Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          nXCDesKCFXgovlsEOlAHymo9Fu9LSxg4BCmLVYBaCaI=
Subject key identifier:   48:ED:CF:A4:0A:8B:1F:43:E6:81:95:5A:D5:56:7E:E4:0E:BB:67:22
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       0199221F0C64A6D8EA6AA9B8C0B0914D3205
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          056D
Signing time:             Sun 07 Sep 2025 03:01:24 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:24 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:24 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: JeDh4PlYC99SgxaVPflkllXMHwHoVBwRGPdklSoy1mk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:0c:64:a6:d8:ea:6a:a9:b8:c0:b0:91:4d:32:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Sep  7 03:01:24 2025 GMT
            Not After : Sep  8 03:01:24 2025 GMT
        Subject: CN=48edcfa40a8b1f43e681955ad5567ee40ebb6722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:94:cc:5b:17:71:25:45:e9:db:68:19:90:28:
                    4b:a7:20:6a:2b:b7:c2:ce:de:6a:32:82:0f:3f:36:
                    61:db:fb:41:1b:38:28:8c:6b:d8:a2:74:01:93:d3:
                    7d:ec:e4:3b:02:6d:4e:47:fc:c3:85:a2:0b:44:8c:
                    85:ac:49:59:81:c8:ec:31:96:cd:af:26:8f:99:a7:
                    03:a1:f1:87:e7:64:7e:fe:54:00:c3:19:13:92:0a:
                    85:43:44:c0:b8:f7:4d:93:1a:2f:eb:39:59:68:c5:
                    e9:c6:fc:b6:58:89:bb:b8:22:4b:71:70:43:37:4c:
                    be:b3:0a:23:46:80:53:69:18:77:24:4e:84:70:4d:
                    1a:05:6c:f1:4e:1d:7e:4b:28:66:35:55:25:b1:b9:
                    5c:61:dd:75:17:2e:f0:08:06:d9:d3:1a:35:9e:03:
                    9a:a0:f7:a7:12:67:87:54:f2:2e:1c:43:99:1a:40:
                    f6:ee:6c:c0:f9:d3:79:9b:32:d6:83:30:e7:44:84:
                    c4:fa:21:eb:13:f3:43:9d:e8:b3:e2:f6:ab:de:0b:
                    c1:84:ed:3d:86:61:6f:57:b8:0d:3a:6c:b4:65:cf:
                    93:1f:24:ce:a0:cb:a1:db:88:5e:2e:b6:e0:53:35:
                    74:cf:67:de:06:5e:37:54:00:45:2b:0e:cd:61:5f:
                    c5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:ED:CF:A4:0A:8B:1F:43:E6:81:95:5A:D5:56:7E:E4:0E:BB:67:22
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:a5:97:3e:6d:58:9f:c7:de:30:56:54:92:55:38:c3:e1:bc:
         80:66:56:ad:07:3a:58:81:c6:e5:8a:b6:46:ff:a3:a4:d1:e1:
         64:f4:52:06:40:6b:5f:b0:41:fe:ea:9c:4c:fa:f6:9f:6f:f0:
         2e:80:ac:6b:06:71:3f:b8:68:48:6f:4e:e5:a9:28:16:13:a8:
         f9:e2:ef:e1:46:0e:d9:3f:6a:af:a7:ed:86:57:06:04:a2:54:
         60:0e:ef:c3:d7:88:49:5a:32:ed:cf:aa:86:0f:6c:7d:c6:dc:
         a5:02:2f:68:7e:1d:ec:f3:e3:a5:09:79:10:7e:b1:6e:91:37:
         f3:f4:44:e7:11:77:3d:1a:e9:36:9e:7c:5b:7d:f2:48:2a:27:
         40:36:c1:6d:97:cb:e3:5f:12:2a:7b:48:9e:01:68:69:b2:ac:
         a8:c8:f2:7c:27:a3:5f:45:9f:9d:78:0e:75:3f:90:47:7c:7e:
         c6:a5:cf:e7:67:49:72:d0:5e:a3:7b:cf:b6:3c:d7:84:31:ca:
         5d:24:e5:db:21:97:21:a7:4d:b5:6d:5d:93:87:8f:02:fb:b7:
         48:05:8c:85:e9:b3:a9:86:b8:92:91:55:6c:9e:07:88:88:2d:
         32:7b:8e:0d:29:5d:8d:5b:d7:25:3b:b9:5c:47:42:22:95:6e:
         4b:14:af:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHwxkptjqaqm4wLCRTTIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUwOTA3MDMwMTI0WhcNMjUwOTA4MDMwMTI0WjAzMTEwLwYDVQQD
Eyg0OGVkY2ZhNDBhOGIxZjQzZTY4MTk1NWFkNTU2N2VlNDBlYmI2NzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pTMWxdxJUXp22gZkChLpyBqK7fC
zt5qMoIPPzZh2/tBGzgojGvYonQBk9N97OQ7Am1OR/zDhaILRIyFrElZgcjsMZbN
ryaPmacDofGH52R+/lQAwxkTkgqFQ0TAuPdNkxov6zlZaMXpxvy2WIm7uCJLcXBD
N0y+swojRoBTaRh3JE6EcE0aBWzxTh1+SyhmNVUlsblcYd11Fy7wCAbZ0xo1ngOa
oPenEmeHVPIuHEOZGkD27mzA+dN5mzLWgzDnRITE+iHrE/NDneiz4var3gvBhO09
hmFvV7gNOmy0Zc+THyTOoMuh24heLrbgUzV0z2feBl43VABFKw7NYV/FAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjtz6QKix9D5oGVWtVWfuQOu2ciMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0aWXPm1Y
n8feMFZUklU4w+G8gGZWrQc6WIHG5Yq2Rv+jpNHhZPRSBkBrX7BB/uqcTPr2n2/w
LoCsawZxP7hoSG9O5akoFhOo+eLv4UYO2T9qr6fthlcGBKJUYA7vw9eISVoy7c+q
hg9sfcbcpQIvaH4d7PPjpQl5EH6xbpE38/RE5xF3PRrpNp58W33ySConQDbBbZfL
418SKntIngFoabKsqMjyfCejX0WfnXgOdT+QR3x+xqXP52dJctBeo3vPtjzXhDHK
XSTl2yGXIadNtW1dk4ePAvu3SAWMhemzqYa4kpFVbJ4HiIgtMnuODSldjVvXJTu5
XEdCIpVuSxSvOg==
-----END CERTIFICATE-----