Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          GpuwJLQnOtywmY4YodKjr+g/UTvElEsD4pA6u3bO6cQ=
Subject key identifier:   D3:14:56:C9:86:4D:96:C2:BB:EA:92:0F:00:96:3B:70:EB:15:8F:6B
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       0198D54E06B8A92BC5B1AB7048B79664A94F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          0689
Signing time:             Sat 23 Aug 2025 05:01:57 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:57 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:57 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: O+BUvvwV5awyqpz+VJmA/wjO65TPsC1JpGI65aPCbiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:06:b8:a9:2b:c5:b1:ab:70:48:b7:96:64:a9:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Aug 23 05:01:57 2025 GMT
            Not After : Aug 24 05:01:57 2025 GMT
        Subject: CN=d31456c9864d96c2bbea920f00963b70eb158f6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:14:b1:cd:79:6f:6d:47:d2:a2:c9:fe:58:ee:
                    6d:28:7c:f5:59:d0:dd:f9:f4:87:8e:13:fc:19:e9:
                    ed:bd:24:09:4d:9a:ea:a0:84:94:ce:05:31:d7:73:
                    2f:3f:a7:dc:16:76:c6:af:4f:0d:1b:61:83:5c:0c:
                    c2:1f:99:23:c3:18:8e:6f:db:fd:1c:60:54:30:52:
                    77:7c:5c:34:30:04:4d:8c:c6:4f:c4:a0:89:2e:70:
                    14:31:db:81:55:ad:8e:c0:0c:e8:b2:0c:a3:99:ad:
                    4e:9f:21:d0:e9:01:f1:19:11:f2:84:08:34:db:7e:
                    0b:79:13:0e:b4:38:a9:94:48:1b:ef:8a:b9:83:00:
                    18:b5:19:eb:e4:b0:75:3a:29:1a:27:a0:c7:27:2c:
                    a5:6e:cf:ed:c0:d4:77:df:16:00:ef:f0:7d:ad:f9:
                    a5:16:0e:c0:a0:67:96:f6:13:b3:e8:37:43:ab:a1:
                    21:bb:02:50:ae:eb:45:0e:48:48:4c:eb:54:c2:10:
                    8d:57:7e:6a:c3:50:62:99:e7:fd:f7:fb:20:81:83:
                    5e:3c:0b:74:54:10:3b:e4:2f:69:0e:86:f1:84:e9:
                    ce:8c:ef:09:3c:f9:92:9e:1a:92:96:95:4b:37:a5:
                    e5:fc:3e:dc:8f:eb:1a:e5:d8:a2:b0:76:c7:5b:72:
                    e6:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:14:56:C9:86:4D:96:C2:BB:EA:92:0F:00:96:3B:70:EB:15:8F:6B
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:a0:26:80:fd:b7:43:43:94:59:80:b8:02:63:29:57:28:27:
         92:ea:54:db:d8:af:34:f6:cc:1c:50:5c:50:60:98:31:b1:d9:
         b7:67:0d:2f:7e:25:ec:26:a0:66:e3:82:43:6f:71:90:8b:25:
         fb:2c:22:28:f9:04:cc:fa:49:8e:d7:f4:82:26:65:ff:aa:17:
         79:d9:fe:5e:b3:67:23:6e:c4:d7:34:70:05:b7:6f:b2:b9:80:
         7f:45:c3:66:08:8d:69:44:be:c8:8e:f2:f2:55:c3:5a:10:7b:
         e5:b0:06:d0:06:21:c4:12:6a:41:da:f8:61:4e:90:a5:d6:a6:
         17:ed:1c:9c:e9:cb:f2:86:4b:fd:78:84:f4:65:02:7a:fd:31:
         f8:a8:4f:e2:fd:0b:61:34:b4:bc:f9:b0:8b:47:e1:94:2c:10:
         36:25:97:6a:62:75:e0:39:ce:b6:f3:43:31:3d:7b:db:52:3b:
         d4:15:ea:0d:c2:b0:9c:57:7c:7f:b3:f1:68:45:b7:01:64:fe:
         2f:bc:6e:1d:e1:e4:2f:16:5e:c8:1d:c5:0f:4d:d5:b9:85:1d:
         ee:4f:d1:0a:b4:42:66:9e:e3:1e:29:21:d4:d2:42:10:13:b6:
         40:94:8b:44:a5:7a:5a:94:17:8f:d8:bc:42:8b:6b:fc:fc:45:
         ff:2c:b5:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTga4qSvFsatwSLeWZKlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUwODIzMDUwMTU3WhcNMjUwODI0MDUwMTU3WjAzMTEwLwYDVQQD
EyhkMzE0NTZjOTg2NGQ5NmMyYmJlYTkyMGYwMDk2M2I3MGViMTU4ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBSxzXlvbUfSosn+WO5tKHz1WdDd
+fSHjhP8GentvSQJTZrqoISUzgUx13MvP6fcFnbGr08NG2GDXAzCH5kjwxiOb9v9
HGBUMFJ3fFw0MARNjMZPxKCJLnAUMduBVa2OwAzosgyjma1OnyHQ6QHxGRHyhAg0
234LeRMOtDiplEgb74q5gwAYtRnr5LB1OikaJ6DHJyylbs/twNR33xYA7/B9rfml
Fg7AoGeW9hOz6DdDq6EhuwJQrutFDkhITOtUwhCNV35qw1Bimef99/sggYNePAt0
VBA75C9pDobxhOnOjO8JPPmSnhqSlpVLN6Xl/D7cj+sa5diisHbHW3Lm2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMUVsmGTZbCu+qSDwCWO3DrFY9rMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6AmgP23
Q0OUWYC4AmMpVygnkupU29ivNPbMHFBcUGCYMbHZt2cNL34l7CagZuOCQ29xkIsl
+ywiKPkEzPpJjtf0giZl/6oXedn+XrNnI27E1zRwBbdvsrmAf0XDZgiNaUS+yI7y
8lXDWhB75bAG0AYhxBJqQdr4YU6QpdamF+0cnOnL8oZL/XiE9GUCev0x+KhP4v0L
YTS0vPmwi0fhlCwQNiWXamJ14DnOtvNDMT1721I71BXqDcKwnFd8f7PxaEW3AWT+
L7xuHeHkLxZeyB3FD03VuYUd7k/RCrRCZp7jHikh1NJCEBO2QJSLRKV6WpQXj9i8
Qotr/PxF/yy11g==
-----END CERTIFICATE-----