Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          PxNDJvfQEhdFu1417LibM+ZdBY1c9SOEftKD1m/cE1s=
Subject key identifier:   BE:28:C7:0C:EE:AC:9A:C9:1B:E8:56:8F:C8:53:3C:3E:46:EC:E9:42
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       0199239F2D63DEE54BBA9936826D9C94D0F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0C5B
Signing time:             Sun 07 Sep 2025 10:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:58 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: ZrcVf0AOOFtmrOAFuzWqQpqSzSm708kLZWWgmPJtFx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:2d:63:de:e5:4b:ba:99:36:82:6d:9c:94:d0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Sep  7 10:00:58 2025 GMT
            Not After : Sep  8 10:00:58 2025 GMT
        Subject: CN=be28c70ceeac9ac91be8568fc8533c3e46ece942
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:67:bd:c0:40:2c:e6:65:9e:55:d3:ad:4d:0a:
                    03:7f:48:f4:ee:4e:f7:e4:5b:59:58:9f:1f:74:ea:
                    7f:aa:76:d9:1d:8d:1f:a2:31:e2:dc:cc:51:fc:37:
                    80:f5:d6:12:93:4d:81:3c:21:83:46:f4:37:43:91:
                    7d:4f:0b:7c:d9:cb:d1:eb:49:49:ae:0d:47:62:d2:
                    f1:67:66:8a:79:e0:28:0b:4e:00:e5:be:fd:95:05:
                    36:66:b2:d8:f9:37:ad:83:c7:71:69:b5:cb:82:7c:
                    87:5b:4b:6c:71:96:d7:89:a1:1d:42:3a:35:45:6d:
                    ec:31:a2:15:0c:72:e9:7a:30:10:00:c8:47:86:4e:
                    3a:75:8c:1a:cf:a9:2c:da:28:d9:f2:56:60:f4:73:
                    cc:03:2b:92:8e:ed:45:8e:8a:0c:f5:19:22:9c:07:
                    15:73:f9:11:0c:fa:be:84:3d:9a:87:36:31:6e:79:
                    4c:03:24:0f:24:6f:08:f8:e0:dd:37:f6:c0:7f:ce:
                    24:31:0e:6e:cd:b5:af:34:0a:8f:fc:b9:a7:e3:24:
                    0a:b7:66:4c:83:73:4f:a5:f6:1e:2d:1c:b3:72:3a:
                    35:79:40:df:9b:90:ff:8f:76:b7:90:6f:e6:fe:69:
                    9a:b4:f9:51:1e:b6:a6:75:e2:cb:16:60:33:d3:37:
                    a2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:28:C7:0C:EE:AC:9A:C9:1B:E8:56:8F:C8:53:3C:3E:46:EC:E9:42
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:66:44:81:84:dd:4a:88:1e:ed:a2:84:2b:d6:60:20:e0:80:
         d0:aa:75:7f:81:26:e0:c4:a8:bd:16:f6:57:9e:68:91:a6:3d:
         de:18:0b:d5:92:03:b1:e5:98:66:17:02:a0:22:37:7a:a0:b5:
         07:fc:d2:b9:ba:e2:c2:eb:9f:2b:45:1f:9b:f9:01:02:9a:b4:
         72:74:aa:4f:c1:e9:4c:c5:68:cd:0c:d4:b8:13:1d:81:32:b5:
         cd:8b:70:6e:1b:1d:50:9f:91:a1:d5:73:fa:a8:c7:d2:c4:91:
         20:63:76:b4:ae:6d:63:61:30:a1:b2:b6:60:1a:df:36:f5:fd:
         40:d2:e6:80:72:c6:5a:74:52:95:97:99:55:74:63:45:71:e5:
         80:d1:49:d0:db:02:b5:81:b5:ea:30:d9:5a:4b:49:df:4d:69:
         53:ba:fd:30:8b:df:9c:7b:c7:aa:85:7f:85:b1:8c:4b:56:f8:
         6a:c6:96:ec:1b:95:b0:2d:29:9d:26:05:4d:53:9d:86:e5:c5:
         05:60:e9:ff:21:8c:8b:24:a4:cf:b3:3e:02:86:3e:72:29:22:
         a9:5f:57:de:04:65:f0:20:74:71:55:5f:5d:aa:87:9a:b5:1a:
         dc:a4:0a:00:98:cc:53:b5:9f:6b:56:ae:8c:da:0a:85:dc:02:
         05:20:be:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjny1j3uVLupk2gm2clNDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUwOTA3MTAwMDU4WhcNMjUwOTA4MTAwMDU4WjAzMTEwLwYDVQQD
EyhiZTI4YzcwY2VlYWM5YWM5MWJlODU2OGZjODUzM2MzZTQ2ZWNlOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtme9wEAs5mWeVdOtTQoDf0j07k73
5FtZWJ8fdOp/qnbZHY0fojHi3MxR/DeA9dYSk02BPCGDRvQ3Q5F9Twt82cvR60lJ
rg1HYtLxZ2aKeeAoC04A5b79lQU2ZrLY+Tetg8dxabXLgnyHW0tscZbXiaEdQjo1
RW3sMaIVDHLpejAQAMhHhk46dYwaz6ks2ijZ8lZg9HPMAyuSju1FjooM9RkinAcV
c/kRDPq+hD2ahzYxbnlMAyQPJG8I+ODdN/bAf84kMQ5uzbWvNAqP/Lmn4yQKt2ZM
g3NPpfYeLRyzcjo1eUDfm5D/j3a3kG/m/mmatPlRHramdeLLFmAz0zeirQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4oxwzurJrJG+hWj8hTPD5G7OlCMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2ZEgYTd
Soge7aKEK9ZgIOCA0Kp1f4Em4MSovRb2V55okaY93hgL1ZIDseWYZhcCoCI3eqC1
B/zSubriwuufK0Ufm/kBApq0cnSqT8HpTMVozQzUuBMdgTK1zYtwbhsdUJ+RodVz
+qjH0sSRIGN2tK5tY2EwobK2YBrfNvX9QNLmgHLGWnRSlZeZVXRjRXHlgNFJ0NsC
tYG16jDZWktJ301pU7r9MIvfnHvHqoV/hbGMS1b4asaW7BuVsC0pnSYFTVOdhuXF
BWDp/yGMiySkz7M+AoY+cikiqV9X3gRl8CB0cVVfXaqHmrUa3KQKAJjMU7Wfa1au
jNoKhdwCBSC+4g==
-----END CERTIFICATE-----