Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
File:                     bgC7pk9Ra41jNaAc8wS4It7hrtA.mft (raw, json)
Hash identifier:          5XxMCU35hAS/tXB+8ove2cgyiGcrGeqHyJnbujNeNWo=
Subject key identifier:   20:4A:7A:DE:D3:34:F5:E6:5A:D2:8D:20:9E:FB:1C:FF:00:4A:FA:32
Authority key identifier: 6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0
Certificate issuer:       /CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
Certificate serial:       019A4DE15A41D898739834F44DD1511A9609
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 08:00:05 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:05 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:05 +0000
Files and hashes:         1: bgC7pk9Ra41jNaAc8wS4It7hrtA.crl (hash: M20DH2ERc2y5fKiPTLtXTBkIEESMic5jpiPFNJW+rRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:5a:41:d8:98:73:98:34:f4:4d:d1:51:1a:96:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
        Validity
            Not Before: Nov  4 08:00:05 2025 GMT
            Not After : Nov  5 08:00:05 2025 GMT
        Subject: CN=204a7aded334f5e65ad28d209efb1cff004afa32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:32:e4:46:98:bb:d9:14:48:f5:c6:d8:32:5b:
                    dd:18:b9:5f:fe:de:4c:3d:1a:ea:87:1d:8b:01:15:
                    66:f4:1d:6e:85:6f:ec:5b:3a:01:46:98:f0:cd:18:
                    8d:5d:fd:74:34:52:6b:7d:e6:bc:6c:6c:33:e0:19:
                    d7:de:d4:bd:17:88:4f:2c:32:24:d0:34:48:fa:91:
                    3c:a6:0f:54:34:0b:a8:13:cb:13:a3:56:b0:f9:fb:
                    65:7e:53:e9:61:d5:d0:81:16:fb:ba:d4:fa:70:77:
                    58:b6:51:13:a1:d4:e6:84:82:ab:3c:48:b3:c9:3c:
                    4d:10:9c:da:72:ae:b8:3e:d5:60:09:cc:a5:36:12:
                    f0:f2:92:c1:22:4b:cb:14:ac:1d:b8:fa:70:b3:0b:
                    26:82:a1:f4:98:b4:e6:f6:a1:db:2b:90:c4:53:cc:
                    35:c4:b5:d5:00:85:5c:77:89:6e:93:a0:e7:5c:e2:
                    00:f5:e8:e0:2f:2a:f0:f6:47:96:e4:7c:2e:cb:5c:
                    7d:5e:ea:cd:8c:4a:8c:e9:3b:63:5d:a8:f3:1a:70:
                    ff:6d:1f:c6:4f:a3:31:59:b7:1d:67:19:7f:af:fb:
                    75:09:a4:b7:17:5a:8d:27:78:a1:3d:23:53:94:7b:
                    fe:cd:b0:67:6a:c0:52:f6:8c:2b:33:91:77:47:a0:
                    0a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:4A:7A:DE:D3:34:F5:E6:5A:D2:8D:20:9E:FB:1C:FF:00:4A:FA:32
            X509v3 Authority Key Identifier:
                keyid:6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:db:8d:49:e3:31:af:bb:c8:1a:ba:fe:e4:9c:99:cc:cc:9e:
         8b:76:12:95:b4:f9:90:41:5a:26:30:3b:84:52:75:71:35:11:
         66:a9:47:3b:56:90:96:53:3f:94:ab:e8:58:1d:37:59:01:ac:
         8e:be:24:03:a1:18:a4:4e:4a:0c:b5:fe:61:8a:14:b5:67:22:
         fc:2d:35:f4:06:5e:78:d5:86:dc:bb:67:8b:21:a7:94:e5:48:
         1e:93:da:9f:06:db:1e:91:03:19:c2:30:c7:95:bf:54:6a:17:
         ef:19:ad:5e:39:eb:b7:4c:75:8d:5a:9e:b3:6a:20:fe:f1:1f:
         c0:b0:c7:c1:ed:7d:68:5f:5f:5e:bf:cd:18:a1:2d:7e:94:e9:
         75:8a:2e:90:4b:37:a5:ea:64:99:04:4e:fe:ec:06:1b:b0:64:
         16:2a:6c:be:70:dd:3c:72:80:58:15:95:d8:1b:53:c4:0e:54:
         63:a4:71:d5:ad:da:63:f9:c0:29:91:98:51:b6:9f:e0:19:ec:
         92:a2:89:d5:27:4e:75:50:e9:06:bc:f2:e9:b2:dd:21:58:2f:
         80:d4:24:2f:30:ca:88:e5:dc:82:99:68:76:00:c0:ef:10:e5:
         54:8e:99:69:19:7f:74:fb:0a:99:91:14:ed:3e:27:7f:22:f6:
         d8:6f:96:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4VpB2JhzmDT0TdFRGpYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMDBiYmE2NGY1MTZiOGQ2MzM1YTAxY2YzMDRiODIyZGVl
MWFlZDAwHhcNMjUxMTA0MDgwMDA1WhcNMjUxMTA1MDgwMDA1WjAzMTEwLwYDVQQD
EygyMDRhN2FkZWQzMzRmNWU2NWFkMjhkMjA5ZWZiMWNmZjAwNGFmYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujLkRpi72RRI9cbYMlvdGLlf/t5M
PRrqhx2LARVm9B1uhW/sWzoBRpjwzRiNXf10NFJrfea8bGwz4BnX3tS9F4hPLDIk
0DRI+pE8pg9UNAuoE8sTo1aw+ftlflPpYdXQgRb7utT6cHdYtlETodTmhIKrPEiz
yTxNEJzacq64PtVgCcylNhLw8pLBIkvLFKwduPpwswsmgqH0mLTm9qHbK5DEU8w1
xLXVAIVcd4luk6DnXOIA9ejgLyrw9keW5Hwuy1x9XurNjEqM6TtjXajzGnD/bR/G
T6MxWbcdZxl/r/t1CaS3F1qNJ3ihPSNTlHv+zbBnasBS9owrM5F3R6AKBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBKet7TNPXmWtKNIJ77HP8ASvoyMB8GA1UdIwQY
MBaAFG4Au6ZPUWuNYzWgHPMEuCLe4a7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQt
NTc1Y2Y1ZDMzNWU0LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQtNTc1Y2Y1ZDMzNWU0
LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfduNSeMx
r7vIGrr+5JyZzMyei3YSlbT5kEFaJjA7hFJ1cTURZqlHO1aQllM/lKvoWB03WQGs
jr4kA6EYpE5KDLX+YYoUtWci/C019AZeeNWG3LtniyGnlOVIHpPanwbbHpEDGcIw
x5W/VGoX7xmtXjnrt0x1jVqes2og/vEfwLDHwe19aF9fXr/NGKEtfpTpdYoukEs3
pepkmQRO/uwGG7BkFipsvnDdPHKAWBWV2BtTxA5UY6Rx1a3aY/nAKZGYUbaf4Bns
kqKJ1SdOdVDpBrzy6bLdIVgvgNQkLzDKiOXcgplodgDA7xDlVI6ZaRl/dPsKmZEU
7T4nfyL22G+WLw==
-----END CERTIFICATE-----