Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          rtfds+H3D2PR4R44hCDsLa1z2aSGfG/Bnm74CuGrlm4=
Subject key identifier:   07:D0:7F:F5:4F:61:40:0B:73:FC:3B:97:B9:52:10:89:CB:4F:DD:F8
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       019767E01AEB9CEECC2A2604386A7B215C24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          0488
Signing time:             Fri 13 Jun 2025 06:00:29 +0000
Manifest this update:     Fri 13 Jun 2025 06:00:29 +0000
Manifest next update:     Sat 14 Jun 2025 06:00:29 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: d7zxwocB8tvJ33y9mH1wSVPhPMYIzS0bTY8/cxx6PpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 06:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:e0:1a:eb:9c:ee:cc:2a:26:04:38:6a:7b:21:5c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Jun 13 06:00:29 2025 GMT
            Not After : Jun 14 06:00:29 2025 GMT
        Subject: CN=07d07ff54f61400b73fc3b97b9521089cb4fddf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:52:c3:57:ac:8c:68:4c:86:9f:f6:68:7b:eb:
                    52:84:39:41:fe:f3:bf:26:e4:3c:d5:26:8e:1b:15:
                    b7:3a:cf:76:a2:45:c7:bf:1c:41:24:ad:10:38:0c:
                    c2:db:94:c1:58:4c:66:d0:11:12:58:5a:52:5d:42:
                    2c:36:ba:4b:55:10:e4:b6:bf:01:9e:11:fb:08:02:
                    4a:eb:c3:5f:71:2a:57:cf:f9:73:1f:a4:4a:76:f4:
                    23:2e:00:cd:da:35:93:e0:c4:49:ca:86:ee:83:c8:
                    5b:58:e8:de:00:44:d5:90:84:7c:df:52:eb:98:9a:
                    af:95:c4:55:ff:df:03:a9:fe:75:69:a5:b3:9f:c2:
                    3a:e0:be:4f:46:5f:00:df:bf:24:6a:85:74:1a:c6:
                    1d:e6:1d:82:21:b2:a6:11:a5:da:6d:7c:9f:1d:43:
                    78:6d:62:d3:f0:23:6d:1f:8a:bc:1f:87:cf:70:e3:
                    59:a6:79:fd:62:8f:d7:4c:2e:90:69:97:1c:22:45:
                    7f:b0:46:8c:78:a6:b3:c9:cd:4c:e5:d5:1e:25:e2:
                    1f:07:de:c0:0e:75:39:b1:94:ba:02:00:52:83:3b:
                    e8:f4:63:02:16:52:d2:d4:67:bf:1a:a4:43:1f:cd:
                    b8:93:c3:2a:ce:6d:71:86:29:1c:b5:a3:01:de:d0:
                    a1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:D0:7F:F5:4F:61:40:0B:73:FC:3B:97:B9:52:10:89:CB:4F:DD:F8
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:11:e5:2d:24:19:ec:ed:b5:1e:43:c6:67:b9:04:08:3e:7b:
         cf:89:a7:bc:05:93:a2:91:04:d9:87:85:b5:af:e3:48:16:57:
         45:ca:b6:b9:78:15:10:c8:95:79:03:43:2a:e9:61:7d:cb:97:
         fd:98:e2:f0:a9:71:fb:11:8d:6f:94:67:33:8f:e4:cd:a4:72:
         bc:61:b8:52:c9:1d:5c:10:5a:10:50:1d:20:75:d8:fb:af:13:
         60:1b:6b:02:0d:9d:27:2b:40:74:53:56:68:30:01:8a:66:38:
         50:26:9e:63:3a:ff:ec:fe:1a:c1:d5:e7:e2:18:c8:dd:44:c8:
         08:ae:ae:a4:1d:8c:7f:c5:5a:31:f6:99:77:a8:fa:39:81:30:
         ee:ab:fd:6f:65:9a:55:88:6e:06:be:dc:82:6d:1e:29:54:a9:
         ae:cb:8c:89:73:40:00:b6:b2:84:e0:85:e0:6c:89:62:e1:b3:
         be:d1:e9:a8:4c:6e:91:65:13:94:85:ba:57:8c:93:f7:ad:f8:
         10:75:86:93:08:7e:24:8e:09:64:a1:b6:cb:a9:4b:33:90:62:
         15:e5:73:db:4f:32:ce:06:26:e3:e4:67:a1:89:d7:c3:f9:91:
         29:09:00:3a:ca:a0:2c:05:2c:ef:c3:28:2f:7c:ec:ce:64:b2:
         47:20:fb:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4BrrnO7MKiYEOGp7IVwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUwNjEzMDYwMDI5WhcNMjUwNjE0MDYwMDI5WjAzMTEwLwYDVQQD
EygwN2QwN2ZmNTRmNjE0MDBiNzNmYzNiOTdiOTUyMTA4OWNiNGZkZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVLDV6yMaEyGn/Zoe+tShDlB/vO/
JuQ81SaOGxW3Os92okXHvxxBJK0QOAzC25TBWExm0BESWFpSXUIsNrpLVRDktr8B
nhH7CAJK68NfcSpXz/lzH6RKdvQjLgDN2jWT4MRJyobug8hbWOjeAETVkIR831Lr
mJqvlcRV/98Dqf51aaWzn8I64L5PRl8A378kaoV0GsYd5h2CIbKmEaXabXyfHUN4
bWLT8CNtH4q8H4fPcONZpnn9Yo/XTC6QaZccIkV/sEaMeKazyc1M5dUeJeIfB97A
DnU5sZS6AgBSgzvo9GMCFlLS1Ge/GqRDH824k8Mqzm1xhikctaMB3tChTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfQf/VPYUALc/w7l7lSEInLT934MB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdRHlLSQZ
7O21HkPGZ7kECD57z4mnvAWTopEE2YeFta/jSBZXRcq2uXgVEMiVeQNDKulhfcuX
/Zji8Klx+xGNb5RnM4/kzaRyvGG4UskdXBBaEFAdIHXY+68TYBtrAg2dJytAdFNW
aDABimY4UCaeYzr/7P4awdXn4hjI3UTICK6upB2Mf8VaMfaZd6j6OYEw7qv9b2Wa
VYhuBr7cgm0eKVSprsuMiXNAALayhOCF4GyJYuGzvtHpqExukWUTlIW6V4yT9634
EHWGkwh+JI4JZKG2y6lLM5BiFeVz208yzgYm4+RnoYnXw/mRKQkAOsqgLAUs78Mo
L3zszmSyRyD7HA==
-----END CERTIFICATE-----