Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
File:                     bnnOupU7B9qiKvPIqrKxzU4iSNA.mft (raw, json)
Hash identifier:          0vlU5YevEmyTnd8Yow1gGmtDzxSOLhxSp6SYo5BhgC8=
Subject key identifier:   05:C8:02:4B:49:92:C1:AC:93:39:72:7E:6A:8D:40:D7:FA:DD:DF:C1
Authority key identifier: 6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0
Certificate issuer:       /CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
Certificate serial:       019A4EF490F3E9032402046CE302ABD819C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
Manifest number:          078F
Signing time:             Tue 04 Nov 2025 13:00:41 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:41 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:41 +0000
Files and hashes:         1: bnnOupU7B9qiKvPIqrKxzU4iSNA.crl (hash: rT2spbuU2RN0CMyTv0DPcwfCPyXtui/xLrtFjyvCLt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:90:f3:e9:03:24:02:04:6c:e3:02:ab:d8:19:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
        Validity
            Not Before: Nov  4 13:00:41 2025 GMT
            Not After : Nov  5 13:00:41 2025 GMT
        Subject: CN=05c8024b4992c1ac9339727e6a8d40d7fadddfc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:dd:98:b4:40:4c:97:53:ac:00:62:2b:4c:11:
                    eb:ce:3a:11:c7:59:bf:99:2b:59:9f:7f:7e:fd:ab:
                    3a:69:e2:34:2e:b6:b3:8c:8a:6f:3a:ac:ec:94:79:
                    37:45:43:fd:75:62:91:6a:ce:81:1b:48:61:5f:d7:
                    5c:6b:73:63:36:6e:21:9a:60:65:93:08:3f:30:f9:
                    b2:e8:17:ed:9a:f8:5a:1c:44:26:c6:0e:44:ce:2e:
                    92:9f:1f:a2:8b:88:37:87:0c:13:1f:cc:ed:3c:32:
                    e2:0c:8c:b9:62:4f:8b:b2:89:2e:85:91:ba:95:24:
                    ca:37:54:b5:15:6c:4b:d9:f0:eb:aa:ab:12:6e:59:
                    60:65:48:34:9a:21:ea:d6:db:25:e6:66:a5:ef:25:
                    d9:b1:1f:80:24:35:d6:98:29:89:9f:c9:77:ee:5c:
                    e4:ea:f9:48:99:99:e2:67:c8:da:01:c9:14:c2:5c:
                    5a:6f:48:8f:92:dd:07:2c:0b:61:9c:ca:39:e0:e6:
                    74:52:2d:ad:a5:a3:d6:8b:4e:80:fa:74:e2:d1:36:
                    e9:f2:7e:73:cb:56:67:85:7c:ae:8e:05:a5:94:70:
                    56:5a:58:e9:fb:9c:0a:f6:66:d4:ae:67:12:7b:5b:
                    f1:dc:95:ab:90:d2:d6:0c:f6:7c:95:da:15:d4:80:
                    65:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:C8:02:4B:49:92:C1:AC:93:39:72:7E:6A:8D:40:D7:FA:DD:DF:C1
            X509v3 Authority Key Identifier:
                keyid:6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:65:04:81:9a:d1:91:22:69:36:75:95:07:5a:0d:20:63:22:
         ec:34:ba:77:1e:55:97:5b:0d:eb:62:59:2b:db:9d:8f:fd:67:
         e8:72:67:61:4a:3d:d7:d8:47:5f:1a:ca:5f:b8:66:cd:c1:f4:
         03:d3:47:37:67:91:23:13:25:aa:9c:68:cf:95:ff:12:6d:0f:
         f8:c1:83:b7:45:73:83:b3:cd:e0:17:33:81:42:c2:2d:a3:d6:
         d5:ee:0b:ba:cb:56:84:1d:cd:a3:bc:50:99:a1:7f:99:26:9e:
         08:8a:db:cf:5d:18:ca:3f:ad:cc:fe:c0:a5:67:f3:ef:b0:84:
         ed:46:90:b4:70:9f:0a:ea:db:26:75:7e:52:16:73:a2:2f:72:
         5b:d5:77:96:3d:cc:ef:8b:b4:fa:f7:c3:c7:21:b6:17:a4:42:
         49:b5:a0:18:c6:09:7c:e0:9c:5a:fb:39:84:27:24:d0:d2:cf:
         ab:7c:b8:67:d9:1c:69:f6:a7:48:a9:07:54:e8:78:d6:32:74:
         3b:35:3c:1d:f7:03:24:fd:b9:26:3d:d6:35:0b:06:62:e5:1e:
         9d:23:ca:2d:67:a5:d8:05:12:e0:5d:5c:3c:f3:cd:95:bd:a6:
         5d:46:fb:ef:9a:b6:99:e7:29:67:6b:f6:7c:7c:c5:ad:5e:a9:
         67:10:91:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9JDz6QMkAgRs4wKr2BnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNzljZWJhOTUzYjA3ZGFhMjJhZjNjOGFhYjJiMWNkNGUy
MjQ4ZDAwHhcNMjUxMTA0MTMwMDQxWhcNMjUxMTA1MTMwMDQxWjAzMTEwLwYDVQQD
EygwNWM4MDI0YjQ5OTJjMWFjOTMzOTcyN2U2YThkNDBkN2ZhZGRkZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv92YtEBMl1OsAGIrTBHrzjoRx1m/
mStZn39+/as6aeI0LrazjIpvOqzslHk3RUP9dWKRas6BG0hhX9dca3NjNm4hmmBl
kwg/MPmy6BftmvhaHEQmxg5Ezi6Snx+ii4g3hwwTH8ztPDLiDIy5Yk+LsokuhZG6
lSTKN1S1FWxL2fDrqqsSbllgZUg0miHq1tsl5mal7yXZsR+AJDXWmCmJn8l37lzk
6vlImZniZ8jaAckUwlxab0iPkt0HLAthnMo54OZ0Ui2tpaPWi06A+nTi0Tbp8n5z
y1ZnhXyujgWllHBWWljp+5wK9mbUrmcSe1vx3JWrkNLWDPZ8ldoV1IBlwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXIAktJksGskzlyfmqNQNf63d/BMB8GA1UdIwQY
MBaAFG55zrqVOwfaoirzyKqysc1OIkjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUt
MDdmZmI2NmM1NGRmLzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUtMDdmZmI2NmM1NGRm
LzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt2UEgZrR
kSJpNnWVB1oNIGMi7DS6dx5Vl1sN62JZK9udj/1n6HJnYUo919hHXxrKX7hmzcH0
A9NHN2eRIxMlqpxoz5X/Em0P+MGDt0Vzg7PN4BczgULCLaPW1e4LustWhB3No7xQ
maF/mSaeCIrbz10Yyj+tzP7ApWfz77CE7UaQtHCfCurbJnV+UhZzoi9yW9V3lj3M
74u0+vfDxyG2F6RCSbWgGMYJfOCcWvs5hCck0NLPq3y4Z9kcafanSKkHVOh41jJ0
OzU8HfcDJP25Jj3WNQsGYuUenSPKLWel2AUS4F1cPPPNlb2mXUb775q2mecpZ2v2
fHzFrV6pZxCRuw==
-----END CERTIFICATE-----