Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          urj00vC7t4nHUGNKBOj3P3/dmD+/0WZKsq2GDtGG3HM=
Subject key identifier:   F7:F7:8B:AA:5F:A2:0F:41:19:63:FE:9C:91:F4:A5:04:FF:C4:BF:2D
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019681346F7EBC14671D580447C94156F26A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          0229
Signing time:             Tue 29 Apr 2025 11:00:19 +0000
Manifest this update:     Tue 29 Apr 2025 11:00:19 +0000
Manifest next update:     Wed 30 Apr 2025 11:00:19 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: SRrc5v+1Hfg7OtPc2nM7XinrDDmDwlU3zuuP6Li2wAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 11:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:34:6f:7e:bc:14:67:1d:58:04:47:c9:41:56:f2:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Apr 29 11:00:19 2025 GMT
            Not After : Apr 30 11:00:19 2025 GMT
        Subject: CN=f7f78baa5fa20f411963fe9c91f4a504ffc4bf2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:da:1a:e6:2e:eb:f9:37:fd:c7:ea:64:63:70:
                    39:9b:d3:d2:34:eb:02:7c:a0:2a:3d:bf:6a:13:ac:
                    60:81:3a:72:64:c5:00:3a:d2:d9:e8:1c:09:d4:d7:
                    e5:b8:ba:37:4f:50:3b:46:fc:ed:59:ee:57:49:3a:
                    39:07:4a:ff:00:23:18:7b:4f:4f:71:9a:48:2b:f0:
                    b7:f8:6a:ab:cb:ab:01:2c:1d:37:c1:4f:3f:b2:97:
                    a7:a0:de:a0:73:85:a4:d1:c4:1c:a9:cd:4e:9f:72:
                    f7:d5:60:1c:de:50:f8:f5:6d:f0:b6:b3:7e:cc:d5:
                    34:58:c5:02:b5:52:6f:36:cd:64:25:36:8d:c5:43:
                    b7:74:9e:76:71:aa:74:bc:5a:17:52:9f:2e:17:9f:
                    45:f3:e5:45:69:b7:17:00:9b:4c:2b:a7:d9:cb:1b:
                    43:c0:43:c6:9d:45:cc:a8:63:6a:38:9a:1e:40:d2:
                    16:49:b6:c3:0e:c6:e9:e7:e3:f5:e7:cf:0b:0a:65:
                    21:f7:ec:4a:0b:22:04:f2:86:3d:e4:ef:19:41:2f:
                    0b:ed:6f:c2:2d:b7:98:11:0c:96:c2:93:1d:95:fb:
                    7a:15:87:03:ec:45:95:81:70:a8:3b:f8:97:fb:b2:
                    52:cc:29:7d:0c:31:07:fb:d5:ba:c6:a3:06:23:63:
                    e0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:F7:8B:AA:5F:A2:0F:41:19:63:FE:9C:91:F4:A5:04:FF:C4:BF:2D
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:50:f7:87:19:4e:d2:f8:a0:5b:d6:2d:fc:6c:33:94:b7:4d:
         34:53:0a:b6:86:9a:ab:84:eb:f2:f2:c9:b2:63:1b:9c:24:fa:
         79:63:82:26:65:80:48:6b:6c:6e:f2:9a:1b:5c:c7:1b:4a:00:
         8b:bc:8a:66:3e:ff:cf:ff:37:4b:63:c9:ac:32:a9:8f:0d:94:
         0c:3e:4b:94:ed:37:32:98:9f:60:1f:89:35:01:b2:f9:14:34:
         62:6e:40:92:88:44:26:52:47:eb:56:b1:96:ae:ef:fc:49:a4:
         29:12:87:48:ba:d2:1c:6a:dd:39:97:05:96:16:33:05:d1:e2:
         27:8a:cc:26:6b:57:f6:a9:d4:46:13:2f:bb:29:b8:30:63:94:
         81:c2:37:74:6f:32:e5:cd:85:07:bb:a3:ea:c5:45:26:59:41:
         b0:ec:cd:c2:8e:e8:f8:04:dd:e0:c4:b3:f7:cf:ff:dd:b2:96:
         03:ff:c4:0d:13:90:9d:d6:68:b4:de:0d:1f:a6:0e:08:f3:13:
         19:17:e7:35:cd:ee:a6:38:06:08:24:0c:f9:c0:06:d9:58:41:
         4e:68:08:97:f4:b1:6a:d7:7b:4d:33:6a:ee:88:2e:0d:5b:d2:
         44:6d:7f:b9:cf:f6:e8:55:fe:46:3a:11:63:94:94:37:bc:a9:
         61:ac:c2:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBNG9+vBRnHVgER8lBVvJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwNDI5MTEwMDE5WhcNMjUwNDMwMTEwMDE5WjAzMTEwLwYDVQQD
EyhmN2Y3OGJhYTVmYTIwZjQxMTk2M2ZlOWM5MWY0YTUwNGZmYzRiZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9oa5i7r+Tf9x+pkY3A5m9PSNOsC
fKAqPb9qE6xggTpyZMUAOtLZ6BwJ1NfluLo3T1A7RvztWe5XSTo5B0r/ACMYe09P
cZpIK/C3+Gqry6sBLB03wU8/spenoN6gc4Wk0cQcqc1On3L31WAc3lD49W3wtrN+
zNU0WMUCtVJvNs1kJTaNxUO3dJ52cap0vFoXUp8uF59F8+VFabcXAJtMK6fZyxtD
wEPGnUXMqGNqOJoeQNIWSbbDDsbp5+P1588LCmUh9+xKCyIE8oY95O8ZQS8L7W/C
LbeYEQyWwpMdlft6FYcD7EWVgXCoO/iX+7JSzCl9DDEH+9W6xqMGI2PgVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPf3i6pfog9BGWP+nJH0pQT/xL8tMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1D3hxlO
0vigW9Yt/GwzlLdNNFMKtoaaq4Tr8vLJsmMbnCT6eWOCJmWASGtsbvKaG1zHG0oA
i7yKZj7/z/83S2PJrDKpjw2UDD5LlO03MpifYB+JNQGy+RQ0Ym5AkohEJlJH61ax
lq7v/EmkKRKHSLrSHGrdOZcFlhYzBdHiJ4rMJmtX9qnURhMvuym4MGOUgcI3dG8y
5c2FB7uj6sVFJllBsOzNwo7o+ATd4MSz98//3bKWA//EDROQndZotN4NH6YOCPMT
GRfnNc3upjgGCCQM+cAG2VhBTmgIl/Sxatd7TTNq7oguDVvSRG1/uc/26FX+RjoR
Y5SUN7ypYazC4g==
-----END CERTIFICATE-----