Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
File:                     bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft (raw, json)
Hash identifier:          HWHH+82OP4DR9gip2iD6QPxSNucjIujjf1PeiQ4C1As=
Subject key identifier:   43:9D:38:32:B3:DA:74:E9:37:CA:AA:D7:1D:89:54:1F:2B:74:42:E0
Authority key identifier: 6D:57:00:91:6F:90:98:3B:D8:E8:9C:D0:5F:E6:29:EC:18:3B:FA:54
Certificate issuer:       /CN=6d5700916f90983bd8e89cd05fe629ec183bfa54
Certificate serial:       019A71B838A6184D52362BFACBB436AFBA35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
Manifest number:          0B89
Signing time:             Tue 11 Nov 2025 07:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:29 +0000
Files and hashes:         1: bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl (hash: QhRDpMxRAbac/t9hHhFZkp6iuijj/7ftqjk948P6kPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:38:a6:18:4d:52:36:2b:fa:cb:b4:36:af:ba:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d5700916f90983bd8e89cd05fe629ec183bfa54
        Validity
            Not Before: Nov 11 07:01:29 2025 GMT
            Not After : Nov 12 07:01:29 2025 GMT
        Subject: CN=439d3832b3da74e937caaad71d89541f2b7442e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:29:a1:84:ee:fd:1a:5a:af:5b:a6:66:f8:5e:
                    fd:ca:70:74:cb:7d:d5:78:6e:0d:c5:4c:2e:7e:78:
                    d8:fe:8b:de:6e:22:bb:35:bb:46:af:0e:f1:eb:c0:
                    5f:d7:06:67:32:10:c8:21:03:d6:0d:ea:8f:3e:70:
                    9c:94:4a:fa:b2:0e:8e:fd:9b:d4:e5:a9:46:27:7a:
                    97:a4:03:7b:62:5f:43:60:fb:86:1c:81:38:7b:65:
                    82:b5:cf:a4:45:1b:d7:5e:f1:5f:c6:4b:a2:f1:60:
                    94:25:b0:9d:05:b7:84:f6:1b:67:89:e6:f2:aa:01:
                    b3:50:3a:ad:20:2b:9d:a6:97:9e:96:ba:c3:dd:3d:
                    1b:14:d7:3b:41:c6:e5:d1:8b:20:6e:f1:42:a0:9e:
                    91:a2:ea:08:0b:d8:a4:72:53:74:3a:73:bb:65:8d:
                    7f:8f:67:da:dc:10:e7:5a:80:50:6f:24:57:c2:f2:
                    d6:29:05:8a:f1:20:69:be:cb:6a:b5:14:25:9e:ce:
                    7c:2c:87:dc:fb:58:02:8f:74:aa:7a:1d:17:4e:f2:
                    e6:8c:56:63:a2:32:95:53:39:f8:33:3f:ae:5d:a2:
                    03:73:be:eb:2a:08:6d:f1:d1:b1:bb:94:f8:05:47:
                    b5:51:e5:30:12:b0:1f:7c:5c:ea:8a:f4:cd:e5:82:
                    7e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:9D:38:32:B3:DA:74:E9:37:CA:AA:D7:1D:89:54:1F:2B:74:42:E0
            X509v3 Authority Key Identifier:
                keyid:6D:57:00:91:6F:90:98:3B:D8:E8:9C:D0:5F:E6:29:EC:18:3B:FA:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:aa:66:f7:d0:3b:ea:93:3a:99:9d:38:80:7e:b8:d4:4c:fb:
         6b:ed:e7:1d:06:75:e0:58:4d:a2:5c:21:99:c9:5f:6b:40:fc:
         14:67:55:d6:5a:9c:2b:71:8a:aa:47:60:cb:b8:e5:9f:e6:8d:
         a2:d8:8a:e8:ac:96:42:25:00:b0:7b:c7:99:35:d8:3e:b4:80:
         ca:de:1a:4a:e9:ea:3d:78:ec:5d:69:1e:92:53:b8:0f:05:f5:
         e6:13:2d:38:cf:38:81:96:3f:a0:82:27:49:fa:df:89:0b:63:
         cc:4b:e9:ae:f8:93:2c:e8:17:3a:b8:04:e5:76:c9:9a:44:93:
         46:1b:f6:10:06:fc:9e:48:14:cb:8c:a6:20:33:e2:2d:8c:87:
         48:73:d2:97:48:5b:c4:17:bf:45:ff:24:9e:fe:1a:32:09:9c:
         9c:6e:76:b3:7c:54:10:3d:76:af:c0:f1:29:3c:11:50:38:07:
         f5:64:43:2b:87:97:39:0d:c4:ba:cb:06:ce:21:39:97:ad:aa:
         76:97:5b:27:22:e2:71:36:7a:39:a6:b0:b6:6a:5e:32:aa:f5:
         d4:36:e0:fd:c7:cd:c0:86:9a:0c:d6:fc:be:e7:a0:a6:ef:c9:
         da:4d:4c:88:0a:0b:94:72:aa:7f:a7:07:0d:8b:bc:11:aa:4e:
         39:db:d9:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDimGE1SNiv6y7Q2r7o1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNTcwMDkxNmY5MDk4M2JkOGU4OWNkMDVmZTYyOWVjMTgz
YmZhNTQwHhcNMjUxMTExMDcwMTI5WhcNMjUxMTEyMDcwMTI5WjAzMTEwLwYDVQQD
Eyg0MzlkMzgzMmIzZGE3NGU5MzdjYWFhZDcxZDg5NTQxZjJiNzQ0MmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwimhhO79GlqvW6Zm+F79ynB0y33V
eG4NxUwufnjY/ovebiK7NbtGrw7x68Bf1wZnMhDIIQPWDeqPPnCclEr6sg6O/ZvU
5alGJ3qXpAN7Yl9DYPuGHIE4e2WCtc+kRRvXXvFfxkui8WCUJbCdBbeE9htnieby
qgGzUDqtICudppeelrrD3T0bFNc7Qcbl0YsgbvFCoJ6RouoIC9ikclN0OnO7ZY1/
j2fa3BDnWoBQbyRXwvLWKQWK8SBpvstqtRQlns58LIfc+1gCj3Sqeh0XTvLmjFZj
ojKVUzn4Mz+uXaIDc77rKght8dGxu5T4BUe1UeUwErAffFzqivTN5YJ+wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOdODKz2nTpN8qq1x2JVB8rdELgMB8GA1UdIwQY
MBaAFG1XAJFvkJg72Oic0F/mKewYO/pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85YmZkYjYtMDhiNy00YjFkLThhODgt
OTI2YjM0ODE0MTMwLzEvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85YmZkYjYtMDhiNy00YjFkLThhODgtOTI2YjM0ODE0MTMw
LzEvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqpm99A7
6pM6mZ04gH641Ez7a+3nHQZ14FhNolwhmclfa0D8FGdV1lqcK3GKqkdgy7jln+aN
otiK6KyWQiUAsHvHmTXYPrSAyt4aSunqPXjsXWkeklO4DwX15hMtOM84gZY/oIIn
SfrfiQtjzEvprviTLOgXOrgE5XbJmkSTRhv2EAb8nkgUy4ymIDPiLYyHSHPSl0hb
xBe/Rf8knv4aMgmcnG52s3xUED12r8DxKTwRUDgH9WRDK4eXOQ3EussGziE5l62q
dpdbJyLicTZ6OaawtmpeMqr11Dbg/cfNwIaaDNb8vuegpu/J2k1MiAoLlHKqf6cH
DYu8EapOOdvZfw==
-----END CERTIFICATE-----