Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          /TPgu1h23RCloslpihMu5y0ZDfsBExuOI0406wLp4Gw=
Subject key identifier:   F2:F1:9E:92:CD:B8:6F:5D:DB:FE:AF:73:BD:16:C0:C8:55:A8:CB:ED
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       0198D6CCE4C1C2691D3A09E5645CBF1EE517
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 12:00:08 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:08 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:08 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: vJi9/8KapbPMIR29TuV2Ah62G6t5320voAWExKlPivM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cc:e4:c1:c2:69:1d:3a:09:e5:64:5c:bf:1e:e5:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: Aug 23 12:00:08 2025 GMT
            Not After : Aug 24 12:00:08 2025 GMT
        Subject: CN=f2f19e92cdb86f5ddbfeaf73bd16c0c855a8cbed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b4:9e:79:57:22:a2:bd:08:91:c3:c2:2e:ca:
                    85:a7:bc:e7:41:1e:9c:17:a3:a1:b7:8a:ee:da:a6:
                    50:3a:05:67:e7:ec:96:ee:cb:dd:ea:93:41:4e:fe:
                    1f:4f:e6:47:5d:44:93:dc:f0:40:7c:32:93:78:b7:
                    03:7f:95:c1:8d:98:be:19:2c:ad:91:16:55:51:ab:
                    ba:38:89:33:1b:2b:f7:65:d9:97:83:44:fd:2a:cf:
                    a0:39:c3:4f:b3:2e:42:14:db:63:b8:f7:17:30:79:
                    19:60:96:4a:82:82:44:e1:c9:72:ed:d6:9c:8c:ab:
                    aa:d4:66:0e:55:a5:3a:08:42:27:19:c9:a8:f7:7c:
                    c6:2e:41:fb:f5:57:00:aa:70:ac:b2:ee:cf:f9:b2:
                    de:90:e5:83:2e:c5:37:6c:06:92:76:09:82:ca:02:
                    e5:f4:f5:12:08:03:79:49:87:b1:45:0d:a8:91:44:
                    eb:9c:f7:4b:e3:ee:09:56:75:85:41:15:8b:f7:81:
                    87:13:1d:ea:d0:b4:4c:ec:33:2c:e6:63:d0:f9:16:
                    6b:f3:c1:69:32:ec:41:09:b6:ae:c8:6e:22:ea:c2:
                    62:e0:07:15:82:88:0d:7d:e4:2f:54:d3:dd:e5:c9:
                    d0:93:61:79:f4:51:89:a0:9d:6d:23:10:fb:97:2a:
                    e1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:F1:9E:92:CD:B8:6F:5D:DB:FE:AF:73:BD:16:C0:C8:55:A8:CB:ED
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:00:d3:0f:f6:de:39:30:25:6a:21:ba:9d:17:ae:be:0b:ca:
         00:7e:58:f6:0c:f5:63:d7:8f:35:81:34:ae:94:b3:06:36:c4:
         66:9d:7d:3d:15:1a:09:c8:ad:2c:7e:84:d3:82:aa:c9:53:a3:
         a7:0f:a3:94:b5:b1:8b:58:87:62:b3:46:52:7e:7b:57:26:df:
         9b:00:a5:5d:c8:2b:b2:4e:87:2b:30:92:2c:03:fc:17:e3:96:
         35:23:89:01:e7:ce:1a:80:30:37:5d:9c:05:98:02:fb:02:dc:
         bd:c4:ee:4a:2c:f9:dc:1e:bb:49:73:66:8f:7a:7e:ee:1a:cc:
         5d:3c:05:e9:83:5a:43:74:93:bd:33:29:8e:b9:d3:29:56:d1:
         03:5f:ed:78:03:cf:0b:29:2f:4d:0d:ed:88:31:07:59:d1:b0:
         fb:9f:2f:30:b8:e4:a6:b5:92:14:8a:b2:bb:65:07:88:1b:08:
         2c:5e:0a:46:6d:97:70:b8:c0:bb:88:96:1e:71:fe:9e:62:ad:
         6d:1a:dc:32:33:53:27:4f:16:ef:76:b9:54:64:49:93:1d:24:
         0d:5a:a4:22:1a:0e:de:fe:d2:e0:3b:e3:eb:ce:85:e9:ab:0d:
         5c:23:67:a5:96:1c:af:84:c0:6c:f2:7e:f1:21:68:7c:2a:ec:
         19:4d:7f:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzOTBwmkdOgnlZFy/HuUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjUwODIzMTIwMDA4WhcNMjUwODI0MTIwMDA4WjAzMTEwLwYDVQQD
EyhmMmYxOWU5MmNkYjg2ZjVkZGJmZWFmNzNiZDE2YzBjODU1YThjYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7SeeVcior0IkcPCLsqFp7znQR6c
F6Oht4ru2qZQOgVn5+yW7svd6pNBTv4fT+ZHXUST3PBAfDKTeLcDf5XBjZi+GSyt
kRZVUau6OIkzGyv3ZdmXg0T9Ks+gOcNPsy5CFNtjuPcXMHkZYJZKgoJE4cly7dac
jKuq1GYOVaU6CEInGcmo93zGLkH79VcAqnCssu7P+bLekOWDLsU3bAaSdgmCygLl
9PUSCAN5SYexRQ2okUTrnPdL4+4JVnWFQRWL94GHEx3q0LRM7DMs5mPQ+RZr88Fp
MuxBCbauyG4i6sJi4AcVgogNfeQvVNPd5cnQk2F59FGJoJ1tIxD7lyrhqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLxnpLNuG9d2/6vc70WwMhVqMvtMB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQDTD/be
OTAlaiG6nReuvgvKAH5Y9gz1Y9ePNYE0rpSzBjbEZp19PRUaCcitLH6E04KqyVOj
pw+jlLWxi1iHYrNGUn57VybfmwClXcgrsk6HKzCSLAP8F+OWNSOJAefOGoAwN12c
BZgC+wLcvcTuSiz53B67SXNmj3p+7hrMXTwF6YNaQ3STvTMpjrnTKVbRA1/teAPP
CykvTQ3tiDEHWdGw+58vMLjkprWSFIqyu2UHiBsILF4KRm2XcLjAu4iWHnH+nmKt
bRrcMjNTJ08W73a5VGRJkx0kDVqkIhoO3v7S4Dvj686F6asNXCNnpZYcr4TAbPJ+
8SFofCrsGU1/PA==
-----END CERTIFICATE-----