Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          OxKp6MhJCYuwsWEJGLBejJ24/Y74QL7kpaEMvD9auCA=
Subject key identifier:   A2:65:9C:44:F3:EB:95:30:62:40:2F:C5:C7:FB:B1:0C:20:FB:19:1B
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019923310E3B8A6B5E91938547F71E196995
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          0386
Signing time:             Sun 07 Sep 2025 08:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:41 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: Dps6AWqATK9H12Nz/B/XL0VOf2O45y8Ze1hgB/6R/8U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:0e:3b:8a:6b:5e:91:93:85:47:f7:1e:19:69:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Sep  7 08:00:41 2025 GMT
            Not After : Sep  8 08:00:41 2025 GMT
        Subject: CN=a2659c44f3eb953062402fc5c7fbb10c20fb191b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4a:57:a7:3e:f0:9a:2e:fe:b6:2f:c1:c0:70:
                    03:32:7e:69:72:37:fb:e4:63:dd:a9:23:11:d7:5c:
                    95:09:69:b2:b9:df:36:0b:60:29:df:79:f5:b3:e2:
                    6e:4f:10:4d:fb:3d:54:37:f6:38:11:13:71:f4:63:
                    51:d7:fa:0b:b2:59:e1:89:1f:65:c2:51:44:2f:95:
                    c1:ea:a0:59:67:c3:1f:9e:13:06:54:74:df:90:93:
                    82:f4:e8:e7:c0:6c:80:6c:8f:ab:34:4c:66:48:81:
                    8b:30:96:05:16:94:94:80:ef:33:14:23:94:d0:80:
                    63:62:be:57:12:a0:27:fa:63:95:9c:1f:b3:4e:e1:
                    18:9b:f8:03:15:b1:d4:03:63:5c:c4:d6:f6:7c:bd:
                    b8:64:eb:96:99:38:89:a7:93:70:a5:41:0e:67:d4:
                    ba:73:53:48:de:2f:4f:6f:1c:91:59:60:c9:bb:f6:
                    ed:5a:db:24:51:4d:d3:00:04:e1:0f:32:74:ef:cd:
                    e0:28:b5:3c:0b:3f:fe:f0:04:56:a8:35:fc:cb:41:
                    62:a6:55:cc:66:94:91:3e:74:5e:ca:59:cb:af:79:
                    93:31:ef:3f:f5:80:63:f6:fa:20:69:0c:27:df:ad:
                    eb:17:b3:9b:9e:27:69:c8:89:af:de:79:7e:39:47:
                    6a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:65:9C:44:F3:EB:95:30:62:40:2F:C5:C7:FB:B1:0C:20:FB:19:1B
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:43:14:6d:5c:9b:23:be:b4:10:1f:20:d9:d3:28:4e:54:cb:
         9d:ad:be:6b:40:ea:d8:24:b8:1b:49:af:e6:4c:80:56:ef:0a:
         ec:78:a5:3e:23:6e:79:27:de:9f:d6:91:05:e6:45:4c:46:fe:
         c5:bd:71:0d:ee:92:0d:f4:76:e8:53:f4:55:f3:91:5c:1f:a1:
         bf:29:a6:af:d7:2a:74:89:b3:c5:25:11:57:89:69:8d:45:6b:
         3a:0d:bc:5d:6e:55:d6:19:4c:54:ad:10:eb:96:45:d5:7a:fb:
         cc:70:f5:0a:75:38:09:b5:44:e1:bb:5a:ad:72:64:b6:c0:24:
         b3:b3:1e:22:0a:c2:5c:46:5e:35:c6:06:36:d3:2c:4c:82:20:
         26:4c:ec:8b:ca:55:6c:80:1f:8f:76:3c:b1:01:b4:19:63:12:
         2f:a1:21:b5:2d:ce:78:15:3a:b7:f7:83:eb:ae:f8:86:7c:4b:
         2d:b7:9e:7a:9b:e3:37:ba:ca:9b:89:d3:9d:3a:37:c9:64:a2:
         d3:08:84:be:14:24:3e:28:eb:4f:6c:57:00:ae:cc:e1:3f:19:
         aa:b6:19:e5:7a:11:c7:16:f0:7c:bf:3f:30:72:36:a9:f1:d0:
         1d:cc:88:d3:c0:c5:bc:8f:f8:69:7f:bf:33:24:5d:c5:7f:81:
         5c:1a:7e:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMQ47imtekZOFR/ceGWmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwOTA3MDgwMDQxWhcNMjUwOTA4MDgwMDQxWjAzMTEwLwYDVQQD
EyhhMjY1OWM0NGYzZWI5NTMwNjI0MDJmYzVjN2ZiYjEwYzIwZmIxOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUpXpz7wmi7+ti/BwHADMn5pcjf7
5GPdqSMR11yVCWmyud82C2Ap33n1s+JuTxBN+z1UN/Y4ERNx9GNR1/oLslnhiR9l
wlFEL5XB6qBZZ8MfnhMGVHTfkJOC9OjnwGyAbI+rNExmSIGLMJYFFpSUgO8zFCOU
0IBjYr5XEqAn+mOVnB+zTuEYm/gDFbHUA2NcxNb2fL24ZOuWmTiJp5NwpUEOZ9S6
c1NI3i9PbxyRWWDJu/btWtskUU3TAAThDzJ0783gKLU8Cz/+8ARWqDX8y0FiplXM
ZpSRPnReylnLr3mTMe8/9YBj9vogaQwn363rF7ObnidpyImv3nl+OUdqDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJlnETz65UwYkAvxcf7sQwg+xkbMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlUMUbVyb
I760EB8g2dMoTlTLna2+a0Dq2CS4G0mv5kyAVu8K7HilPiNueSfen9aRBeZFTEb+
xb1xDe6SDfR26FP0VfORXB+hvymmr9cqdImzxSURV4lpjUVrOg28XW5V1hlMVK0Q
65ZF1Xr7zHD1CnU4CbVE4btarXJktsAks7MeIgrCXEZeNcYGNtMsTIIgJkzsi8pV
bIAfj3Y8sQG0GWMSL6EhtS3OeBU6t/eD6674hnxLLbeeepvjN7rKm4nTnTo3yWSi
0wiEvhQkPijrT2xXAK7M4T8ZqrYZ5XoRxxbwfL8/MHI2qfHQHcyI08DFvI/4aX+/
MyRdxX+BXBp+rQ==
-----END CERTIFICATE-----