Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          Az+UMFASjf8lbauFleQNSBk6Zyiv3TEQ56Lhe/OHDQU=
Subject key identifier:   86:C0:A7:E3:4C:C7:BA:30:1E:67:25:27:44:8C:B5:7D:ED:64:C8:13
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       0197C6813B4D1EE1CD17DC26B967B6336A97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          15B9
Signing time:             Tue 01 Jul 2025 15:00:47 +0000
Manifest this update:     Tue 01 Jul 2025 15:00:47 +0000
Manifest next update:     Wed 02 Jul 2025 15:00:47 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: fSGks4h8/wqw0kOR8r0QQk/c6RpSgMUfYvWZxGyHbPQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 15:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:81:3b:4d:1e:e1:cd:17:dc:26:b9:67:b6:33:6a:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: Jul  1 15:00:47 2025 GMT
            Not After : Jul  2 15:00:47 2025 GMT
        Subject: CN=86c0a7e34cc7ba301e672527448cb57ded64c813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:77:9d:3f:38:ee:ba:89:1d:03:fd:3d:1e:21:
                    0a:e7:38:fd:c4:22:dc:74:18:23:9f:33:bf:74:1a:
                    21:35:50:a3:67:c7:98:fb:7b:38:3d:6a:0b:99:22:
                    dd:fb:08:85:fa:c2:6d:5d:7a:af:94:1e:74:94:de:
                    da:3d:80:e5:b0:20:9e:29:3b:29:bd:b6:a1:dd:b0:
                    99:08:7f:73:61:d7:b5:61:18:cc:bb:04:51:e6:98:
                    55:86:3d:6e:ad:7d:08:46:9c:2c:00:8d:28:5a:fa:
                    4e:37:6f:47:06:f8:b8:ee:32:e3:af:66:7b:c3:83:
                    2d:f5:22:18:ec:aa:ae:db:44:4a:ff:7c:41:37:5f:
                    a7:05:ee:01:4c:78:ac:de:4d:6a:61:76:ee:c6:93:
                    74:f3:98:0f:e7:ad:c4:4d:dc:43:fb:e5:6c:89:fa:
                    4e:04:d1:77:64:ed:b4:83:bb:ff:28:91:be:fc:0c:
                    2d:75:30:9d:54:92:7c:ec:82:36:14:63:e8:f4:8b:
                    c5:d8:c6:30:7d:34:2b:cd:92:04:56:be:85:20:fe:
                    3c:ab:5c:68:cd:01:e8:61:03:50:33:70:0b:e6:82:
                    e3:f8:6a:94:52:27:9f:52:bf:23:63:39:77:7e:99:
                    f5:b5:aa:30:5c:de:71:fd:18:6b:98:74:23:fc:35:
                    11:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C0:A7:E3:4C:C7:BA:30:1E:67:25:27:44:8C:B5:7D:ED:64:C8:13
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:bb:8b:87:80:d8:70:6c:7e:ff:02:06:04:f6:fd:9e:10:24:
         b8:ff:9d:40:04:e9:85:4c:11:4a:d7:83:e4:27:89:cc:4f:c7:
         1e:78:66:71:db:ef:1e:45:3d:b3:2b:9c:23:55:1a:9b:88:cd:
         09:f7:73:43:a0:a9:bc:dc:8b:76:f0:71:62:37:89:be:df:cd:
         e5:71:e6:7d:f1:28:b3:f8:90:9e:64:93:ff:45:ce:8e:cb:28:
         d6:61:b4:42:6a:f5:0b:a5:f0:ef:27:b2:f5:a7:4e:22:e8:d4:
         26:1a:2a:2f:8b:0d:e9:61:c3:17:5e:d4:b3:1c:8f:a7:08:33:
         37:1b:14:1a:37:bf:cf:76:8c:b6:5d:57:55:06:8f:f1:42:51:
         47:59:45:6b:b0:92:20:85:7d:90:4d:76:96:37:6b:ff:ab:2a:
         10:ee:51:5c:ed:f1:db:05:e0:0a:5e:60:e2:36:f7:07:fa:05:
         36:75:8f:38:96:7e:77:6d:5c:dd:03:b8:00:4e:1c:db:d6:a6:
         01:95:5b:1f:20:8e:84:1a:f0:68:fb:42:33:19:b6:3a:73:e5:
         d0:89:b4:a2:81:37:b1:43:bd:83:ab:5a:81:61:c3:ac:b9:37:
         91:f1:2b:6f:cc:af:62:fc:65:c4:4c:ef:a4:56:3c:e0:73:7e:
         98:b2:21:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGgTtNHuHNF9wmuWe2M2qXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjUwNzAxMTUwMDQ3WhcNMjUwNzAyMTUwMDQ3WjAzMTEwLwYDVQQD
Eyg4NmMwYTdlMzRjYzdiYTMwMWU2NzI1Mjc0NDhjYjU3ZGVkNjRjODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3edPzjuuokdA/09HiEK5zj9xCLc
dBgjnzO/dBohNVCjZ8eY+3s4PWoLmSLd+wiF+sJtXXqvlB50lN7aPYDlsCCeKTsp
vbah3bCZCH9zYde1YRjMuwRR5phVhj1urX0IRpwsAI0oWvpON29HBvi47jLjr2Z7
w4Mt9SIY7Kqu20RK/3xBN1+nBe4BTHis3k1qYXbuxpN085gP563ETdxD++VsifpO
BNF3ZO20g7v/KJG+/AwtdTCdVJJ87II2FGPo9IvF2MYwfTQrzZIEVr6FIP48q1xo
zQHoYQNQM3AL5oLj+GqUUiefUr8jYzl3fpn1taowXN5x/RhrmHQj/DUR3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbAp+NMx7owHmclJ0SMtX3tZMgTMB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC7uLh4DY
cGx+/wIGBPb9nhAkuP+dQATphUwRSteD5CeJzE/HHnhmcdvvHkU9syucI1Uam4jN
CfdzQ6CpvNyLdvBxYjeJvt/N5XHmffEos/iQnmST/0XOjsso1mG0Qmr1C6Xw7yey
9adOIujUJhoqL4sN6WHDF17UsxyPpwgzNxsUGje/z3aMtl1XVQaP8UJRR1lFa7CS
IIV9kE12ljdr/6sqEO5RXO3x2wXgCl5g4jb3B/oFNnWPOJZ+d21c3QO4AE4c29am
AZVbHyCOhBrwaPtCMxm2OnPl0Im0ooE3sUO9g6tagWHDrLk3kfErb8yvYvxlxEzv
pFY84HN+mLIhgA==
-----END CERTIFICATE-----