Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          DytuGsLn2HlQUU5hTIp9ohdSG4UpaWF8uEfhcULv9+o=
Subject key identifier:   82:0D:B1:9E:91:66:23:35:D6:A7:A2:8F:2F:46:E7:4C:B1:5B:3E:58
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       0197586D0DECBFCA6D5D97EE05A9BF03DDF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          0480
Signing time:             Tue 10 Jun 2025 06:00:31 +0000
Manifest this update:     Tue 10 Jun 2025 06:00:31 +0000
Manifest next update:     Wed 11 Jun 2025 06:00:31 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: D+eRjP8c6QuaeiLiu/EnBJqE4HJKsZzxeCGj4WRfoec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 06:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:6d:0d:ec:bf:ca:6d:5d:97:ee:05:a9:bf:03:dd:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Jun 10 06:00:31 2025 GMT
            Not After : Jun 11 06:00:31 2025 GMT
        Subject: CN=820db19e91662335d6a7a28f2f46e74cb15b3e58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d4:95:73:ff:59:28:3e:d5:ce:9e:b1:a9:fd:
                    ab:45:a0:9c:be:a6:dc:f1:71:28:ee:f2:5c:31:cd:
                    c9:96:cb:33:36:9f:f6:43:52:4f:0f:6b:5e:46:ca:
                    4b:49:8a:a9:e0:d6:2b:18:0a:0f:0c:02:e0:17:a3:
                    89:33:04:d0:68:9f:c7:68:a1:b9:de:be:1d:c6:87:
                    ef:15:5b:0b:6b:d0:f7:f2:cc:56:3b:75:4d:59:7f:
                    ba:0c:7e:21:bd:15:d1:14:2b:9e:b4:99:cf:61:31:
                    6e:78:39:a8:cd:c4:6c:3c:a7:a1:d3:2f:21:f3:c5:
                    62:cb:8b:c1:e8:8c:ef:68:4e:80:4f:3b:16:6a:fd:
                    13:a5:09:f4:d1:7e:f7:6a:1a:f9:fc:e7:05:96:29:
                    fd:68:5e:2c:72:87:73:12:e1:19:42:0f:23:68:3f:
                    e7:91:ae:9f:7f:64:36:8b:6b:81:00:90:52:47:27:
                    3b:ff:f8:b8:ad:75:c6:1c:b1:83:33:f6:f3:81:f1:
                    f0:8a:ee:36:9c:17:dc:cb:b5:e6:a6:11:69:24:4f:
                    13:ad:fc:21:50:f7:9c:c7:a9:b9:48:11:3c:79:cf:
                    68:6b:e8:36:22:4f:03:50:27:a8:93:f6:ab:45:f6:
                    11:0e:55:3a:ae:29:7c:cf:1a:c4:fe:18:b9:b3:4c:
                    ab:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:0D:B1:9E:91:66:23:35:D6:A7:A2:8F:2F:46:E7:4C:B1:5B:3E:58
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:08:c1:6b:71:c8:5a:0f:7a:cc:bc:ab:bf:7f:bb:e8:fd:cb:
         b4:3d:5e:ed:38:7a:92:7c:09:b3:27:35:f3:c1:2b:39:13:9f:
         44:10:89:fb:68:b0:c6:03:9f:23:a0:60:ea:9e:c8:5f:c8:54:
         7b:04:01:99:94:e8:ec:86:79:88:3d:08:a1:2e:15:04:73:e0:
         ea:23:da:2b:81:00:70:5f:30:34:a9:f7:17:8e:b4:b4:33:0e:
         27:88:fe:28:e7:51:55:e4:b0:3c:4f:77:ad:92:c1:41:57:c0:
         27:39:16:bb:ac:03:2c:47:da:8d:d5:fa:dc:d7:7d:86:04:af:
         e7:49:f7:39:94:ed:d7:14:7c:bc:85:79:5f:9a:7f:02:65:72:
         97:15:87:da:73:58:c8:b3:26:bc:72:ab:10:1f:91:84:5c:20:
         af:91:26:2d:0c:46:04:91:e3:8f:92:76:7c:b7:c9:56:d5:44:
         3d:51:4f:37:da:42:34:f1:cd:86:7d:41:88:bb:32:f5:13:fa:
         61:c4:b1:45:b0:67:99:d4:1c:41:47:e2:7e:c1:29:c0:9b:f0:
         7a:51:95:7f:12:95:c8:ab:9c:8c:d8:72:49:96:fe:ae:d0:4c:
         73:37:9b:b8:48:46:c0:38:b3:20:81:31:ae:32:ae:77:ba:f7:
         45:9a:f8:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYbQ3sv8ptXZfuBam/A93xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUwNjEwMDYwMDMxWhcNMjUwNjExMDYwMDMxWjAzMTEwLwYDVQQD
Eyg4MjBkYjE5ZTkxNjYyMzM1ZDZhN2EyOGYyZjQ2ZTc0Y2IxNWIzZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9SVc/9ZKD7Vzp6xqf2rRaCcvqbc
8XEo7vJcMc3JlsszNp/2Q1JPD2teRspLSYqp4NYrGAoPDALgF6OJMwTQaJ/HaKG5
3r4dxofvFVsLa9D38sxWO3VNWX+6DH4hvRXRFCuetJnPYTFueDmozcRsPKeh0y8h
88Viy4vB6IzvaE6ATzsWav0TpQn00X73ahr5/OcFlin9aF4scodzEuEZQg8jaD/n
ka6ff2Q2i2uBAJBSRyc7//i4rXXGHLGDM/bzgfHwiu42nBfcy7XmphFpJE8Trfwh
UPecx6m5SBE8ec9oa+g2Ik8DUCeok/arRfYRDlU6ril8zxrE/hi5s0yrVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIINsZ6RZiM11qeijy9G50yxWz5YMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcAjBa3HI
Wg96zLyrv3+76P3LtD1e7Th6knwJsyc188ErOROfRBCJ+2iwxgOfI6Bg6p7IX8hU
ewQBmZTo7IZ5iD0IoS4VBHPg6iPaK4EAcF8wNKn3F460tDMOJ4j+KOdRVeSwPE93
rZLBQVfAJzkWu6wDLEfajdX63Nd9hgSv50n3OZTt1xR8vIV5X5p/AmVylxWH2nNY
yLMmvHKrEB+RhFwgr5EmLQxGBJHjj5J2fLfJVtVEPVFPN9pCNPHNhn1BiLsy9RP6
YcSxRbBnmdQcQUfifsEpwJvwelGVfxKVyKucjNhySZb+rtBMczebuEhGwDizIIEx
rjKud7r3RZr4vg==
-----END CERTIFICATE-----