Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          k/DN94YnGGRmHcZwwWjuAE1E+RzRWPEsZWR+dtyJZpA=
Subject key identifier:   EA:B1:6C:1F:9F:18:C3:FD:CC:F6:51:DC:A0:14:8E:45:A0:27:94:F3
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       0196B9A379EF88F7F001A4FC7D83C5613CF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0CBF
Signing time:             Sat 10 May 2025 10:00:20 +0000
Manifest this update:     Sat 10 May 2025 10:00:20 +0000
Manifest next update:     Sun 11 May 2025 10:00:20 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: jcTMCdySb21nkqTrALv1wK7jTTGUS2thHI46n1A+w2U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:79:ef:88:f7:f0:01:a4:fc:7d:83:c5:61:3c:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: May 10 10:00:20 2025 GMT
            Not After : May 11 10:00:20 2025 GMT
        Subject: CN=eab16c1f9f18c3fdccf651dca0148e45a02794f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5a:20:4f:4f:17:8c:90:c9:0a:03:19:89:12:
                    ec:c1:ec:40:e4:c7:e8:87:54:33:e8:d4:6c:02:55:
                    9b:2f:16:03:67:4d:8d:3c:8f:fd:cc:25:f8:ef:8b:
                    49:b7:08:a0:64:80:21:e6:ae:dc:80:7b:ef:2c:d8:
                    c8:f1:10:26:04:d0:32:40:c3:aa:68:44:eb:08:19:
                    0f:bc:10:79:52:d5:75:ea:e1:e4:b4:c5:d4:12:7d:
                    82:69:55:1b:03:d9:67:ed:c3:e7:7c:f8:68:3e:ab:
                    d7:53:7a:6e:ea:e3:df:3a:79:da:2b:a4:ea:1f:36:
                    41:c5:92:ca:b5:f3:1e:b4:b3:be:a9:cc:c9:01:80:
                    d7:1b:1c:a1:b6:99:1d:36:6e:1d:e1:b4:01:2d:0c:
                    6c:c1:40:32:62:04:ed:50:fe:40:92:ec:af:84:86:
                    29:22:0c:bb:68:b6:0a:18:72:3f:69:d5:0f:1c:90:
                    06:02:dd:23:ad:3b:3b:75:02:05:af:b6:0e:34:be:
                    26:e9:68:14:25:86:e0:70:90:bb:8f:e7:b5:13:db:
                    3b:2e:27:40:23:c4:01:69:ab:59:89:c7:66:53:16:
                    bb:24:6f:ea:31:c2:9b:19:c8:1d:a0:d1:08:92:a1:
                    5a:73:05:28:ac:5c:78:61:c1:38:6c:c2:42:50:bd:
                    9b:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:B1:6C:1F:9F:18:C3:FD:CC:F6:51:DC:A0:14:8E:45:A0:27:94:F3
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:d9:71:0f:71:53:7f:a9:26:57:cd:11:e9:d9:7b:1a:57:d8:
         d4:92:d3:48:2d:50:e6:8c:f8:b0:12:22:b9:50:02:fe:b9:99:
         90:e7:6e:d5:a7:aa:2c:80:f9:4c:00:17:4e:6f:33:b0:67:4f:
         62:e9:76:69:18:68:59:ce:cd:d8:98:59:93:95:cf:5f:ff:66:
         e8:ba:7b:df:72:db:c9:17:57:00:11:5b:d2:79:dd:c2:29:61:
         11:8b:d3:a0:d2:24:24:2f:64:c5:24:21:d1:ea:90:09:29:82:
         53:c0:5f:c7:95:89:53:15:dc:42:c7:f6:1a:3b:d9:33:ae:f4:
         84:c1:be:47:b0:96:4c:28:45:64:26:0d:9c:d4:64:db:cf:c7:
         5f:57:27:3f:51:0d:89:94:00:31:f2:ef:77:b9:22:a1:13:60:
         41:8c:b9:74:76:9a:40:c3:4f:7c:62:10:5b:fe:db:9e:bf:a2:
         34:8e:62:ca:2d:6f:8c:10:31:7c:31:33:54:1e:8d:33:36:bf:
         eb:0c:fc:d2:45:42:66:ad:9a:c8:79:52:19:af:a7:78:a9:93:
         26:bf:43:9a:08:4a:3d:10:e3:c6:77:89:b7:8e:33:2c:ff:a8:
         61:e0:0d:54:43:30:39:d8:b9:02:a0:96:10:2a:59:f1:a2:1b:
         df:95:2d:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o3nviPfwAaT8fYPFYTz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUwNTEwMTAwMDIwWhcNMjUwNTExMTAwMDIwWjAzMTEwLwYDVQQD
EyhlYWIxNmMxZjlmMThjM2ZkY2NmNjUxZGNhMDE0OGU0NWEwMjc5NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FogT08XjJDJCgMZiRLswexA5Mfo
h1Qz6NRsAlWbLxYDZ02NPI/9zCX474tJtwigZIAh5q7cgHvvLNjI8RAmBNAyQMOq
aETrCBkPvBB5UtV16uHktMXUEn2CaVUbA9ln7cPnfPhoPqvXU3pu6uPfOnnaK6Tq
HzZBxZLKtfMetLO+qczJAYDXGxyhtpkdNm4d4bQBLQxswUAyYgTtUP5AkuyvhIYp
Igy7aLYKGHI/adUPHJAGAt0jrTs7dQIFr7YONL4m6WgUJYbgcJC7j+e1E9s7LidA
I8QBaatZicdmUxa7JG/qMcKbGcgdoNEIkqFacwUorFx4YcE4bMJCUL2beQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqxbB+fGMP9zPZR3KAUjkWgJ5TzMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFNlxD3FT
f6kmV80R6dl7GlfY1JLTSC1Q5oz4sBIiuVAC/rmZkOdu1aeqLID5TAAXTm8zsGdP
Yul2aRhoWc7N2JhZk5XPX/9m6Lp733LbyRdXABFb0nndwilhEYvToNIkJC9kxSQh
0eqQCSmCU8Bfx5WJUxXcQsf2GjvZM670hMG+R7CWTChFZCYNnNRk28/HX1cnP1EN
iZQAMfLvd7kioRNgQYy5dHaaQMNPfGIQW/7bnr+iNI5iyi1vjBAxfDEzVB6NMza/
6wz80kVCZq2ayHlSGa+neKmTJr9DmghKPRDjxneJt44zLP+oYeANVEMwOdi5AqCW
ECpZ8aIb35UtDw==
-----END CERTIFICATE-----