Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          Zbig0vzqkHhltAw3V8OvOniRZ64Zq0uQEQ4s70R1X5Y=
Subject key identifier:   2D:5B:C7:1B:E4:D9:49:2D:BB:D1:71:22:27:B0:D4:1B:FB:46:F7:75
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       019A0035C5B9877923766853E78FC5E8CF54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          16E0
Signing time:             Mon 20 Oct 2025 06:01:55 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:55 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:55 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: ALqXtLlV/JDPAeIi13qxu1UCGkZ8wfL3qLdkWsoSEkA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:c5:b9:87:79:23:76:68:53:e7:8f:c5:e8:cf:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Oct 20 06:01:55 2025 GMT
            Not After : Oct 21 06:01:55 2025 GMT
        Subject: CN=2d5bc71be4d9492dbbd1712227b0d41bfb46f775
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:49:11:61:52:c9:00:7c:09:4c:a5:20:4e:15:
                    97:6c:a6:e0:f6:f8:50:30:77:c0:ea:ba:39:cc:61:
                    17:a2:7c:46:64:97:b4:8d:bb:df:c2:9d:b8:b1:c6:
                    97:65:70:c7:1d:7e:9c:95:3f:34:53:16:f7:f7:d9:
                    b3:18:ed:3c:91:7d:63:3b:d8:45:7b:25:28:89:7a:
                    ef:19:ee:d3:84:58:68:ca:26:aa:f4:75:62:74:26:
                    13:97:d3:97:41:29:b2:99:0b:85:11:85:24:fb:03:
                    98:f6:52:7d:22:5d:1c:4d:01:5c:02:7d:8a:f6:ea:
                    cc:19:79:d4:2c:00:c0:3a:3e:39:9a:d0:28:bb:92:
                    ea:f7:5b:17:03:d5:ed:ed:4f:96:ce:a2:e5:de:50:
                    3e:20:40:a2:76:c9:c0:84:90:58:ff:c7:54:48:bf:
                    fc:11:c7:cc:29:83:10:72:26:93:ec:e0:84:31:fd:
                    17:5d:5c:9f:2f:68:fa:75:aa:c3:02:c7:20:50:bf:
                    04:48:3d:41:c9:5f:34:d6:cd:70:86:d0:bc:df:75:
                    dc:7d:e3:6f:3a:f3:3c:b1:58:73:aa:cd:04:8e:66:
                    dd:51:31:0f:8f:2d:c5:47:7f:57:61:dc:88:b4:33:
                    57:7c:f5:79:e0:72:9a:f0:c5:a6:79:22:f9:12:e6:
                    2d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:5B:C7:1B:E4:D9:49:2D:BB:D1:71:22:27:B0:D4:1B:FB:46:F7:75
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:5f:74:58:9f:77:9a:ae:04:99:56:bd:af:11:f6:71:96:f4:
         a4:c5:6c:83:d7:7f:f7:4d:c7:5c:3f:2d:a2:f4:c2:ab:4c:5b:
         f7:64:6b:8f:d9:c3:30:61:f7:3a:40:d8:58:3f:65:f9:6a:61:
         6e:ad:d8:d1:84:37:a4:12:f4:80:14:11:2c:c0:7b:50:a4:2d:
         8d:30:cc:3b:6e:c8:81:ef:09:e8:40:8e:2a:40:2b:55:36:47:
         ec:84:aa:bf:12:d3:60:2b:71:ee:e9:c5:8b:a9:e9:f6:ca:55:
         e1:e9:dd:63:47:f7:75:b7:2c:2b:81:85:86:bd:68:33:ac:0b:
         a9:7a:8a:cc:75:bc:7e:72:fa:da:cc:78:91:bf:b9:76:bb:01:
         ba:0c:ae:19:b7:06:92:ce:24:7b:6c:16:c6:10:20:33:bb:13:
         c5:dc:b5:34:f4:3f:b4:76:d0:57:a5:c6:f6:16:a0:1a:94:61:
         c6:52:61:80:75:1e:9c:4f:ca:58:5c:c6:00:2f:61:86:66:c5:
         10:de:dc:08:5a:62:33:1d:0c:6a:88:c3:f0:6b:0b:eb:2a:dc:
         39:16:72:f8:7d:20:d8:59:19:61:b6:1f:39:66:0a:74:1b:2b:
         75:4a:c7:f2:b4:6d:25:ad:42:a5:5f:12:39:a2:62:47:54:7d:
         3b:30:0a:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANcW5h3kjdmhT54/F6M9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjUxMDIwMDYwMTU1WhcNMjUxMDIxMDYwMTU1WjAzMTEwLwYDVQQD
EygyZDViYzcxYmU0ZDk0OTJkYmJkMTcxMjIyN2IwZDQxYmZiNDZmNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0kRYVLJAHwJTKUgThWXbKbg9vhQ
MHfA6ro5zGEXonxGZJe0jbvfwp24scaXZXDHHX6clT80Uxb399mzGO08kX1jO9hF
eyUoiXrvGe7ThFhoyiaq9HVidCYTl9OXQSmymQuFEYUk+wOY9lJ9Il0cTQFcAn2K
9urMGXnULADAOj45mtAou5Lq91sXA9Xt7U+WzqLl3lA+IECidsnAhJBY/8dUSL/8
EcfMKYMQciaT7OCEMf0XXVyfL2j6darDAscgUL8ESD1ByV801s1whtC833XcfeNv
OvM8sVhzqs0EjmbdUTEPjy3FR39XYdyItDNXfPV54HKa8MWmeSL5EuYtbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1bxxvk2Uktu9FxIiew1Bv7Rvd1MB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYl90WJ93
mq4EmVa9rxH2cZb0pMVsg9d/903HXD8tovTCq0xb92Rrj9nDMGH3OkDYWD9l+Wph
bq3Y0YQ3pBL0gBQRLMB7UKQtjTDMO27Ige8J6ECOKkArVTZH7ISqvxLTYCtx7unF
i6np9spV4endY0f3dbcsK4GFhr1oM6wLqXqKzHW8fnL62sx4kb+5drsBugyuGbcG
ks4ke2wWxhAgM7sTxdy1NPQ/tHbQV6XG9hagGpRhxlJhgHUenE/KWFzGAC9hhmbF
EN7cCFpiMx0MaojD8GsL6yrcORZy+H0g2FkZYbYfOWYKdBsrdUrH8rRtJa1CpV8S
OaJiR1R9OzAKZA==
-----END CERTIFICATE-----