Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          htXCit0VYiH9eChq9eRqPNqgXGynZE+dt/JRjs2S8uI=
Subject key identifier:   0D:BA:67:EB:B3:E7:26:31:C9:39:B8:F2:03:01:BD:63:81:C5:6F:46
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019A714A0AAAF7108C013C6B287A173D8E76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          0433
Signing time:             Tue 11 Nov 2025 05:01:09 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:09 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:09 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: RvZ9si4z3v60MubT2LpyAHDGDe2jmb/wl8tHWXm2phs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:0a:aa:f7:10:8c:01:3c:6b:28:7a:17:3d:8e:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Nov 11 05:01:09 2025 GMT
            Not After : Nov 12 05:01:09 2025 GMT
        Subject: CN=0dba67ebb3e72631c939b8f20301bd6381c56f46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:56:87:36:97:d7:d9:19:a7:8a:74:28:b0:b3:
                    a2:9a:b2:3e:08:67:58:e3:72:2a:81:9b:e6:d8:9e:
                    00:8d:a4:b4:6a:bc:bb:c0:e8:92:59:a1:04:d3:45:
                    e0:c6:b8:65:cc:26:5f:81:54:c1:03:03:68:f9:c2:
                    57:c6:4f:87:d9:6e:d6:66:74:8c:4d:f7:73:c9:4a:
                    83:67:2d:69:3f:80:06:f4:2f:01:78:26:32:98:7e:
                    53:db:50:ac:96:ca:67:ce:2f:b9:b1:f6:5f:4a:17:
                    36:4c:c0:72:4c:4f:3f:13:80:9d:54:f0:10:9d:be:
                    f0:42:74:b9:49:79:ba:ac:14:fb:64:25:cd:a4:3a:
                    99:b9:32:87:d0:aa:f6:1f:11:c6:7e:36:fd:43:ae:
                    c2:3a:da:f9:b2:a2:78:31:44:7c:68:90:47:96:db:
                    bc:ec:77:e2:3d:d9:6c:63:74:6c:fc:9c:d9:db:e5:
                    0e:d6:60:b0:da:40:bc:2b:7f:80:0e:64:dc:48:c3:
                    d0:bf:b7:6c:fb:a6:b7:d6:a8:8c:31:c0:b8:19:9a:
                    b7:f4:91:b0:f2:5b:28:55:a4:3c:56:28:d1:f8:ce:
                    f9:7d:dd:a7:62:95:fe:a9:37:0d:ba:1f:b6:24:dc:
                    7a:77:a7:27:f2:1f:f8:d1:a4:ee:53:02:d9:c9:6c:
                    9c:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:BA:67:EB:B3:E7:26:31:C9:39:B8:F2:03:01:BD:63:81:C5:6F:46
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:d1:a9:03:1a:2c:a4:a8:e7:d1:33:ca:e4:47:25:65:17:95:
         ab:ed:97:bc:af:69:43:df:ec:36:49:01:90:95:c0:e3:78:45:
         e0:88:64:f6:7e:b6:ff:c3:a5:61:9c:ed:29:f8:77:74:44:04:
         15:e4:ef:96:ad:45:68:4d:c8:c0:e5:5b:f1:ea:de:6b:a2:07:
         85:ba:ee:a6:86:b9:44:04:8f:0e:a0:a3:46:03:f6:6b:32:f1:
         b0:b1:ec:9f:67:ab:e8:dc:3f:ee:95:17:83:58:47:b1:fd:8c:
         7e:e8:28:e3:b3:fd:df:cb:4b:73:c3:99:0f:d8:52:fe:82:84:
         f5:09:59:fb:7a:82:fe:f9:0b:a5:18:60:ad:2e:1e:aa:7b:ab:
         cf:8f:94:60:cf:fc:d9:4d:5e:ba:07:fe:e3:c6:85:38:65:9b:
         c1:4d:17:12:15:54:d5:2b:73:a3:f2:ce:ac:af:51:1d:a1:1e:
         57:b7:d7:ed:6e:15:cd:b6:0f:17:39:f9:a5:3e:f4:bb:0e:69:
         fd:a8:08:eb:a8:ab:e8:f9:25:01:c7:10:ef:92:d4:7b:fd:ad:
         b7:dc:1e:1d:b3:92:6b:5e:72:fc:62:04:ce:ff:4d:83:78:3a:
         1c:1b:98:78:e2:44:37:7b:a3:7a:f5:4b:d3:91:36:df:0a:6b:
         0a:54:f9:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSgqq9xCMATxrKHoXPY52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUxMTExMDUwMTA5WhcNMjUxMTEyMDUwMTA5WjAzMTEwLwYDVQQD
EygwZGJhNjdlYmIzZTcyNjMxYzkzOWI4ZjIwMzAxYmQ2MzgxYzU2ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFaHNpfX2RmninQosLOimrI+CGdY
43IqgZvm2J4AjaS0ary7wOiSWaEE00XgxrhlzCZfgVTBAwNo+cJXxk+H2W7WZnSM
TfdzyUqDZy1pP4AG9C8BeCYymH5T21Cslspnzi+5sfZfShc2TMByTE8/E4CdVPAQ
nb7wQnS5SXm6rBT7ZCXNpDqZuTKH0Kr2HxHGfjb9Q67COtr5sqJ4MUR8aJBHltu8
7HfiPdlsY3Rs/JzZ2+UO1mCw2kC8K3+ADmTcSMPQv7ds+6a31qiMMcC4GZq39JGw
8lsoVaQ8VijR+M75fd2nYpX+qTcNuh+2JNx6d6cn8h/40aTuUwLZyWycUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA26Z+uz5yYxyTm48gMBvWOBxW9GMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmNGpAxos
pKjn0TPK5EclZReVq+2XvK9pQ9/sNkkBkJXA43hF4Ihk9n62/8OlYZztKfh3dEQE
FeTvlq1FaE3IwOVb8erea6IHhbrupoa5RASPDqCjRgP2azLxsLHsn2er6Nw/7pUX
g1hHsf2Mfugo47P938tLc8OZD9hS/oKE9QlZ+3qC/vkLpRhgrS4eqnurz4+UYM/8
2U1eugf+48aFOGWbwU0XEhVU1Stzo/LOrK9RHaEeV7fX7W4VzbYPFzn5pT70uw5p
/agI66ir6PklAccQ75LUe/2tt9weHbOSa15y/GIEzv9Ng3g6HBuYeOJEN3ujevVL
05E23wprClT5nw==
-----END CERTIFICATE-----