Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
File:                     bLm_6TNtoFV5BgineljMq8SWhpQ.mft (raw, json)
Hash identifier:          kw7dKc9ejvi2rn00eagjRAmQ69bODA9Fev6G8tYOwEc=
Subject key identifier:   74:BD:0F:F7:DE:93:5B:C8:F2:54:9A:BD:AD:80:F0:59:59:B4:F4:07
Authority key identifier: 6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94
Certificate issuer:       /CN=6cb9bfe9336da055790608a77a58ccabc4968694
Certificate serial:       0197C2A50C7E21F10D1BB4C5BCC5D8B6A62E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
Manifest number:          0C60
Signing time:             Mon 30 Jun 2025 21:01:25 +0000
Manifest this update:     Mon 30 Jun 2025 21:01:25 +0000
Manifest next update:     Tue 01 Jul 2025 21:01:25 +0000
Files and hashes:         1: bLm_6TNtoFV5BgineljMq8SWhpQ.crl (hash: WPmggjZZbjXXDHgUroyjmFeWmTOOK7EepRxaLh8on/w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 21:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c2:a5:0c:7e:21:f1:0d:1b:b4:c5:bc:c5:d8:b6:a6:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb9bfe9336da055790608a77a58ccabc4968694
        Validity
            Not Before: Jun 30 21:01:25 2025 GMT
            Not After : Jul  1 21:01:25 2025 GMT
        Subject: CN=74bd0ff7de935bc8f2549abdad80f05959b4f407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:df:11:a3:bb:80:a2:2a:e9:02:dd:7b:dc:74:
                    39:a8:c8:7d:2e:3e:c7:e2:3e:26:9c:88:e3:77:e3:
                    80:43:5a:5b:a0:35:35:68:46:a3:ff:76:26:5d:6a:
                    90:4b:34:db:89:87:92:24:09:04:5b:c5:c8:c2:c3:
                    0b:43:2b:6c:df:70:33:26:df:8d:e2:87:6a:aa:94:
                    c8:6a:e3:42:8b:f9:30:d7:9f:07:e5:5b:2b:1b:fd:
                    e8:03:63:81:a5:d0:2c:d6:43:aa:72:8c:63:00:6c:
                    9d:37:ca:be:6d:ce:72:bd:d9:a0:9f:f8:54:4f:32:
                    1b:76:fa:97:91:b6:10:23:3a:8e:a2:b3:c8:7d:c7:
                    37:de:76:53:6c:fe:46:f6:f8:c2:13:35:50:76:3a:
                    8e:83:ed:0b:09:2d:a0:33:1f:0b:a8:4a:57:47:c4:
                    ad:9c:bc:8d:7c:ae:b6:b8:27:45:9c:b4:c2:1b:fd:
                    f7:18:7b:ec:6e:79:b4:f3:f6:8a:b6:2b:95:ed:0f:
                    8a:e2:09:b1:09:22:b9:41:62:38:6f:1b:b1:a2:54:
                    12:c8:75:0c:5e:59:a9:d6:82:1e:d4:0a:88:1e:3a:
                    95:eb:93:1f:c1:bc:ad:50:82:63:59:cf:e4:05:93:
                    21:73:10:6e:3f:b6:ed:df:04:51:ae:01:d6:9f:26:
                    16:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:BD:0F:F7:DE:93:5B:C8:F2:54:9A:BD:AD:80:F0:59:59:B4:F4:07
            X509v3 Authority Key Identifier:
                keyid:6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:e6:2e:85:b9:f3:e4:51:de:24:d7:45:f8:fd:9c:b9:d5:eb:
         aa:ec:9a:99:5e:89:10:b7:52:b6:2c:77:b7:5d:2f:8c:54:ff:
         29:90:18:82:5b:b4:e0:7c:d4:86:07:3d:0c:16:16:cd:55:70:
         2d:08:44:7a:ae:a5:e4:9f:a3:ab:19:eb:77:dd:db:4f:88:07:
         64:c2:56:88:ed:a0:1b:66:87:fd:d7:92:34:6f:80:16:96:fd:
         f4:97:11:8f:29:39:d6:11:2e:aa:aa:11:0b:25:cd:b5:96:fb:
         dd:e3:9f:78:fb:49:d1:ba:a3:40:35:db:ff:2b:41:a5:89:31:
         cc:e6:7a:a5:95:e0:da:f3:3a:39:43:a1:f1:0e:f7:04:75:f5:
         4a:f6:b6:2b:c3:02:19:a4:80:29:95:81:db:f5:0d:cb:f2:5f:
         20:82:d0:28:2c:5b:40:c2:ed:cd:15:4b:38:9f:bf:18:fe:a2:
         60:bd:f1:cc:06:e9:38:e6:7f:db:41:0e:61:e5:7c:97:9b:b7:
         9b:c3:f2:7f:8d:61:b4:66:f3:6e:d6:6f:57:e7:5b:6d:81:1e:
         1c:4a:d9:98:c5:92:e6:9a:d8:5b:1f:89:81:04:b7:22:0c:7a:
         44:44:df:30:6d:68:5c:fb:ce:5d:ac:31:74:a5:7e:ac:df:12:
         80:50:0c:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCpQx+IfENG7TFvMXYtqYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjliZmU5MzM2ZGEwNTU3OTA2MDhhNzdhNThjY2FiYzQ5
Njg2OTQwHhcNMjUwNjMwMjEwMTI1WhcNMjUwNzAxMjEwMTI1WjAzMTEwLwYDVQQD
Eyg3NGJkMGZmN2RlOTM1YmM4ZjI1NDlhYmRhZDgwZjA1OTU5YjRmNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd8Ro7uAoirpAt173HQ5qMh9Lj7H
4j4mnIjjd+OAQ1pboDU1aEaj/3YmXWqQSzTbiYeSJAkEW8XIwsMLQyts33AzJt+N
4odqqpTIauNCi/kw158H5VsrG/3oA2OBpdAs1kOqcoxjAGydN8q+bc5yvdmgn/hU
TzIbdvqXkbYQIzqOorPIfcc33nZTbP5G9vjCEzVQdjqOg+0LCS2gMx8LqEpXR8St
nLyNfK62uCdFnLTCG/33GHvsbnm08/aKtiuV7Q+K4gmxCSK5QWI4bxuxolQSyHUM
Xlmp1oIe1AqIHjqV65MfwbytUIJjWc/kBZMhcxBuP7bt3wRRrgHWnyYWJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHS9D/fek1vI8lSava2A8FlZtPQHMB8GA1UdIwQY
MBaAFGy5v+kzbaBVeQYIp3pYzKvEloaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzIt
Y2ZkMDBkZDgyN2VlLzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzItY2ZkMDBkZDgyN2Vl
LzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQOYuhbnz
5FHeJNdF+P2cudXrquyamV6JELdStix3t10vjFT/KZAYglu04HzUhgc9DBYWzVVw
LQhEeq6l5J+jqxnrd93bT4gHZMJWiO2gG2aH/deSNG+AFpb99JcRjyk51hEuqqoR
CyXNtZb73eOfePtJ0bqjQDXb/ytBpYkxzOZ6pZXg2vM6OUOh8Q73BHX1Sva2K8MC
GaSAKZWB2/UNy/JfIILQKCxbQMLtzRVLOJ+/GP6iYL3xzAbpOOZ/20EOYeV8l5u3
m8Pyf41htGbzbtZvV+dbbYEeHErZmMWS5prYWx+JgQS3Igx6RETfMG1oXPvOXawx
dKV+rN8SgFAMaA==
-----END CERTIFICATE-----