Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          LQcg/FrX2DHw9Mt0JuA3PqOOwhruQWAvDoYuBGGZ5mo=
Subject key identifier:   FE:92:A1:62:CA:18:1C:D1:FE:2A:AD:78:CF:60:EC:9C:BD:19:D0:E1
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       019A7226110E2E2F8A1B729B52A21C9569A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:28 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: joWcslEQwtzjKOdyjxvQUKfALvPt/WIgCNMMFjt3R5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:11:0e:2e:2f:8a:1b:72:9b:52:a2:1c:95:69:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Nov 11 09:01:28 2025 GMT
            Not After : Nov 12 09:01:28 2025 GMT
        Subject: CN=fe92a162ca181cd1fe2aad78cf60ec9cbd19d0e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:0f:ab:8b:e3:7b:5b:6f:dc:df:20:4e:ff:19:
                    90:b6:40:d2:b7:ce:45:4d:a8:23:7e:e1:d9:cd:0e:
                    a3:62:09:d6:d2:96:fb:15:f8:84:e5:ef:58:ed:c3:
                    18:63:91:d6:87:91:02:7e:8e:b9:4b:56:67:d0:1a:
                    c7:b0:bd:db:8c:c2:df:7a:68:6f:6e:fe:fc:31:b8:
                    3c:d3:1a:57:af:12:07:73:4e:a2:9c:7e:62:6d:e0:
                    06:e0:d6:95:6a:ce:60:81:25:78:af:7e:4f:42:7e:
                    aa:32:94:6f:9a:0e:29:94:8c:fa:e9:30:22:18:31:
                    18:54:b2:f9:3d:2a:cf:71:6c:b3:67:fd:5a:c2:4f:
                    7c:0e:20:2e:a7:27:3d:9c:35:d2:59:bf:24:6f:61:
                    fa:af:4f:3b:b9:10:0e:eb:0c:f4:8f:e6:61:26:5a:
                    c8:83:d0:e1:96:2d:20:a9:ab:02:cf:54:85:7b:78:
                    26:5d:fd:b1:6f:69:e7:72:c0:44:15:ea:e7:3d:a1:
                    84:e8:57:1d:5a:1f:d1:fd:82:dc:97:25:a7:a1:5c:
                    13:af:50:87:d3:69:f5:dc:cc:79:4a:5c:d4:10:a7:
                    d3:7e:b1:37:92:11:67:f7:05:13:2c:fa:6b:fb:dc:
                    11:47:3e:4d:4d:eb:25:3e:62:ad:cf:79:40:33:29:
                    7d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:92:A1:62:CA:18:1C:D1:FE:2A:AD:78:CF:60:EC:9C:BD:19:D0:E1
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:18:0b:d3:a8:05:1d:0d:6a:6a:bd:61:15:19:b0:b4:f4:31:
         82:e8:3c:56:f9:3d:a4:18:14:5b:c2:a4:aa:55:97:2b:c9:be:
         b2:73:c7:a4:8f:a9:42:01:0c:b7:28:fb:37:cc:7f:62:01:72:
         5a:8b:9f:34:c2:8f:65:8c:cb:d9:c1:c1:6a:53:fa:b8:35:7f:
         72:33:38:df:a6:fd:bb:1b:dd:10:fd:07:86:43:f9:74:4b:b7:
         ff:d6:d6:15:9f:7b:eb:5c:e4:21:4a:0d:8e:05:a8:a0:a9:f6:
         44:19:0b:3f:8d:a5:8e:45:73:89:c4:00:e4:33:6c:63:37:57:
         23:59:90:c7:cc:db:06:30:41:bc:ec:40:cd:67:a5:13:32:01:
         67:7b:7f:eb:5c:df:cd:d4:3d:d8:b0:75:ec:5d:01:82:2f:95:
         ec:0c:8f:b8:51:d2:91:0f:66:97:48:bd:c8:44:65:d2:3d:c8:
         b2:81:b8:1c:41:60:32:de:c9:27:44:8d:97:dd:a5:44:21:ea:
         f1:f2:41:f5:83:4f:95:1f:4c:35:f2:81:d8:39:1a:60:38:d1:
         c3:11:91:82:1d:79:8c:4c:f4:86:be:13:e0:23:5c:7f:6e:49:
         14:97:68:57:74:5b:d3:9a:81:5d:b5:80:ea:9c:70:5d:f8:9b:
         86:a8:57:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhEOLi+KG3KbUqIclWmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjUxMTExMDkwMTI4WhcNMjUxMTEyMDkwMTI4WjAzMTEwLwYDVQQD
EyhmZTkyYTE2MmNhMTgxY2QxZmUyYWFkNzhjZjYwZWM5Y2JkMTlkMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw+ri+N7W2/c3yBO/xmQtkDSt85F
TagjfuHZzQ6jYgnW0pb7FfiE5e9Y7cMYY5HWh5ECfo65S1Zn0BrHsL3bjMLfemhv
bv78Mbg80xpXrxIHc06inH5ibeAG4NaVas5ggSV4r35PQn6qMpRvmg4plIz66TAi
GDEYVLL5PSrPcWyzZ/1awk98DiAupyc9nDXSWb8kb2H6r087uRAO6wz0j+ZhJlrI
g9Dhli0gqasCz1SFe3gmXf2xb2nncsBEFernPaGE6FcdWh/R/YLclyWnoVwTr1CH
02n13Mx5SlzUEKfTfrE3khFn9wUTLPpr+9wRRz5NTeslPmKtz3lAMyl9SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6SoWLKGBzR/iqteM9g7Jy9GdDhMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALhgL06gF
HQ1qar1hFRmwtPQxgug8Vvk9pBgUW8KkqlWXK8m+snPHpI+pQgEMtyj7N8x/YgFy
WoufNMKPZYzL2cHBalP6uDV/cjM436b9uxvdEP0HhkP5dEu3/9bWFZ9761zkIUoN
jgWooKn2RBkLP42ljkVzicQA5DNsYzdXI1mQx8zbBjBBvOxAzWelEzIBZ3t/61zf
zdQ92LB17F0Bgi+V7AyPuFHSkQ9ml0i9yERl0j3IsoG4HEFgMt7JJ0SNl92lRCHq
8fJB9YNPlR9MNfKB2DkaYDjRwxGRgh15jEz0hr4T4CNcf25JFJdoV3Rb05qBXbWA
6pxwXfibhqhXnA==
-----END CERTIFICATE-----