Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          ETWQsBovwHKBNiMBZGQFUg8+v3czB024hYmS7gPT1G4=
Subject key identifier:   4F:6F:13:39:3C:2F:72:7D:CD:0F:71:40:DF:81:8B:B2:6F:49:A7:9D
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       0198D660EDC7B09A704D4FE6ABF2225008DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          0D82
Signing time:             Sat 23 Aug 2025 10:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:12 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: 3zaPtMEbc5Q+QWsj7ofrPO2Qd+blG9GSUWD/ZJBQJ1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:ed:c7:b0:9a:70:4d:4f:e6:ab:f2:22:50:08:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Aug 23 10:02:12 2025 GMT
            Not After : Aug 24 10:02:12 2025 GMT
        Subject: CN=4f6f13393c2f727dcd0f7140df818bb26f49a79d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4e:3b:4d:fe:f7:60:2b:67:ff:d8:8b:31:30:
                    b1:fa:80:5a:c6:6b:a2:d5:12:0a:1f:f9:64:d8:5e:
                    91:89:34:77:78:4e:49:6e:a9:43:80:cf:31:54:3f:
                    cf:d5:a5:38:6d:76:d5:47:31:5b:a5:7a:15:d3:59:
                    54:8d:84:15:77:bd:5d:13:4f:e8:5b:ee:36:ab:6d:
                    1a:2f:25:26:6d:77:51:32:2a:c5:bd:1f:6d:60:e6:
                    7e:96:77:f8:72:d3:71:82:3c:45:70:fd:48:31:61:
                    b0:c3:31:18:11:e7:0c:59:9a:a8:35:e4:3f:85:bf:
                    91:08:4c:04:95:cf:73:23:42:04:bd:d3:a6:73:c8:
                    aa:80:11:c4:49:b7:a1:91:cf:38:25:25:0e:c5:d6:
                    a8:7c:b2:ca:cd:73:11:56:4a:8c:d1:fb:f1:e7:66:
                    e7:bd:69:5f:aa:76:9a:fa:c0:ab:46:f2:e9:a6:3d:
                    43:e4:83:d6:3f:41:04:24:b2:31:81:0d:7e:cd:71:
                    d8:26:4e:32:5f:53:aa:b8:a2:88:88:35:b8:1c:92:
                    51:26:9c:c6:93:1d:2b:ab:9d:f3:10:22:b4:b0:09:
                    e2:3e:32:68:f7:c4:f5:19:a9:ab:83:a8:e0:e5:3c:
                    61:44:2a:5a:af:58:5f:63:7d:03:13:68:86:c0:2c:
                    55:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:6F:13:39:3C:2F:72:7D:CD:0F:71:40:DF:81:8B:B2:6F:49:A7:9D
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:17:5b:3b:22:b0:38:67:8b:d3:0a:b9:b3:1a:7c:66:00:e5:
         d0:20:fb:7c:29:57:22:57:33:85:ea:b7:00:b8:df:cd:24:ad:
         ab:0b:97:9a:31:26:6d:31:fe:53:3b:64:2a:f8:ee:20:34:01:
         e7:11:5e:d4:da:18:0d:a4:0d:01:32:72:40:10:44:f7:59:fb:
         cc:ad:03:b7:1e:3f:15:e3:da:73:98:35:af:13:a6:88:1c:40:
         da:ba:ee:93:06:60:88:4e:61:87:26:ac:dd:67:8d:de:11:b5:
         ec:eb:65:05:b1:3d:a9:18:c0:67:04:66:9b:f5:69:af:3d:aa:
         27:75:ad:8f:87:73:84:15:35:8e:fc:c5:29:f6:d8:d6:c5:9c:
         81:83:31:a4:ec:bc:95:55:c5:08:0a:52:32:3d:ff:d3:f3:6f:
         3a:1c:e0:ed:25:db:9f:f9:ff:87:be:83:a1:b8:cd:dc:12:9e:
         fa:f0:6a:a9:5e:ee:04:a8:49:46:12:89:8d:1f:a5:a0:65:f0:
         3c:a1:49:91:ee:bc:cc:53:23:48:a6:ae:a7:48:1a:61:c3:63:
         f5:17:07:90:ba:84:af:aa:c9:c5:8c:df:27:bd:3b:bc:80:91:
         e5:11:54:13:ab:7f:1d:05:f3:54:8b:32:80:7c:1c:03:9d:7a:
         27:64:6e:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYO3HsJpwTU/mq/IiUAjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjUwODIzMTAwMjEyWhcNMjUwODI0MTAwMjEyWjAzMTEwLwYDVQQD
Eyg0ZjZmMTMzOTNjMmY3MjdkY2QwZjcxNDBkZjgxOGJiMjZmNDlhNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk47Tf73YCtn/9iLMTCx+oBaxmui
1RIKH/lk2F6RiTR3eE5JbqlDgM8xVD/P1aU4bXbVRzFbpXoV01lUjYQVd71dE0/o
W+42q20aLyUmbXdRMirFvR9tYOZ+lnf4ctNxgjxFcP1IMWGwwzEYEecMWZqoNeQ/
hb+RCEwElc9zI0IEvdOmc8iqgBHESbehkc84JSUOxdaofLLKzXMRVkqM0fvx52bn
vWlfqnaa+sCrRvLppj1D5IPWP0EEJLIxgQ1+zXHYJk4yX1OquKKIiDW4HJJRJpzG
kx0rq53zECK0sAniPjJo98T1Gamrg6jg5TxhRCpar1hfY30DE2iGwCxVvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9vEzk8L3J9zQ9xQN+Bi7JvSaedMB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXRdbOyKw
OGeL0wq5sxp8ZgDl0CD7fClXIlczheq3ALjfzSStqwuXmjEmbTH+UztkKvjuIDQB
5xFe1NoYDaQNATJyQBBE91n7zK0Dtx4/FePac5g1rxOmiBxA2rrukwZgiE5hhyas
3WeN3hG17OtlBbE9qRjAZwRmm/Vprz2qJ3Wtj4dzhBU1jvzFKfbY1sWcgYMxpOy8
lVXFCApSMj3/0/NvOhzg7SXbn/n/h76DobjN3BKe+vBqqV7uBKhJRhKJjR+loGXw
PKFJke68zFMjSKaup0gaYcNj9RcHkLqEr6rJxYzfJ707vICR5RFUE6t/HQXzVIsy
gHwcA516J2RuMw==
-----END CERTIFICATE-----