Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          HQNzlE/IzmxQc5dNktgibXP0AQ9B47IOhNSA1tNaz88=
Subject key identifier:   00:52:84:46:45:6D:E3:43:B1:18:A7:92:42:E0:EE:87:54:98:37:DF
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       0199239FC1F3F343470DAFE64797C10FCFB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0DFF
Signing time:             Sun 07 Sep 2025 10:01:36 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:36 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:36 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: yRmQj2ZYwuVFdzi2oprXsHjo1Hk2wqIb5ifUG2I+P08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:c1:f3:f3:43:47:0d:af:e6:47:97:c1:0f:cf:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Sep  7 10:01:36 2025 GMT
            Not After : Sep  8 10:01:36 2025 GMT
        Subject: CN=00528446456de343b118a79242e0ee87549837df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:29:61:00:ec:61:de:da:0b:59:bf:74:7b:66:
                    f6:c6:ba:61:60:05:c5:f0:15:67:a5:cf:7d:a2:e5:
                    88:1b:5a:85:36:36:9a:69:b8:c0:bf:a4:e8:90:9d:
                    90:84:da:90:7b:0a:ff:46:c9:d6:ca:ef:2f:67:d6:
                    12:6e:26:c6:84:bd:cb:fa:db:b5:aa:fe:4c:9f:e4:
                    e9:87:0c:b7:d1:3d:89:6f:c9:e1:31:ba:fe:c8:31:
                    6a:0e:eb:0d:19:e0:70:7a:f0:08:58:dc:5d:10:79:
                    63:93:cb:c9:fd:ed:34:90:77:d6:9f:cb:2e:50:fe:
                    c7:e1:c7:cd:83:23:ae:d4:d0:d2:44:e9:1e:d4:9f:
                    a9:59:f3:e0:34:d6:15:40:78:a4:e0:14:14:72:95:
                    8b:7b:cc:50:2a:5e:d0:f9:1a:88:b8:f0:d3:f1:b0:
                    4d:2d:b2:de:02:94:88:77:b1:d2:f0:7b:8a:5d:e9:
                    0d:4a:7a:92:b3:e2:e7:dd:5b:83:5d:4f:6c:84:5b:
                    82:e3:0b:18:0d:2e:5b:3e:50:d0:3c:f9:29:74:2d:
                    e1:ac:2a:48:a8:30:cf:f5:e4:70:b4:42:08:48:5f:
                    55:b1:e3:22:e8:63:ac:52:51:e7:5f:20:88:2c:98:
                    fa:35:32:a5:2e:b1:69:04:45:2f:fb:30:f8:6c:36:
                    87:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:52:84:46:45:6D:E3:43:B1:18:A7:92:42:E0:EE:87:54:98:37:DF
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:ab:c0:74:7f:f9:03:61:ad:a0:4d:88:60:70:69:d7:73:b0:
         76:e8:47:4a:4d:19:b2:e6:d7:66:1f:5f:cb:df:d4:0a:c4:54:
         fd:2d:62:30:da:01:ef:af:b9:4f:28:9f:48:e2:fb:f4:03:2a:
         ad:b2:d6:51:ca:ca:8e:37:a0:aa:49:40:53:e6:6d:a4:1b:3a:
         5e:dc:af:27:ce:e0:79:20:7b:ef:cf:69:1d:6a:fe:74:a6:43:
         c2:fc:cf:61:a0:01:62:c4:ec:18:fd:97:b7:55:13:a1:7c:e9:
         db:14:6b:d5:d5:4c:f9:8e:81:f2:9c:d9:4a:91:67:fb:ee:7f:
         d0:3b:27:3e:a8:48:fb:ef:cd:ad:ee:8a:da:ae:60:d4:f2:f7:
         80:23:22:22:62:b0:e2:b4:cb:4f:06:c4:2f:49:54:42:03:b6:
         d3:a1:b7:09:02:89:00:d1:2b:6b:2f:d3:2b:59:81:77:57:db:
         47:70:97:16:cb:64:36:da:0d:ec:15:70:ef:5c:8e:71:79:c1:
         61:00:73:10:3f:9b:e6:71:41:c6:0b:b6:54:62:d2:bb:a9:f0:
         a5:86:0d:9d:14:a4:26:65:eb:e9:11:da:79:84:83:5d:bd:04:
         79:34:56:08:af:7b:87:04:18:81:f0:f6:81:84:c4:45:db:24:
         75:3f:ce:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn8Hz80NHDa/mR5fBD8+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUwOTA3MTAwMTM2WhcNMjUwOTA4MTAwMTM2WjAzMTEwLwYDVQQD
EygwMDUyODQ0NjQ1NmRlMzQzYjExOGE3OTI0MmUwZWU4NzU0OTgzN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqClhAOxh3toLWb90e2b2xrphYAXF
8BVnpc99ouWIG1qFNjaaabjAv6TokJ2QhNqQewr/RsnWyu8vZ9YSbibGhL3L+tu1
qv5Mn+Tphwy30T2Jb8nhMbr+yDFqDusNGeBwevAIWNxdEHljk8vJ/e00kHfWn8su
UP7H4cfNgyOu1NDSROke1J+pWfPgNNYVQHik4BQUcpWLe8xQKl7Q+RqIuPDT8bBN
LbLeApSId7HS8HuKXekNSnqSs+Ln3VuDXU9shFuC4wsYDS5bPlDQPPkpdC3hrCpI
qDDP9eRwtEIISF9VseMi6GOsUlHnXyCILJj6NTKlLrFpBEUv+zD4bDaHgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABShEZFbeNDsRinkkLg7odUmDffMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARavAdH/5
A2GtoE2IYHBp13OwduhHSk0ZsubXZh9fy9/UCsRU/S1iMNoB76+5TyifSOL79AMq
rbLWUcrKjjegqklAU+ZtpBs6XtyvJ87geSB7789pHWr+dKZDwvzPYaABYsTsGP2X
t1UToXzp2xRr1dVM+Y6B8pzZSpFn++5/0DsnPqhI++/Nre6K2q5g1PL3gCMiImKw
4rTLTwbEL0lUQgO206G3CQKJANEray/TK1mBd1fbR3CXFstkNtoN7BVw71yOcXnB
YQBzED+b5nFBxgu2VGLSu6nwpYYNnRSkJmXr6RHaeYSDXb0EeTRWCK97hwQYgfD2
gYTERdskdT/OUA==
-----END CERTIFICATE-----