Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
File:                     bnnOupU7B9qiKvPIqrKxzU4iSNA.mft (raw, json)
Hash identifier:          cQ7KRHyP/p8ACsVZ56lrLiXKCqKGvQ3C6u/t2y0i2QM=
Subject key identifier:   38:9A:8B:39:F1:79:83:10:68:18:6A:B5:80:01:5A:74:EA:B2:49:DF
Authority key identifier: 6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0
Certificate issuer:       /CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
Certificate serial:       0198A04CCA5FA14923FF969B8E0501BC3A08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
Manifest number:          06B0
Signing time:             Tue 12 Aug 2025 22:00:43 +0000
Manifest this update:     Tue 12 Aug 2025 22:00:43 +0000
Manifest next update:     Wed 13 Aug 2025 22:00:43 +0000
Files and hashes:         1: bnnOupU7B9qiKvPIqrKxzU4iSNA.crl (hash: FmrRNlDh6i4dc+qALaOkuwTbCcs/E6RtjwLOcnPs7KI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4c:ca:5f:a1:49:23:ff:96:9b:8e:05:01:bc:3a:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
        Validity
            Not Before: Aug 12 22:00:43 2025 GMT
            Not After : Aug 13 22:00:43 2025 GMT
        Subject: CN=389a8b39f179831068186ab580015a74eab249df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b1:fc:a6:20:8c:55:f2:b6:f9:c6:61:02:10:
                    56:20:74:b0:08:95:89:75:a4:00:58:4b:cc:3d:04:
                    84:6f:5e:46:63:9a:83:b1:b4:16:83:5a:7d:ae:d1:
                    31:4f:b5:67:e2:2a:1f:f7:d7:6a:52:10:06:51:38:
                    0d:51:c7:5e:2a:76:23:20:4a:e4:5e:f3:ae:47:d3:
                    b4:3e:bb:f0:40:05:0f:5a:6d:7a:33:5f:5c:99:c4:
                    34:30:86:b0:14:e7:4e:8e:ba:52:14:c6:d3:f0:9a:
                    8b:90:13:ba:e2:46:88:8e:24:94:ec:0c:9d:67:ec:
                    b4:b3:19:3c:6a:de:cd:02:f3:4b:00:23:3f:ee:b7:
                    f5:bb:c3:36:8b:3a:f8:96:57:c0:15:6a:fe:ea:93:
                    93:24:c4:27:bc:6a:8c:9b:10:90:e5:8c:d2:0a:bc:
                    ad:9b:03:7c:d7:ef:85:ed:57:c4:d9:fa:a7:35:98:
                    d4:0f:71:c1:a3:90:35:4c:3a:98:85:95:c4:68:56:
                    af:cc:1a:73:c5:d9:f9:a4:4e:7c:43:94:01:6a:fa:
                    99:98:71:34:44:4b:7d:43:a4:3f:c6:30:a8:a2:0a:
                    70:25:20:dc:27:4f:93:21:6f:82:85:e4:1b:8c:0b:
                    cd:a5:44:f1:5e:91:51:6b:7f:df:a9:89:dc:28:01:
                    ee:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:9A:8B:39:F1:79:83:10:68:18:6A:B5:80:01:5A:74:EA:B2:49:DF
            X509v3 Authority Key Identifier:
                keyid:6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:0f:bb:46:25:5d:db:71:8a:6e:25:d9:95:2d:d9:e2:1b:6b:
         e5:c6:17:02:cc:ec:d4:e9:3d:55:05:f1:37:da:27:77:a3:7b:
         53:01:94:a3:2b:a3:f9:20:3a:f4:8e:95:91:3d:84:95:b7:16:
         c1:03:7b:b4:2a:c1:3f:89:4a:91:aa:40:41:fc:34:e7:c3:41:
         a2:06:bf:9b:2e:88:ae:78:96:eb:7f:ca:d1:bb:8d:e5:26:f8:
         07:cd:cb:96:4a:a5:ce:a2:f6:3d:0f:3b:45:eb:c1:2d:b4:4a:
         d3:d5:1b:57:88:77:80:e6:25:5a:5a:3f:24:6a:75:bd:64:17:
         da:b0:6e:f4:c0:c5:1a:20:24:c8:4f:52:63:b3:6a:1a:43:2c:
         0d:2f:25:18:08:ad:65:22:73:02:de:47:6b:a7:cd:9b:fc:64:
         8a:f0:82:ee:a8:8a:3f:e9:e2:31:22:7d:81:c2:93:e8:df:58:
         40:c6:52:7c:32:2e:08:5d:fb:78:fe:cc:50:20:47:b1:6b:5a:
         fb:cf:2e:45:0f:d8:4d:ab:de:2a:b8:ea:23:a7:4f:57:54:60:
         92:c8:ab:a9:0c:fa:48:f5:b0:9e:ec:26:e1:82:b3:0f:eb:32:
         08:30:d7:f0:ac:97:df:15:9b:cb:b0:64:74:a9:53:4e:b1:b6:
         5c:95:e8:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTMpfoUkj/5abjgUBvDoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNzljZWJhOTUzYjA3ZGFhMjJhZjNjOGFhYjJiMWNkNGUy
MjQ4ZDAwHhcNMjUwODEyMjIwMDQzWhcNMjUwODEzMjIwMDQzWjAzMTEwLwYDVQQD
EygzODlhOGIzOWYxNzk4MzEwNjgxODZhYjU4MDAxNWE3NGVhYjI0OWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbH8piCMVfK2+cZhAhBWIHSwCJWJ
daQAWEvMPQSEb15GY5qDsbQWg1p9rtExT7Vn4iof99dqUhAGUTgNUcdeKnYjIErk
XvOuR9O0PrvwQAUPWm16M19cmcQ0MIawFOdOjrpSFMbT8JqLkBO64kaIjiSU7Ayd
Z+y0sxk8at7NAvNLACM/7rf1u8M2izr4llfAFWr+6pOTJMQnvGqMmxCQ5YzSCryt
mwN81++F7VfE2fqnNZjUD3HBo5A1TDqYhZXEaFavzBpzxdn5pE58Q5QBavqZmHE0
REt9Q6Q/xjCoogpwJSDcJ0+TIW+CheQbjAvNpUTxXpFRa3/fqYncKAHuxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiaiznxeYMQaBhqtYABWnTqsknfMB8GA1UdIwQY
MBaAFG55zrqVOwfaoirzyKqysc1OIkjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUt
MDdmZmI2NmM1NGRmLzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUtMDdmZmI2NmM1NGRm
LzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPw+7RiVd
23GKbiXZlS3Z4htr5cYXAszs1Ok9VQXxN9ond6N7UwGUoyuj+SA69I6VkT2ElbcW
wQN7tCrBP4lKkapAQfw058NBoga/my6IrniW63/K0buN5Sb4B83LlkqlzqL2PQ87
RevBLbRK09UbV4h3gOYlWlo/JGp1vWQX2rBu9MDFGiAkyE9SY7NqGkMsDS8lGAit
ZSJzAt5Ha6fNm/xkivCC7qiKP+niMSJ9gcKT6N9YQMZSfDIuCF37eP7MUCBHsWta
+88uRQ/YTaveKrjqI6dPV1RgksirqQz6SPWwnuwm4YKzD+syCDDX8KyX3xWby7Bk
dKlTTrG2XJXoJw==
-----END CERTIFICATE-----