Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          wHG3l+QzI5YcqNIKQvIEZwQUkYhNiQvWA0BH29W4sqw=
Subject key identifier:   16:35:9C:43:8E:37:68:5F:A4:AF:69:F0:1D:ED:38:86:B7:C0:6C:FB
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019A4F62C65DD31EDD4B1270117B6F223CB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0B9B
Signing time:             Tue 04 Nov 2025 15:01:04 +0000
Manifest this update:     Tue 04 Nov 2025 15:01:04 +0000
Manifest next update:     Wed 05 Nov 2025 15:01:04 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: CvIQp0lL/PDdz9cCK7B3pEyAYQX0OYA187aSRmYZuf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:c6:5d:d3:1e:dd:4b:12:70:11:7b:6f:22:3c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Nov  4 15:01:04 2025 GMT
            Not After : Nov  5 15:01:04 2025 GMT
        Subject: CN=16359c438e37685fa4af69f01ded3886b7c06cfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:13:fb:ee:63:85:2b:06:c1:0d:97:e9:bb:d0:
                    f6:cb:cb:1b:d3:d8:d1:8a:7f:19:1e:55:6d:2f:75:
                    ae:8f:bc:be:29:2d:13:fa:23:31:0c:aa:7a:5f:3c:
                    49:31:01:f2:be:20:80:bd:85:ac:62:9d:d5:fb:0e:
                    df:60:25:4f:2f:6f:17:10:de:30:e1:9f:3c:96:ec:
                    46:09:d9:ff:ee:40:32:62:5b:ef:b1:4e:91:4b:dd:
                    fb:16:c0:f1:29:4d:41:ab:c0:85:97:51:10:f8:07:
                    38:a2:1d:c9:64:ba:e2:be:05:1e:d1:08:6c:b4:ca:
                    41:c3:ee:da:64:2a:cb:67:9f:51:12:f5:5d:33:16:
                    19:64:c2:b8:f2:73:60:33:e6:ad:08:a5:f7:73:a5:
                    64:e9:31:e7:8d:fe:64:ac:d3:11:4d:f2:dc:4c:c2:
                    66:52:e5:06:ec:0d:2d:8d:a3:6d:36:ac:cc:aa:b8:
                    02:66:37:80:52:15:49:40:df:c9:0d:16:74:5b:e2:
                    91:d9:41:2d:d4:4d:5e:0d:27:8c:5a:31:65:b3:7a:
                    f2:af:f6:2d:ff:20:73:b0:c7:ff:11:10:a5:1c:10:
                    09:17:ac:43:99:fd:92:31:14:05:17:6b:d6:1f:06:
                    1b:73:2c:2b:66:44:e0:ea:69:0b:a4:92:88:d6:c5:
                    bd:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:35:9C:43:8E:37:68:5F:A4:AF:69:F0:1D:ED:38:86:B7:C0:6C:FB
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:87:4f:21:d9:8e:71:bb:cd:63:99:ff:97:1f:fb:ee:73:96:
         e1:03:6a:81:d0:d2:78:42:63:e0:4e:13:51:2b:d9:75:3b:92:
         75:bc:ab:ea:26:47:65:05:d7:2c:f3:f8:5b:b6:4c:c7:d4:06:
         93:2f:ee:f1:ed:9b:81:d6:38:ea:63:de:75:ee:81:23:b7:f9:
         67:95:33:ab:2c:8b:69:e4:45:97:9b:fb:6d:6e:6c:6c:8e:ce:
         f1:3c:39:24:a4:43:89:ed:fc:d0:0f:19:93:e6:f2:89:5f:b4:
         2c:57:60:5f:c8:c4:64:fb:50:a1:f6:e1:3b:4f:a1:87:b9:d6:
         50:57:70:a1:a2:da:fb:28:ca:52:f8:95:b9:ac:36:0a:4f:42:
         17:0f:c9:3f:27:74:cf:04:6c:2d:e6:e1:0d:6e:d8:93:4d:d7:
         80:33:44:c3:25:09:95:ee:42:79:58:bd:93:6b:43:c2:2c:eb:
         01:8f:62:7d:72:d2:be:b3:09:d3:17:37:c3:db:ee:11:d4:b0:
         59:e5:af:0b:cc:61:87:94:83:60:63:7d:77:a6:33:a2:63:79:
         4d:47:88:b1:3c:4d:30:f1:8b:c8:63:b6:1d:76:e6:e5:33:16:
         eb:59:a7:73:7a:d4:37:5e:7e:4c:dc:be:bf:a7:01:e6:88:c3:
         f6:98:79:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYsZd0x7dSxJwEXtvIjy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjUxMTA0MTUwMTA0WhcNMjUxMTA1MTUwMTA0WjAzMTEwLwYDVQQD
EygxNjM1OWM0MzhlMzc2ODVmYTRhZjY5ZjAxZGVkMzg4NmI3YzA2Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBP77mOFKwbBDZfpu9D2y8sb09jR
in8ZHlVtL3Wuj7y+KS0T+iMxDKp6XzxJMQHyviCAvYWsYp3V+w7fYCVPL28XEN4w
4Z88luxGCdn/7kAyYlvvsU6RS937FsDxKU1Bq8CFl1EQ+Ac4oh3JZLrivgUe0Qhs
tMpBw+7aZCrLZ59REvVdMxYZZMK48nNgM+atCKX3c6Vk6THnjf5krNMRTfLcTMJm
UuUG7A0tjaNtNqzMqrgCZjeAUhVJQN/JDRZ0W+KR2UEt1E1eDSeMWjFls3ryr/Yt
/yBzsMf/ERClHBAJF6xDmf2SMRQFF2vWHwYbcywrZkTg6mkLpJKI1sW9YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBY1nEOON2hfpK9p8B3tOIa3wGz7MB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnIdPIdmO
cbvNY5n/lx/77nOW4QNqgdDSeEJj4E4TUSvZdTuSdbyr6iZHZQXXLPP4W7ZMx9QG
ky/u8e2bgdY46mPede6BI7f5Z5UzqyyLaeRFl5v7bW5sbI7O8Tw5JKRDie380A8Z
k+byiV+0LFdgX8jEZPtQofbhO0+hh7nWUFdwoaLa+yjKUviVuaw2Ck9CFw/JPyd0
zwRsLebhDW7Yk03XgDNEwyUJle5CeVi9k2tDwizrAY9ifXLSvrMJ0xc3w9vuEdSw
WeWvC8xhh5SDYGN9d6YzomN5TUeIsTxNMPGLyGO2HXbm5TMW61mnc3rUN15+TNy+
v6cB5ojD9ph5qA==
-----END CERTIFICATE-----