Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          GwlkXmyofs5iEEbtJST5j14xIOqzA09PBy1GqdMO2GM=
Subject key identifier:   35:F3:AE:87:EB:7B:32:55:95:15:D9:68:12:DA:C0:10:F5:F8:7A:BB
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       01974BFB3DE91B5C57841DC0AA52CD80FB7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          0292
Signing time:             Sat 07 Jun 2025 20:00:45 +0000
Manifest this update:     Sat 07 Jun 2025 20:00:45 +0000
Manifest next update:     Sun 08 Jun 2025 20:00:45 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: yTmNLEohoglqaKsbr9bxj/lzJRiI1FUc9EweNRMx3do=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:fb:3d:e9:1b:5c:57:84:1d:c0:aa:52:cd:80:fb:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Jun  7 20:00:45 2025 GMT
            Not After : Jun  8 20:00:45 2025 GMT
        Subject: CN=35f3ae87eb7b32559515d96812dac010f5f87abb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:15:66:6f:3d:d3:ce:80:50:ec:69:3a:5b:4a:
                    11:0b:fd:d4:c5:d7:aa:87:48:a8:58:e5:88:9b:ec:
                    e4:f8:38:39:13:74:9f:3b:ce:08:f2:23:eb:25:ca:
                    f1:c9:2b:ae:e7:16:0b:b0:84:4b:f0:90:95:ba:08:
                    fb:39:87:f0:49:c0:9e:83:96:d0:5a:ea:e3:c6:6a:
                    64:fa:cb:03:f3:35:f8:29:3a:8f:30:ca:34:4d:61:
                    81:ca:4a:93:78:26:50:22:2a:8c:dc:73:00:92:b7:
                    76:5d:cb:4c:0f:4a:15:a0:6c:6d:7f:10:ea:5b:33:
                    b5:95:36:59:99:7d:f0:9e:34:4e:de:e9:31:4c:f4:
                    75:04:0f:5e:77:99:32:7c:25:53:97:15:be:0b:d7:
                    1a:70:94:0a:ad:e5:da:6a:16:91:a9:a0:29:99:d9:
                    09:a8:fa:f8:6c:97:c2:51:44:8a:86:21:41:bf:66:
                    8a:8a:88:9d:54:97:3e:8c:99:c4:b1:77:14:ac:a6:
                    4c:43:9f:cf:17:68:8c:e8:8c:b7:22:75:85:f3:16:
                    b5:6e:7e:71:dc:12:08:41:56:d0:d2:64:54:0f:c5:
                    ad:a1:bf:9f:2c:98:2f:3c:35:b9:e2:f9:d7:ec:c3:
                    e0:89:99:42:91:54:82:34:38:69:cf:a8:73:7c:7d:
                    f5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:F3:AE:87:EB:7B:32:55:95:15:D9:68:12:DA:C0:10:F5:F8:7A:BB
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:2a:3b:dc:b2:68:10:4e:6a:52:a1:84:34:b7:a6:42:9a:87:
         b8:fb:c0:cb:9d:4d:a8:af:b9:d4:76:a4:c7:e7:9e:c0:55:c0:
         a6:75:e4:79:f6:cf:38:17:4b:13:98:bd:3b:81:bd:9d:2f:40:
         88:e1:78:60:42:f0:69:8d:3b:af:e5:bc:b3:cb:52:a1:da:db:
         17:de:03:92:c5:48:62:bd:f1:59:62:3e:4e:90:3b:32:8b:83:
         c0:f1:4c:2a:54:ac:ad:4c:74:ea:3a:93:3b:9f:38:d9:62:4b:
         f9:d7:6b:a3:18:a2:a1:ba:28:ef:2b:72:5e:a1:e7:d2:ce:25:
         a7:75:23:bd:8e:44:d1:40:ab:b3:14:1f:93:b8:72:85:f8:2f:
         77:3a:33:a8:7b:f1:88:a7:ae:16:66:ca:66:0e:6a:1a:bc:e0:
         fd:80:a7:3c:b7:f3:f6:e1:51:7c:3b:08:fc:1d:ab:82:34:03:
         2c:6b:2c:9d:87:69:d4:05:fd:50:59:49:30:33:ff:b3:31:7f:
         22:f4:f4:f1:28:64:46:4a:72:ab:58:a3:0d:35:f4:69:a7:11:
         49:a7:d9:5a:01:18:53:ae:c6:fe:01:cd:88:65:71:31:01:37:
         65:1c:7a:45:d9:d9:2b:13:fb:f2:ac:4e:b4:b4:98:1b:f4:82:
         93:94:58:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdL+z3pG1xXhB3AqlLNgPt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwNjA3MjAwMDQ1WhcNMjUwNjA4MjAwMDQ1WjAzMTEwLwYDVQQD
EygzNWYzYWU4N2ViN2IzMjU1OTUxNWQ5NjgxMmRhYzAxMGY1Zjg3YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhVmbz3TzoBQ7Gk6W0oRC/3Uxdeq
h0ioWOWIm+zk+Dg5E3SfO84I8iPrJcrxySuu5xYLsIRL8JCVugj7OYfwScCeg5bQ
Wurjxmpk+ssD8zX4KTqPMMo0TWGBykqTeCZQIiqM3HMAkrd2XctMD0oVoGxtfxDq
WzO1lTZZmX3wnjRO3ukxTPR1BA9ed5kyfCVTlxW+C9cacJQKreXaahaRqaApmdkJ
qPr4bJfCUUSKhiFBv2aKioidVJc+jJnEsXcUrKZMQ5/PF2iM6Iy3InWF8xa1bn5x
3BIIQVbQ0mRUD8Wtob+fLJgvPDW54vnX7MPgiZlCkVSCNDhpz6hzfH31LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXzrofrezJVlRXZaBLawBD1+Hq7MB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyo73LJo
EE5qUqGENLemQpqHuPvAy51NqK+51Hakx+eewFXApnXkefbPOBdLE5i9O4G9nS9A
iOF4YELwaY07r+W8s8tSodrbF94DksVIYr3xWWI+TpA7MouDwPFMKlSsrUx06jqT
O5842WJL+ddroxiioboo7ytyXqHn0s4lp3UjvY5E0UCrsxQfk7hyhfgvdzozqHvx
iKeuFmbKZg5qGrzg/YCnPLfz9uFRfDsI/B2rgjQDLGssnYdp1AX9UFlJMDP/szF/
IvT08ShkRkpyq1ijDTX0aacRSafZWgEYU67G/gHNiGVxMQE3ZRx6RdnZKxP78qxO
tLSYG/SCk5RYKA==
-----END CERTIFICATE-----