Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
File:                     bLm_6TNtoFV5BgineljMq8SWhpQ.mft (raw, json)
Hash identifier:          yBmvY+C5Az2qtqOuzlG4eMYkQFmu3ipbvtbySxIHWNQ=
Subject key identifier:   0E:C3:9C:8B:52:0B:D4:17:8A:4D:75:AE:93:7B:E2:F3:F4:B1:12:00
Authority key identifier: 6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94
Certificate issuer:       /CN=6cb9bfe9336da055790608a77a58ccabc4968694
Certificate serial:       0196BBFFDDEEA31FABA89792A4E0D3A08701
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
Manifest number:          0BD8
Signing time:             Sat 10 May 2025 21:00:29 +0000
Manifest this update:     Sat 10 May 2025 21:00:29 +0000
Manifest next update:     Sun 11 May 2025 21:00:29 +0000
Files and hashes:         1: bLm_6TNtoFV5BgineljMq8SWhpQ.crl (hash: UZn+KpB49tIiEOONiFBlkptlNX38qHGaIz3r3m1V5W8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 21:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:ff:dd:ee:a3:1f:ab:a8:97:92:a4:e0:d3:a0:87:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb9bfe9336da055790608a77a58ccabc4968694
        Validity
            Not Before: May 10 21:00:29 2025 GMT
            Not After : May 11 21:00:29 2025 GMT
        Subject: CN=0ec39c8b520bd4178a4d75ae937be2f3f4b11200
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2b:ed:01:27:ef:7a:fe:b2:31:58:ee:88:0a:
                    87:0a:0a:4b:9b:e4:42:7f:5d:15:42:59:aa:0f:55:
                    e0:3c:15:02:fe:b0:6d:34:81:1d:af:38:c2:5b:8f:
                    ee:29:1b:14:45:25:0a:c6:7c:9b:97:23:82:d8:d4:
                    8d:90:ba:50:4b:0c:a9:b8:e0:e2:66:ff:e1:b3:21:
                    f0:40:cd:98:14:6d:82:65:83:b5:ec:32:fd:c5:b3:
                    5f:ba:60:be:78:4b:93:b1:4b:d7:21:d9:09:31:9f:
                    de:ab:f7:0c:0b:7e:a4:52:c5:d2:70:3e:72:64:e1:
                    d3:a6:fa:5d:5e:98:d2:3e:a4:4d:4d:be:0c:14:76:
                    36:5d:4c:1d:27:e3:cb:9e:0c:50:14:45:fc:1b:c8:
                    ef:73:96:86:d8:e0:51:93:6b:e0:be:1e:63:85:30:
                    ee:e0:09:a5:e9:9f:5d:14:9a:33:34:66:76:5a:d7:
                    e1:b7:70:76:44:94:f1:6f:91:fb:96:2c:26:ed:12:
                    a4:46:c1:27:8f:9e:61:3d:9e:b9:04:03:1c:dc:bc:
                    1e:35:7e:be:1a:f3:8a:3c:b8:a0:6a:4a:47:6b:51:
                    c0:84:a3:d7:cb:85:1e:7b:47:f3:29:f7:05:05:28:
                    fd:bb:10:97:42:71:45:2b:dd:c5:a0:e6:cd:d1:8c:
                    51:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C3:9C:8B:52:0B:D4:17:8A:4D:75:AE:93:7B:E2:F3:F4:B1:12:00
            X509v3 Authority Key Identifier:
                keyid:6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:e4:6f:db:d8:68:de:df:54:29:30:8b:45:da:b1:5f:fd:48:
         e5:a0:c2:52:b8:38:b8:13:cb:d0:77:98:08:e5:92:8a:af:a6:
         b3:0e:7c:09:5d:e9:cb:c6:0e:06:b2:cd:ff:d7:56:96:10:86:
         b2:09:cc:66:ed:ea:04:22:fd:0e:92:fe:8b:30:da:b5:2a:0a:
         fd:bc:e6:61:ab:90:06:b8:1c:99:d6:24:a2:7d:2e:d8:2f:d7:
         06:ac:b2:6a:82:1d:d3:d5:d3:ac:f0:11:e6:39:ce:eb:7a:a4:
         23:d0:10:51:9c:40:e4:07:67:59:ff:fb:5a:b6:96:b8:5a:40:
         db:34:41:f1:e4:f7:2c:2b:89:73:ae:01:8a:12:cf:13:da:4d:
         18:1c:2e:64:36:ba:02:e8:4a:fa:67:1c:67:68:73:39:89:16:
         16:ab:09:40:64:ed:a3:c9:07:56:d8:ee:ce:3b:c5:aa:cf:e5:
         d2:47:ff:36:c7:79:f5:d4:8f:b4:13:cb:c2:37:36:bf:e8:32:
         cc:c2:fa:2a:78:33:e7:bf:25:25:97:b9:10:f9:c9:a2:21:dc:
         40:ff:cc:41:e1:b3:15:ae:87:be:60:0f:6b:a6:fc:3f:2e:b3:
         12:6e:99:e0:ac:d1:e9:b1:05:e3:4c:91:68:1f:d5:aa:36:c3:
         7b:db:5e:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7/93uox+rqJeSpODToIcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjliZmU5MzM2ZGEwNTU3OTA2MDhhNzdhNThjY2FiYzQ5
Njg2OTQwHhcNMjUwNTEwMjEwMDI5WhcNMjUwNTExMjEwMDI5WjAzMTEwLwYDVQQD
EygwZWMzOWM4YjUyMGJkNDE3OGE0ZDc1YWU5MzdiZTJmM2Y0YjExMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSvtASfvev6yMVjuiAqHCgpLm+RC
f10VQlmqD1XgPBUC/rBtNIEdrzjCW4/uKRsURSUKxnyblyOC2NSNkLpQSwypuODi
Zv/hsyHwQM2YFG2CZYO17DL9xbNfumC+eEuTsUvXIdkJMZ/eq/cMC36kUsXScD5y
ZOHTpvpdXpjSPqRNTb4MFHY2XUwdJ+PLngxQFEX8G8jvc5aG2OBRk2vgvh5jhTDu
4Aml6Z9dFJozNGZ2Wtfht3B2RJTxb5H7liwm7RKkRsEnj55hPZ65BAMc3LweNX6+
GvOKPLigakpHa1HAhKPXy4Uee0fzKfcFBSj9uxCXQnFFK93FoObN0YxRWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7DnItSC9QXik11rpN74vP0sRIAMB8GA1UdIwQY
MBaAFGy5v+kzbaBVeQYIp3pYzKvEloaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzIt
Y2ZkMDBkZDgyN2VlLzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzItY2ZkMDBkZDgyN2Vl
LzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYeRv29ho
3t9UKTCLRdqxX/1I5aDCUrg4uBPL0HeYCOWSiq+msw58CV3py8YOBrLN/9dWlhCG
sgnMZu3qBCL9DpL+izDatSoK/bzmYauQBrgcmdYkon0u2C/XBqyyaoId09XTrPAR
5jnO63qkI9AQUZxA5AdnWf/7WraWuFpA2zRB8eT3LCuJc64BihLPE9pNGBwuZDa6
AuhK+mccZ2hzOYkWFqsJQGTto8kHVtjuzjvFqs/l0kf/Nsd59dSPtBPLwjc2v+gy
zML6Kngz578lJZe5EPnJoiHcQP/MQeGzFa6HvmAPa6b8Py6zEm6Z4KzR6bEF40yR
aB/VqjbDe9teeA==
-----END CERTIFICATE-----