z/VeQvF6UMB8GA1UdIwQY
MBaAFG0AUZi3RXKhVqtj8jCFiXvTzNQbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFCUm1MZEZjcUZXcTJQeU1JV0plOVBNMUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC85NzVmM2MtYWY0YS00MzdiLTg5YjEt
Mjg0ZTUxMjNlMjlmLzEvYlFCUm1MZEZjcUZXcTJQeU1JV0plOVBNMUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC85NzVmM2MtYWY0YS00MzdiLTg5YjEtMjg0ZTUxMjNlMjlm
LzEvYlFCUm1MZEZjcUZXcTJQeU1JV0plOVBNMUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfIq06R+o
ZcJmhtPs6PWJ4GzO4zDmMLNCGXPBeDjStDhtKQJF/YTo1pLBrt6ntFtTfvDKohw3
r61AYWzXQr4KlsXLhdzN4aWC8/nJ1ICb8mDI2d+Od1trsNsyKPMwObnT2aUjWBtY
vaPabfwX4Wht337CJOEnCGBdj9T23amOl+KdQj7wdWAL6xKwJTNop4CJ6JT8cFDV
AYGQljvwwXzz4wf1wRmd+eJrPcJ0KoiP3x0eHGYvvUL3esPs/BukRTCK22/Hfs5C
Rh4Eb/eTf3Se8Rcx489O+DYRoTmz/cWKqRjFr0hUApg8icMCfTGCAXObN2TtBZr2
cB731ud0GZ/RZQ==
-----END CERTIFICATE-----