Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
File:                     bLm_6TNtoFV5BgineljMq8SWhpQ.mft (raw, json)
Hash identifier:          KlRy0lQTClBYxSRBH1a0Q8p/ZdPd4wAAlBMT6fLBz0c=
Subject key identifier:   EE:2A:3F:35:CA:7A:72:BE:AE:75:1E:B5:81:EA:F4:C9:78:AC:BC:59
Authority key identifier: 6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94
Certificate issuer:       /CN=6cb9bfe9336da055790608a77a58ccabc4968694
Certificate serial:       0198D4E064C9C8355A870F30EA7FE4FAA111
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
Manifest number:          0CEE
Signing time:             Sat 23 Aug 2025 03:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:12 +0000
Files and hashes:         1: bLm_6TNtoFV5BgineljMq8SWhpQ.crl (hash: cmipeIhufGcb/E7KLHGe94rovmEtCOLpu60FSkjw+bY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:64:c9:c8:35:5a:87:0f:30:ea:7f:e4:fa:a1:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb9bfe9336da055790608a77a58ccabc4968694
        Validity
            Not Before: Aug 23 03:02:12 2025 GMT
            Not After : Aug 24 03:02:12 2025 GMT
        Subject: CN=ee2a3f35ca7a72beae751eb581eaf4c978acbc59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:9e:b1:d6:d4:63:41:62:4b:b1:e6:67:9c:21:
                    29:23:95:d1:0a:27:c0:78:cb:5a:8d:8a:24:44:da:
                    fa:fe:da:e2:48:54:7d:a8:40:8c:2e:41:cf:8f:16:
                    9e:38:96:27:18:78:07:6d:d1:33:4c:0f:fb:cc:f7:
                    29:f2:67:a2:e4:1c:3c:19:a3:4a:2a:f2:7f:0d:b2:
                    9a:e8:53:ec:5a:27:30:6a:33:72:95:24:44:16:43:
                    a5:8c:f8:4e:61:69:d1:71:1c:39:59:51:4f:71:9a:
                    2d:8a:09:b5:59:78:79:c4:a9:c0:14:d2:f8:60:b8:
                    a3:44:e0:6c:99:4e:34:b5:2a:83:e3:00:5e:0e:94:
                    6a:96:dc:06:c4:9c:bd:b7:94:0f:ab:8a:3d:64:00:
                    43:ac:99:e6:31:99:41:ba:30:23:78:9b:90:0d:2b:
                    b9:bb:49:b1:ef:29:90:94:f5:ce:86:a3:c4:e6:e7:
                    61:5c:a9:2b:de:27:1f:9a:4b:55:f8:e8:c0:6a:e3:
                    da:f3:24:12:ad:2e:b8:e7:57:a0:e4:af:19:b5:9b:
                    9d:f8:35:4e:90:8c:50:16:e3:39:a2:36:8f:a8:a2:
                    e0:4e:90:66:c8:f3:89:60:c1:e3:94:68:7a:0b:aa:
                    4c:07:d3:f1:7e:6d:67:e3:fb:9f:8d:d7:67:ba:5e:
                    d0:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:2A:3F:35:CA:7A:72:BE:AE:75:1E:B5:81:EA:F4:C9:78:AC:BC:59
            X509v3 Authority Key Identifier:
                keyid:6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:ec:29:4f:cd:52:c3:4d:98:10:c3:e4:87:7b:1c:ae:ee:b0:
         b7:ee:07:51:e9:7d:8a:a4:63:ba:96:71:11:8e:18:30:01:b4:
         43:5b:01:69:9d:5b:ec:f6:9b:e7:c8:e2:c1:19:65:a1:04:fc:
         ba:7e:3b:27:7a:90:02:0c:a1:34:85:f5:67:ad:5e:a9:36:f6:
         bb:d9:31:93:aa:b2:1a:09:e6:1e:cf:89:f0:23:29:16:ae:8f:
         aa:c1:98:16:9c:49:da:80:d8:c0:f0:07:7d:00:50:7d:bf:3d:
         cf:49:6e:c6:9f:f1:2e:36:47:ec:95:66:52:3e:2a:b6:4b:bc:
         5c:9d:d6:01:c5:e8:a3:b8:fe:2d:99:27:30:1a:c7:af:9a:d1:
         f6:31:5e:f1:e8:29:d7:fc:6a:07:26:e5:9c:a9:75:db:3e:cb:
         cf:d2:a8:69:3c:b7:d1:1e:9f:94:c0:b8:87:31:b3:78:36:93:
         2f:e1:95:e6:05:f4:83:86:11:6e:48:91:dc:c9:b1:84:17:13:
         a2:fc:7c:15:6d:24:a8:a9:62:1b:07:b9:17:cb:48:2e:41:b1:
         b6:39:92:c2:43:73:7e:af:1f:5f:34:29:2c:ba:3e:71:4e:f4:
         6b:07:27:0b:1e:8d:f5:fc:c4:09:50:ec:e6:b9:e2:82:b8:7d:
         11:68:b4:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4GTJyDVahw8w6n/k+qERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjliZmU5MzM2ZGEwNTU3OTA2MDhhNzdhNThjY2FiYzQ5
Njg2OTQwHhcNMjUwODIzMDMwMjEyWhcNMjUwODI0MDMwMjEyWjAzMTEwLwYDVQQD
EyhlZTJhM2YzNWNhN2E3MmJlYWU3NTFlYjU4MWVhZjRjOTc4YWNiYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg56x1tRjQWJLseZnnCEpI5XRCifA
eMtajYokRNr6/triSFR9qECMLkHPjxaeOJYnGHgHbdEzTA/7zPcp8mei5Bw8GaNK
KvJ/DbKa6FPsWicwajNylSREFkOljPhOYWnRcRw5WVFPcZotigm1WXh5xKnAFNL4
YLijROBsmU40tSqD4wBeDpRqltwGxJy9t5QPq4o9ZABDrJnmMZlBujAjeJuQDSu5
u0mx7ymQlPXOhqPE5udhXKkr3icfmktV+OjAauPa8yQSrS6451eg5K8ZtZud+DVO
kIxQFuM5ojaPqKLgTpBmyPOJYMHjlGh6C6pMB9Pxfm1n4/ufjddnul7Q3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO4qPzXKenK+rnUetYHq9Ml4rLxZMB8GA1UdIwQY
MBaAFGy5v+kzbaBVeQYIp3pYzKvEloaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzIt
Y2ZkMDBkZDgyN2VlLzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzItY2ZkMDBkZDgyN2Vl
LzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlOwpT81S
w02YEMPkh3scru6wt+4HUel9iqRjupZxEY4YMAG0Q1sBaZ1b7Pab58jiwRlloQT8
un47J3qQAgyhNIX1Z61eqTb2u9kxk6qyGgnmHs+J8CMpFq6PqsGYFpxJ2oDYwPAH
fQBQfb89z0luxp/xLjZH7JVmUj4qtku8XJ3WAcXoo7j+LZknMBrHr5rR9jFe8egp
1/xqByblnKl12z7Lz9KoaTy30R6flMC4hzGzeDaTL+GV5gX0g4YRbkiR3MmxhBcT
ovx8FW0kqKliGwe5F8tILkGxtjmSwkNzfq8fXzQpLLo+cU70awcnCx6N9fzECVDs
5rnigrh9EWi0KA==
-----END CERTIFICATE-----