Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          japtPyD8BHpE94ECg+WtjigQzIVoumAZ4yWbfAZLgHE=
Subject key identifier:   AC:F9:FD:04:A9:F6:90:02:B4:A2:E2:8E:0D:5A:2A:CD:76:02:AF:CA
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       01989636EC213465AEBD14E884CF09F62EE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          033D
Signing time:             Sun 10 Aug 2025 23:00:38 +0000
Manifest this update:     Sun 10 Aug 2025 23:00:38 +0000
Manifest next update:     Mon 11 Aug 2025 23:00:38 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: bfnTlIzik+uJGwqFEeTUhknU81ati/vwtSwsdWGqS3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 23:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:36:ec:21:34:65:ae:bd:14:e8:84:cf:09:f6:2e:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Aug 10 23:00:38 2025 GMT
            Not After : Aug 11 23:00:38 2025 GMT
        Subject: CN=acf9fd04a9f69002b4a2e28e0d5a2acd7602afca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:43:8a:21:ed:e7:69:9e:f7:19:e8:ca:31:d9:
                    b1:1b:51:1e:29:b2:1a:73:e9:76:de:e6:0b:5e:7b:
                    d6:c4:54:a8:52:76:b6:5a:8a:77:b3:2d:47:53:0e:
                    68:b4:96:8e:4a:9c:19:d4:4b:b4:4a:71:0f:db:2d:
                    cf:72:7e:87:37:ab:3a:71:fb:1c:69:7d:ad:50:17:
                    96:98:1c:8e:eb:4a:0d:c9:32:84:e7:2c:90:6d:56:
                    70:77:e5:7a:59:6d:54:3b:83:44:96:a9:19:ff:24:
                    98:f4:43:9f:5f:1b:63:26:0e:21:94:fe:2e:97:c0:
                    58:d0:f9:8f:aa:4c:6e:29:5b:d0:39:74:10:45:c7:
                    60:9b:94:54:2c:bd:91:b2:bc:d0:92:8a:8f:31:c3:
                    f4:3f:1f:24:37:ba:e1:e5:0b:e2:50:ed:16:e3:17:
                    a6:b2:25:b7:8b:b9:3b:98:6b:77:d2:23:aa:e9:c5:
                    88:24:cb:a0:1e:90:e2:87:2f:ca:8c:66:b4:65:b3:
                    30:09:aa:6b:0b:00:a7:fd:82:bd:d4:45:d8:6b:85:
                    0b:40:7d:fc:44:da:54:05:c2:c1:fe:d4:72:0a:16:
                    a9:44:b9:0e:8a:07:0d:32:6e:e7:df:a4:b9:58:d4:
                    bc:9d:74:62:93:5f:4b:c4:29:7d:3a:6a:f1:ae:32:
                    4c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:F9:FD:04:A9:F6:90:02:B4:A2:E2:8E:0D:5A:2A:CD:76:02:AF:CA
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:fa:3f:10:27:6b:d8:e0:0a:8b:87:de:f5:e1:15:99:c2:8d:
         98:a9:37:ff:bb:16:ff:60:72:2f:77:49:f7:59:49:40:bf:2f:
         26:a2:fc:8c:bb:8c:97:3a:b4:69:a3:48:17:0f:53:f5:76:ff:
         10:4d:20:63:61:c2:36:a3:74:ac:be:b6:2f:db:84:0b:c3:53:
         fd:8a:9f:a9:65:59:08:95:07:33:cb:96:bd:de:aa:ac:d5:0f:
         be:81:ab:8a:aa:98:cd:32:1d:39:4d:0c:d7:a3:59:08:1d:26:
         0b:8c:8f:fc:30:0b:46:e3:9d:cb:10:61:9b:ed:e1:16:0f:ed:
         3c:54:9b:44:da:9d:a1:f6:f8:04:43:7c:b7:11:b9:a7:56:b3:
         56:e4:6f:86:66:36:64:9b:dd:b0:d4:12:8b:e3:4a:72:ee:20:
         c8:6f:58:3b:c0:f6:2e:00:a7:99:20:d6:77:4f:c7:b8:a4:10:
         f6:e2:05:8b:a7:a7:11:13:8a:0d:68:3c:99:c1:64:54:40:ee:
         eb:a2:13:9f:e0:d8:f4:db:7e:29:d3:d4:9f:85:78:4f:61:9d:
         7d:73:75:b3:a8:25:85:8f:49:be:a7:56:c7:89:93:bd:48:20:
         56:88:4b:9b:77:00:bf:85:40:e0:a9:d3:c4:27:4d:0d:4d:47:
         00:29:d4:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWNuwhNGWuvRTohM8J9i7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjUwODEwMjMwMDM4WhcNMjUwODExMjMwMDM4WjAzMTEwLwYDVQQD
EyhhY2Y5ZmQwNGE5ZjY5MDAyYjRhMmUyOGUwZDVhMmFjZDc2MDJhZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90OKIe3naZ73GejKMdmxG1EeKbIa
c+l23uYLXnvWxFSoUna2Wop3sy1HUw5otJaOSpwZ1Eu0SnEP2y3Pcn6HN6s6cfsc
aX2tUBeWmByO60oNyTKE5yyQbVZwd+V6WW1UO4NElqkZ/ySY9EOfXxtjJg4hlP4u
l8BY0PmPqkxuKVvQOXQQRcdgm5RULL2RsrzQkoqPMcP0Px8kN7rh5QviUO0W4xem
siW3i7k7mGt30iOq6cWIJMugHpDihy/KjGa0ZbMwCaprCwCn/YK91EXYa4ULQH38
RNpUBcLB/tRyChapRLkOigcNMm7n36S5WNS8nXRik19LxCl9OmrxrjJM9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKz5/QSp9pACtKLijg1aKs12Aq/KMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvo/ECdr
2OAKi4fe9eEVmcKNmKk3/7sW/2ByL3dJ91lJQL8vJqL8jLuMlzq0aaNIFw9T9Xb/
EE0gY2HCNqN0rL62L9uEC8NT/YqfqWVZCJUHM8uWvd6qrNUPvoGriqqYzTIdOU0M
16NZCB0mC4yP/DALRuOdyxBhm+3hFg/tPFSbRNqdofb4BEN8txG5p1azVuRvhmY2
ZJvdsNQSi+NKcu4gyG9YO8D2LgCnmSDWd0/HuKQQ9uIFi6enEROKDWg8mcFkVEDu
66ITn+DY9Nt+KdPUn4V4T2GdfXN1s6glhY9JvqdWx4mTvUggVohLm3cAv4VA4KnT
xCdNDU1HACnUrg==
-----END CERTIFICATE-----