Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
File:                     bMfzcUDRMXn5pckglknIDDfGpxM.mft (raw, json)
Hash identifier:          UrzvDbuv/szghcEK72rWBQlx0pkIbMqP1teftH3OFQg=
Subject key identifier:   03:7D:9C:0D:E6:2A:E0:D3:E0:C1:43:44:6F:ED:19:2F:AF:BE:FC:A9
Authority key identifier: 6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13
Certificate issuer:       /CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
Certificate serial:       0199221E5F2BE6E41FC06D0B62657BBD6353
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
Manifest number:          1289
Signing time:             Sun 07 Sep 2025 03:00:39 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:39 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:39 +0000
Files and hashes:         1: bMfzcUDRMXn5pckglknIDDfGpxM.crl (hash: ft7gf8PrWcHaI1sdEJHChRRfLmAfmIj5ZGvbS6Zw8vg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:5f:2b:e6:e4:1f:c0:6d:0b:62:65:7b:bd:63:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
        Validity
            Not Before: Sep  7 03:00:39 2025 GMT
            Not After : Sep  8 03:00:39 2025 GMT
        Subject: CN=037d9c0de62ae0d3e0c143446fed192fafbefca9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:46:e9:08:54:4a:79:8c:ad:c4:fa:ec:33:52:
                    0e:45:e4:1f:bf:27:eb:be:32:88:b4:b8:14:3f:7c:
                    ff:fd:62:bf:0c:ce:a0:10:63:59:7a:f9:d9:db:48:
                    0f:ca:05:ce:f5:4a:78:51:fe:59:aa:6a:69:af:2f:
                    2d:60:85:c7:38:1e:29:b4:8c:32:b5:d5:ed:4d:fe:
                    06:2f:30:b1:bc:df:ea:8a:bc:ab:2c:e9:b7:ff:f5:
                    32:c2:3e:35:cb:43:2f:2c:76:f4:5d:b7:f4:ff:fc:
                    3c:d1:d1:6c:19:0a:84:65:7a:ce:56:88:dd:b6:0a:
                    e5:3b:a6:33:db:71:aa:40:ad:8a:e6:a2:59:b4:c1:
                    e9:dd:31:a1:3e:92:19:48:e8:31:eb:9e:01:f4:64:
                    b2:92:09:45:de:f1:7d:ad:72:b6:4c:c4:77:42:7d:
                    60:a6:ac:8e:b1:5b:d9:05:dc:3f:5a:6c:c0:af:e2:
                    e3:dc:84:a1:ce:4c:f9:24:3d:f5:8e:40:c9:08:53:
                    6a:30:e1:db:79:96:ab:5b:c3:b9:75:ef:05:15:30:
                    ea:6e:82:55:12:4b:24:25:9f:35:57:20:b5:1e:9a:
                    1c:96:3b:8c:ba:5c:c2:d2:cf:cb:40:71:8c:7c:6b:
                    81:86:7f:f1:52:86:61:fd:79:cf:79:25:95:d2:8e:
                    bd:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:7D:9C:0D:E6:2A:E0:D3:E0:C1:43:44:6F:ED:19:2F:AF:BE:FC:A9
            X509v3 Authority Key Identifier:
                keyid:6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:6c:a1:9c:64:c3:b1:19:c2:9e:8a:b3:f1:69:17:3f:28:44:
         bf:8e:c3:5a:6d:16:d7:9c:73:54:e6:3e:e3:ae:a4:b1:c1:8b:
         ca:c0:5d:b7:01:4d:82:3f:ba:82:3a:e1:0d:2f:20:08:51:8b:
         7a:f9:0f:ad:d4:40:53:11:81:68:ed:98:b7:f9:92:d1:e5:d5:
         cc:4a:47:e1:fc:63:3e:12:a8:2a:6e:fe:b5:57:3c:8e:ab:1a:
         26:e9:4a:44:af:6c:43:be:a3:45:96:15:86:fc:05:a3:3c:cf:
         88:a7:d8:63:f2:30:b5:cf:28:40:53:76:d2:0b:c0:73:9a:a2:
         38:14:c9:bc:8d:4e:db:a7:b5:75:f9:88:83:62:3e:91:9a:04:
         7d:0b:c6:7f:da:c8:0d:3d:37:6c:42:dd:f5:aa:1b:7c:d0:17:
         58:67:34:81:b8:1f:78:ae:a6:96:b0:52:86:a4:21:14:1b:d8:
         79:6b:7a:3f:0c:ed:4e:65:60:02:72:3d:86:72:07:6f:3f:fe:
         e7:ed:24:40:ce:9c:a6:dc:32:df:03:01:84:65:b3:97:26:f8:
         12:e2:c3:d8:96:c4:a4:ef:95:a0:3c:20:60:ec:44:84:93:80:
         bb:e9:60:82:02:05:db:84:72:91:59:9c:1f:55:da:4f:7a:c7:
         6e:d2:ff:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHl8r5uQfwG0LYmV7vWNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzdmMzcxNDBkMTMxNzlmOWE1YzkyMDk2NDljODBjMzdj
NmE3MTMwHhcNMjUwOTA3MDMwMDM5WhcNMjUwOTA4MDMwMDM5WjAzMTEwLwYDVQQD
EygwMzdkOWMwZGU2MmFlMGQzZTBjMTQzNDQ2ZmVkMTkyZmFmYmVmY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkbpCFRKeYytxPrsM1IOReQfvyfr
vjKItLgUP3z//WK/DM6gEGNZevnZ20gPygXO9Up4Uf5Zqmppry8tYIXHOB4ptIwy
tdXtTf4GLzCxvN/qiryrLOm3//Uywj41y0MvLHb0Xbf0//w80dFsGQqEZXrOVojd
tgrlO6Yz23GqQK2K5qJZtMHp3TGhPpIZSOgx654B9GSykglF3vF9rXK2TMR3Qn1g
pqyOsVvZBdw/WmzAr+Lj3IShzkz5JD31jkDJCFNqMOHbeZarW8O5de8FFTDqboJV
EkskJZ81VyC1HpocljuMulzC0s/LQHGMfGuBhn/xUoZh/XnPeSWV0o699wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAN9nA3mKuDT4MFDRG/tGS+vvvypMB8GA1UdIwQY
MBaAFGzH83FA0TF5+aXJIJZJyAw3xqcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQt
OGQ1NmRkY2ZhNGI4LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQtOGQ1NmRkY2ZhNGI4
LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiGyhnGTD
sRnCnoqz8WkXPyhEv47DWm0W15xzVOY+466kscGLysBdtwFNgj+6gjrhDS8gCFGL
evkPrdRAUxGBaO2Yt/mS0eXVzEpH4fxjPhKoKm7+tVc8jqsaJulKRK9sQ76jRZYV
hvwFozzPiKfYY/Iwtc8oQFN20gvAc5qiOBTJvI1O26e1dfmIg2I+kZoEfQvGf9rI
DT03bELd9aobfNAXWGc0gbgfeK6mlrBShqQhFBvYeWt6PwztTmVgAnI9hnIHbz/+
5+0kQM6cptwy3wMBhGWzlyb4EuLD2JbEpO+VoDwgYOxEhJOAu+lgggIF24RykVmc
H1XaT3rHbtL/rg==
-----END CERTIFICATE-----