Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          B0wnqH8npZrmism0NN4J4+KZ9oyl9w0hv+MW2bSWoJ8=
Subject key identifier:   F2:3B:A6:5D:71:33:80:17:C2:82:A4:B3:EF:9F:C0:A6:A0:4B:B4:C2
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       0197B6A0B2780B956638B7642F7943D48016
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0E6A
Signing time:             Sat 28 Jun 2025 13:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:14 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: 9QVZGyajPiLfy0CcPnn7TOtu48dV4KNoS4Y9rndomQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:b2:78:0b:95:66:38:b7:64:2f:79:43:d4:80:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Jun 28 13:01:14 2025 GMT
            Not After : Jun 29 13:01:14 2025 GMT
        Subject: CN=f23ba65d71338017c282a4b3ef9fc0a6a04bb4c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a7:66:02:3b:bb:5e:a7:0e:17:a6:ec:cf:d5:
                    31:53:2a:d7:36:fa:2f:08:6b:77:99:f0:6c:68:d4:
                    08:16:44:70:01:a6:3b:7c:12:12:38:21:07:40:76:
                    be:7d:7b:98:71:b0:04:ba:c8:4f:69:40:48:d4:89:
                    79:51:b0:ba:f2:07:46:6a:f6:3e:dd:81:ad:81:b7:
                    7a:fa:81:47:f6:78:d7:80:21:4b:6f:8b:d4:30:32:
                    1b:e7:26:fd:c2:ff:6a:40:bb:96:3e:83:a5:83:a6:
                    6f:9f:c4:d9:63:ff:47:da:f5:c5:7b:e5:46:51:ff:
                    b4:b0:66:be:85:b4:3e:c9:3d:09:66:09:50:8f:ca:
                    80:d4:09:29:2e:0e:03:c3:ba:34:0c:57:0f:ac:af:
                    ce:4f:b0:93:1d:1a:14:07:a4:04:9a:a2:d7:c0:b4:
                    df:19:ca:82:77:75:ad:33:78:11:a4:67:fe:4d:d1:
                    9d:21:1e:ef:57:2f:3e:0d:91:9b:4b:0b:bd:67:00:
                    90:db:13:81:ff:b5:60:43:02:42:82:f5:d5:2d:f7:
                    82:86:bd:62:7b:c2:db:cc:e1:61:cc:35:04:c1:ad:
                    b4:6b:0b:69:43:85:1d:9e:6e:8d:1d:96:dc:5a:ec:
                    73:f3:90:56:a3:fb:b5:70:c9:a4:e1:20:00:5f:ca:
                    45:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:3B:A6:5D:71:33:80:17:C2:82:A4:B3:EF:9F:C0:A6:A0:4B:B4:C2
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:17:5c:3c:13:56:b4:4f:e3:47:c4:ac:1c:bb:4e:93:c3:83:
         ff:f8:e4:58:35:7f:3c:6f:f9:ea:de:d5:40:11:c0:ef:63:50:
         b4:92:d1:8e:d6:65:81:99:63:8d:13:e1:41:28:87:38:6d:b0:
         5b:ae:92:35:ef:02:c1:e5:2a:6b:10:bb:9b:8b:6e:ee:30:74:
         ad:b1:f5:87:a5:c8:f0:f2:02:29:84:20:7e:6b:46:76:fe:43:
         cd:c7:0e:14:99:c1:50:f1:87:bf:47:3b:dc:e5:c2:a8:b8:03:
         fb:30:07:4a:77:69:07:9e:65:66:b7:c5:c9:7c:e0:d4:00:6c:
         77:fd:d4:48:04:89:c0:ca:9d:b2:03:7d:9e:00:11:aa:94:bc:
         3f:b4:f0:e3:b3:68:00:6e:5b:20:37:2d:5c:cc:28:89:d4:4f:
         9b:52:55:1d:9f:62:f4:67:79:dc:be:64:86:d5:59:6e:12:4b:
         5f:3d:f5:4d:82:04:68:62:91:55:be:05:a4:0a:7d:08:1b:34:
         0f:d1:ab:17:a6:fc:c7:b8:34:71:01:1f:21:6e:1e:c6:e6:98:
         fe:d6:a8:64:26:a8:c6:e5:bb:dc:a5:15:06:a1:ed:19:34:7b:
         10:e8:c4:52:cc:eb:1b:7b:c4:09:fa:ff:2c:a1:f8:c3:bf:77:
         8d:ea:e5:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oLJ4C5VmOLdkL3lD1IAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjUwNjI4MTMwMTE0WhcNMjUwNjI5MTMwMTE0WjAzMTEwLwYDVQQD
EyhmMjNiYTY1ZDcxMzM4MDE3YzI4MmE0YjNlZjlmYzBhNmEwNGJiNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6dmAju7XqcOF6bsz9UxUyrXNvov
CGt3mfBsaNQIFkRwAaY7fBISOCEHQHa+fXuYcbAEushPaUBI1Il5UbC68gdGavY+
3YGtgbd6+oFH9njXgCFLb4vUMDIb5yb9wv9qQLuWPoOlg6Zvn8TZY/9H2vXFe+VG
Uf+0sGa+hbQ+yT0JZglQj8qA1AkpLg4Dw7o0DFcPrK/OT7CTHRoUB6QEmqLXwLTf
GcqCd3WtM3gRpGf+TdGdIR7vVy8+DZGbSwu9ZwCQ2xOB/7VgQwJCgvXVLfeChr1i
e8LbzOFhzDUEwa20awtpQ4Udnm6NHZbcWuxz85BWo/u1cMmk4SAAX8pFgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPI7pl1xM4AXwoKks++fwKagS7TCMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuxdcPBNW
tE/jR8SsHLtOk8OD//jkWDV/PG/56t7VQBHA72NQtJLRjtZlgZljjRPhQSiHOG2w
W66SNe8CweUqaxC7m4tu7jB0rbH1h6XI8PICKYQgfmtGdv5DzccOFJnBUPGHv0c7
3OXCqLgD+zAHSndpB55lZrfFyXzg1ABsd/3USASJwMqdsgN9ngARqpS8P7Tw47No
AG5bIDctXMwoidRPm1JVHZ9i9Gd53L5khtVZbhJLXz31TYIEaGKRVb4FpAp9CBs0
D9GrF6b8x7g0cQEfIW4exuaY/taoZCaoxuW73KUVBqHtGTR7EOjEUszrG3vECfr/
LKH4w793jerlpQ==
-----END CERTIFICATE-----