Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          StPUVqxVGIdR4F0tX1cahB6rkDWyZrrr5fewc+GZqHU=
Subject key identifier:   E5:22:89:CE:33:65:E1:F3:D1:E5:8E:77:82:40:C8:52:C4:F4:C8:BA
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019923A0A6E374D2A6F37F06CCD38A8C9C99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          1658
Signing time:             Sun 07 Sep 2025 10:02:34 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:34 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:34 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: V1VmEQd3HEFUM0bZ0cvWm977vGqPpQjLtWr5WHVRr1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:a6:e3:74:d2:a6:f3:7f:06:cc:d3:8a:8c:9c:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Sep  7 10:02:34 2025 GMT
            Not After : Sep  8 10:02:34 2025 GMT
        Subject: CN=e52289ce3365e1f3d1e58e778240c852c4f4c8ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:29:f9:fd:1f:43:cb:c8:f7:a2:1c:d2:2e:b3:
                    66:1e:61:c5:8c:2f:1c:ad:86:c4:e6:fc:f9:be:83:
                    f1:71:82:a8:ae:73:4d:16:12:b5:4d:e9:e5:29:74:
                    5d:e7:db:cf:eb:86:a5:b2:0d:63:ef:49:eb:f9:a7:
                    95:23:87:59:66:4a:c3:a1:c3:e7:fd:07:4f:ed:28:
                    21:73:e0:0b:58:3b:33:e2:96:9c:19:17:8d:a0:d6:
                    2e:a1:4d:fa:6f:4b:f5:d5:6b:18:30:97:6b:a4:7a:
                    32:79:6c:20:7b:28:8a:18:19:19:92:50:8b:3f:0e:
                    8b:d8:74:4a:c4:b8:a0:6b:e4:1e:45:bd:91:2b:5c:
                    d2:62:04:61:49:18:b5:57:e3:c7:d9:6d:27:f9:56:
                    c7:40:13:bb:81:9d:b1:6a:e9:b6:72:2d:df:27:d2:
                    1e:db:7c:7b:e9:f4:59:f2:ed:b2:00:22:57:31:85:
                    20:e4:e6:ff:74:fa:d1:96:8b:9c:fe:d0:26:20:2b:
                    7a:ae:17:2d:e3:48:b6:aa:9f:ff:74:af:0d:08:cb:
                    2d:f9:a0:cb:d7:1f:15:0b:b3:dd:aa:d5:ec:64:0d:
                    d9:8b:2f:94:4f:7d:18:1d:63:8a:bf:a5:a0:3f:3c:
                    18:1e:74:80:a6:fb:56:29:98:ce:0f:2a:e1:0f:51:
                    92:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:22:89:CE:33:65:E1:F3:D1:E5:8E:77:82:40:C8:52:C4:F4:C8:BA
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:d3:f6:b4:04:ff:fb:82:36:35:70:89:d9:ee:6f:e3:64:d1:
         2e:0c:59:6a:37:6a:eb:f5:ae:55:53:51:5d:ed:9b:3f:9f:4c:
         5b:05:6e:dd:2e:5b:26:32:d2:18:35:16:49:fa:86:ce:3b:29:
         49:d3:90:7f:e0:e3:03:a2:49:64:3c:9d:39:cf:fe:7e:b9:e5:
         98:6e:81:28:ce:3c:b6:4a:6e:1f:bc:b7:57:0b:ee:bb:f8:82:
         be:5c:e8:fa:51:d1:6e:9b:4e:6e:ef:da:80:17:01:c3:5d:22:
         ad:cc:f9:19:24:26:68:8c:b5:73:3f:01:ed:fb:fd:30:8c:e9:
         6e:ed:5f:c7:b2:00:02:bb:df:c6:2c:62:67:2c:7e:c3:ee:39:
         b2:79:78:40:51:c3:d5:48:35:c0:66:3a:e9:da:3e:13:bd:e3:
         96:8a:da:18:b3:31:35:df:79:51:79:48:7f:55:ea:aa:a8:00:
         62:3f:14:db:48:80:38:e0:dd:ba:b6:50:b8:ed:58:dc:7a:e9:
         53:2a:a3:9e:ab:ec:16:16:19:f9:d2:c4:d4:1a:6d:0f:4e:fd:
         c2:2e:2c:c5:ce:bb:77:9d:50:38:24:2e:a3:0b:c2:85:9f:61:
         c8:d3:72:86:93:91:9b:50:2c:94:d1:4c:bd:f6:b0:74:75:8d:
         bd:a5:1d:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoKbjdNKm838GzNOKjJyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjUwOTA3MTAwMjM0WhcNMjUwOTA4MTAwMjM0WjAzMTEwLwYDVQQD
EyhlNTIyODljZTMzNjVlMWYzZDFlNThlNzc4MjQwYzg1MmM0ZjRjOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCn5/R9Dy8j3ohzSLrNmHmHFjC8c
rYbE5vz5voPxcYKornNNFhK1TenlKXRd59vP64alsg1j70nr+aeVI4dZZkrDocPn
/QdP7Sghc+ALWDsz4pacGReNoNYuoU36b0v11WsYMJdrpHoyeWwgeyiKGBkZklCL
Pw6L2HRKxLiga+QeRb2RK1zSYgRhSRi1V+PH2W0n+VbHQBO7gZ2xaum2ci3fJ9Ie
23x76fRZ8u2yACJXMYUg5Ob/dPrRlouc/tAmICt6rhct40i2qp//dK8NCMst+aDL
1x8VC7PdqtXsZA3Ziy+UT30YHWOKv6WgPzwYHnSApvtWKZjODyrhD1GSvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUiic4zZeHz0eWOd4JAyFLE9Mi6MB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAptP2tAT/
+4I2NXCJ2e5v42TRLgxZajdq6/WuVVNRXe2bP59MWwVu3S5bJjLSGDUWSfqGzjsp
SdOQf+DjA6JJZDydOc/+frnlmG6BKM48tkpuH7y3Vwvuu/iCvlzo+lHRbptObu/a
gBcBw10ircz5GSQmaIy1cz8B7fv9MIzpbu1fx7IAArvfxixiZyx+w+45snl4QFHD
1Ug1wGY66do+E73jloraGLMxNd95UXlIf1XqqqgAYj8U20iAOODdurZQuO1Y3Hrp
UyqjnqvsFhYZ+dLE1BptD079wi4sxc67d51QOCQuowvChZ9hyNNyhpORm1AslNFM
vfawdHWNvaUdpg==
-----END CERTIFICATE-----