Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
File:                     bLm_6TNtoFV5BgineljMq8SWhpQ.mft (raw, json)
Hash identifier:          4b9y1Jt5SQ6NEjmtcPCAXqvUM3QppU6aEaPg/xAjHE0=
Subject key identifier:   B0:D6:67:6B:88:B3:4F:CE:14:AC:37:DE:AD:28:CE:C1:21:5B:51:B5
Authority key identifier: 6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94
Certificate issuer:       /CN=6cb9bfe9336da055790608a77a58ccabc4968694
Certificate serial:       0199FC58C24451586CA958BF936A4E92FB95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
Manifest number:          0D87
Signing time:             Sun 19 Oct 2025 12:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:39 +0000
Files and hashes:         1: bLm_6TNtoFV5BgineljMq8SWhpQ.crl (hash: 7jxZftLWBeksmTQO0+Y0z8bYs+7juY9nUtjvGgRldz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:c2:44:51:58:6c:a9:58:bf:93:6a:4e:92:fb:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb9bfe9336da055790608a77a58ccabc4968694
        Validity
            Not Before: Oct 19 12:01:39 2025 GMT
            Not After : Oct 20 12:01:39 2025 GMT
        Subject: CN=b0d6676b88b34fce14ac37dead28cec1215b51b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6c:85:71:c6:40:38:c0:55:6f:6c:d2:1a:b5:
                    4a:de:27:55:9b:63:6a:9b:ae:21:e9:ff:c0:5c:6d:
                    51:12:ee:fc:a6:b3:85:b7:ab:39:99:5d:2c:4a:c1:
                    b5:f1:19:99:0c:9b:a5:35:8a:4a:b4:08:1b:e9:ec:
                    70:a3:55:f8:9f:b3:87:66:d4:78:2f:e7:91:d2:9c:
                    11:f0:5a:a3:dd:24:fa:a0:d4:0d:64:d5:33:57:d1:
                    ac:87:cb:af:d0:28:8a:5c:8c:f1:ab:89:4d:a5:d6:
                    92:43:3d:14:0b:f7:a1:71:46:28:be:77:0b:a7:0d:
                    63:66:9f:53:4e:11:ca:7f:8d:6e:69:82:57:18:c5:
                    4f:d2:f6:18:32:a1:05:5a:5d:ce:a0:ed:76:59:66:
                    80:a6:fc:e5:90:f2:15:5c:e5:fa:c0:02:10:8e:a7:
                    b0:a0:ac:a0:bf:03:84:43:83:0c:f7:4e:d5:42:47:
                    24:17:8a:ee:7a:df:51:e8:df:29:a7:74:fb:99:2e:
                    85:02:3a:66:9b:ef:ba:5b:41:7f:d0:7d:ed:98:43:
                    0f:77:6a:d8:ea:01:54:06:cc:dc:9b:ce:02:f5:62:
                    20:06:15:6d:14:13:0a:2e:27:7e:40:23:fa:d4:ec:
                    a8:58:dc:84:43:2f:c6:4d:be:12:58:d8:e2:60:3e:
                    1e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D6:67:6B:88:B3:4F:CE:14:AC:37:DE:AD:28:CE:C1:21:5B:51:B5
            X509v3 Authority Key Identifier:
                keyid:6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:b4:f7:42:70:db:aa:d6:c9:55:6a:ca:b0:95:3f:d8:e6:16:
         b0:36:42:42:8a:9e:05:77:e8:46:5f:09:df:86:c3:8e:80:9a:
         f9:cb:dc:bb:28:15:1f:f6:b6:6d:ed:01:25:a6:05:a4:4a:aa:
         19:25:f6:dd:66:bd:0e:e3:7f:bc:39:92:35:39:ff:3c:c1:91:
         73:04:02:f8:7f:65:5d:0b:ac:7d:d2:2d:b6:70:12:54:92:c4:
         67:cb:aa:8d:1d:31:a0:e1:c0:e6:44:fe:49:0d:09:d7:92:d1:
         b0:70:27:83:a1:83:7e:28:1d:d5:95:5a:29:a1:3e:59:b1:c6:
         b2:9e:83:8d:58:eb:83:62:fd:23:4d:04:52:9e:e6:b6:57:dc:
         c1:bb:fd:a6:9d:ff:f7:35:f5:ed:27:66:00:b3:0f:03:65:d1:
         0c:87:51:3e:4c:74:75:e4:c8:14:64:10:f7:be:62:53:d0:87:
         ff:4a:82:0d:fd:72:ef:00:ac:ab:e2:09:4f:a9:ed:c6:27:db:
         c7:f3:9a:b4:8e:99:c9:f8:ac:9c:8d:2d:99:09:be:93:48:5c:
         a0:ca:07:7c:6f:3e:e4:1b:b8:6d:fd:3b:d6:4e:d9:3c:7d:a7:
         29:67:8b:c5:22:c1:c2:6e:77:a5:1c:17:7b:b3:d0:b3:3e:c2:
         68:0d:4f:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WMJEUVhsqVi/k2pOkvuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjliZmU5MzM2ZGEwNTU3OTA2MDhhNzdhNThjY2FiYzQ5
Njg2OTQwHhcNMjUxMDE5MTIwMTM5WhcNMjUxMDIwMTIwMTM5WjAzMTEwLwYDVQQD
EyhiMGQ2Njc2Yjg4YjM0ZmNlMTRhYzM3ZGVhZDI4Y2VjMTIxNWI1MWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWyFccZAOMBVb2zSGrVK3idVm2Nq
m64h6f/AXG1REu78prOFt6s5mV0sSsG18RmZDJulNYpKtAgb6exwo1X4n7OHZtR4
L+eR0pwR8Fqj3ST6oNQNZNUzV9Gsh8uv0CiKXIzxq4lNpdaSQz0UC/ehcUYovncL
pw1jZp9TThHKf41uaYJXGMVP0vYYMqEFWl3OoO12WWaApvzlkPIVXOX6wAIQjqew
oKygvwOEQ4MM907VQkckF4ruet9R6N8pp3T7mS6FAjpmm++6W0F/0H3tmEMPd2rY
6gFUBszcm84C9WIgBhVtFBMKLid+QCP61OyoWNyEQy/GTb4SWNjiYD4eMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDWZ2uIs0/OFKw33q0ozsEhW1G1MB8GA1UdIwQY
MBaAFGy5v+kzbaBVeQYIp3pYzKvEloaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzIt
Y2ZkMDBkZDgyN2VlLzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzItY2ZkMDBkZDgyN2Vl
LzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAarT3QnDb
qtbJVWrKsJU/2OYWsDZCQoqeBXfoRl8J34bDjoCa+cvcuygVH/a2be0BJaYFpEqq
GSX23Wa9DuN/vDmSNTn/PMGRcwQC+H9lXQusfdIttnASVJLEZ8uqjR0xoOHA5kT+
SQ0J15LRsHAng6GDfigd1ZVaKaE+WbHGsp6DjVjrg2L9I00EUp7mtlfcwbv9pp3/
9zX17SdmALMPA2XRDIdRPkx0deTIFGQQ975iU9CH/0qCDf1y7wCsq+IJT6ntxifb
x/OatI6ZyfisnI0tmQm+k0hcoMoHfG8+5Bu4bf071k7ZPH2nKWeLxSLBwm53pRwX
e7PQsz7CaA1PlQ==
-----END CERTIFICATE-----