Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
File:                     stNBgAdlZtcr7mHzoybFbgq7gEo.mft (raw, json)
Hash identifier:          hwH0+oqUZTBLmB4CW7i9rN+owff9NhC5kmnO2zLV77Y=
Subject key identifier:   F6:56:A4:20:BB:16:7A:03:19:EC:BC:BD:93:0D:60:E0:66:A7:9F:C7
Authority key identifier: B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A
Certificate issuer:       /CN=b2d34180076566d72bee61f3a326c56e0abb804a
Certificate serial:       0199239F9FEBC64FB74DC36CA0899E7CFD3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
Manifest number:          0F4B
Signing time:             Sun 07 Sep 2025 10:01:27 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:27 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:27 +0000
Files and hashes:         1: stNBgAdlZtcr7mHzoybFbgq7gEo.crl (hash: xnVCb8rcUD25PQt6SGaRBMrzd4AQwcp+VC+3HLPBsno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:9f:eb:c6:4f:b7:4d:c3:6c:a0:89:9e:7c:fd:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2d34180076566d72bee61f3a326c56e0abb804a
        Validity
            Not Before: Sep  7 10:01:27 2025 GMT
            Not After : Sep  8 10:01:27 2025 GMT
        Subject: CN=f656a420bb167a0319ecbcbd930d60e066a79fc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b0:95:a5:c8:d7:1a:d2:14:92:8a:45:15:42:
                    a1:d7:9d:91:83:ff:51:9c:70:29:32:05:1d:8a:de:
                    87:59:0c:c5:b1:29:cb:e0:9e:7d:a7:88:0a:2c:ef:
                    8d:f4:1c:2a:fd:11:83:f9:d8:b8:21:65:0e:95:2e:
                    b8:b2:8e:cf:ae:c1:db:4a:2e:a2:72:6a:29:6d:7c:
                    b2:47:1c:69:21:b2:64:c4:40:f1:34:54:1b:37:69:
                    e1:e8:86:5d:fc:e3:6a:64:32:96:13:85:35:38:b4:
                    da:b5:b9:60:ea:22:6a:e8:13:de:45:1a:5e:b7:de:
                    ab:07:97:26:28:16:d1:0e:d7:bc:4a:18:0f:a5:22:
                    d5:7d:8b:8f:19:72:83:b7:3a:2c:42:cc:ab:dc:59:
                    a6:60:ca:3f:ec:7b:5e:5a:3f:29:38:5e:e4:83:86:
                    96:30:22:6e:5e:fc:94:c5:f0:91:cb:c0:e7:7a:5b:
                    81:fe:8f:10:9c:16:0b:1a:bf:01:c9:0b:ff:ed:11:
                    9f:b5:52:4c:ae:c3:ca:cc:88:d9:77:12:5b:21:52:
                    85:73:a6:db:8a:cd:38:ac:78:14:ff:46:40:32:56:
                    ba:14:4e:4f:fa:81:f2:d2:e2:1a:6d:69:ce:9c:66:
                    ef:b6:5c:ac:5d:38:8c:9e:14:62:a8:03:fa:73:8f:
                    d6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:56:A4:20:BB:16:7A:03:19:EC:BC:BD:93:0D:60:E0:66:A7:9F:C7
            X509v3 Authority Key Identifier:
                keyid:B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:7f:30:5f:e6:62:6f:11:b3:e6:8b:df:24:6e:64:b7:f3:d3:
         56:f9:f6:bb:88:55:ef:7f:49:25:88:40:5c:3e:cf:06:88:f1:
         c0:9f:17:dc:1a:dd:80:12:7e:74:7d:36:95:74:6c:b2:a0:8a:
         60:7a:8f:06:d3:7c:ee:9f:35:b0:31:ff:14:1c:10:8b:2e:bd:
         12:79:01:38:1b:1d:ab:e8:8f:0f:b9:c4:f8:0f:da:e3:fd:0e:
         84:e8:ac:78:d2:37:e3:4c:84:f1:73:48:c5:89:0a:23:65:d4:
         58:ce:40:74:93:16:8d:d8:87:a3:b8:1e:34:d5:8b:95:9d:68:
         c1:a0:28:ce:2f:2a:4c:f6:8c:a7:5e:b2:80:ab:85:42:db:35:
         54:58:47:a6:a4:d9:1a:aa:b5:48:bd:22:9f:e2:5b:07:68:87:
         84:b0:54:27:58:88:6b:57:d9:ee:57:8e:e7:48:ed:fa:f4:aa:
         01:09:66:25:1b:36:24:71:e9:68:f3:e8:a8:31:56:4f:62:6f:
         2e:80:bc:7c:8b:e1:de:fd:93:3c:b7:3f:47:d5:96:00:f7:38:
         20:be:e8:6b:e2:95:28:2f:29:74:ba:8a:2e:4a:c1:b5:c4:e6:
         53:ac:97:66:b2:5c:39:34:f5:3b:f6:3b:99:1a:18:d3:77:33:
         94:0a:c6:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn5/rxk+3TcNsoImefP0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDM0MTgwMDc2NTY2ZDcyYmVlNjFmM2EzMjZjNTZlMGFi
YjgwNGEwHhcNMjUwOTA3MTAwMTI3WhcNMjUwOTA4MTAwMTI3WjAzMTEwLwYDVQQD
EyhmNjU2YTQyMGJiMTY3YTAzMTllY2JjYmQ5MzBkNjBlMDY2YTc5ZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbCVpcjXGtIUkopFFUKh152Rg/9R
nHApMgUdit6HWQzFsSnL4J59p4gKLO+N9Bwq/RGD+di4IWUOlS64so7PrsHbSi6i
cmopbXyyRxxpIbJkxEDxNFQbN2nh6IZd/ONqZDKWE4U1OLTatblg6iJq6BPeRRpe
t96rB5cmKBbRDte8ShgPpSLVfYuPGXKDtzosQsyr3FmmYMo/7HteWj8pOF7kg4aW
MCJuXvyUxfCRy8DneluB/o8QnBYLGr8ByQv/7RGftVJMrsPKzIjZdxJbIVKFc6bb
is04rHgU/0ZAMla6FE5P+oHy0uIabWnOnGbvtlysXTiMnhRiqAP6c4/WXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZWpCC7FnoDGey8vZMNYOBmp5/HMB8GA1UdIwQY
MBaAFLLTQYAHZWbXK+5h86MmxW4Ku4BKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2It
NzBkN2Y4ZjQ5MjVhLzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2ItNzBkN2Y4ZjQ5MjVh
LzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ38wX+Zi
bxGz5ovfJG5kt/PTVvn2u4hV739JJYhAXD7PBojxwJ8X3BrdgBJ+dH02lXRssqCK
YHqPBtN87p81sDH/FBwQiy69EnkBOBsdq+iPD7nE+A/a4/0OhOiseNI340yE8XNI
xYkKI2XUWM5AdJMWjdiHo7geNNWLlZ1owaAozi8qTPaMp16ygKuFQts1VFhHpqTZ
Gqq1SL0in+JbB2iHhLBUJ1iIa1fZ7leO50jt+vSqAQlmJRs2JHHpaPPoqDFWT2Jv
LoC8fIvh3v2TPLc/R9WWAPc4IL7oa+KVKC8pdLqKLkrBtcTmU6yXZrJcOTT1O/Y7
mRoY03czlArGww==
-----END CERTIFICATE-----