Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          7kwqDYWB3uX1D3V3c4Ck9D6LHJ2BfRzJM56RKZw00KY=
Subject key identifier:   BB:8E:E7:DC:08:96:1E:28:64:1B:76:6D:E7:37:FA:94:15:2F:CB:9C
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       01988B0E6E2FBEA5E283AC744C994A3492AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          06B4
Signing time:             Fri 08 Aug 2025 19:00:35 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:35 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:35 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: 3LzayjqBkc+uNyMt/zPNRjE4tEz6Nd78y3y5d650EWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 11:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:6e:2f:be:a5:e2:83:ac:74:4c:99:4a:34:92:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Aug  8 19:00:35 2025 GMT
            Not After : Aug  9 19:00:35 2025 GMT
        Subject: CN=bb8ee7dc08961e28641b766de737fa94152fcb9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:19:30:12:1d:3a:16:1e:b9:70:ba:1e:47:bb:
                    3b:5a:c0:f0:b1:a7:44:77:99:9b:b1:d6:4f:bc:d4:
                    85:9f:a3:ed:ff:7d:8f:d1:36:a3:a1:91:08:83:9b:
                    f8:f2:72:f1:25:e1:4f:b0:59:29:f8:ad:bf:4a:81:
                    e2:b4:a7:53:3f:21:6e:06:2b:cf:87:28:40:8c:3d:
                    8e:22:3a:98:de:ac:d0:88:3e:c7:68:0a:67:e6:df:
                    d0:46:28:7e:c5:00:83:e9:37:d4:bc:22:d9:12:d9:
                    66:58:71:8e:38:76:ff:82:90:4f:4d:19:fa:e1:64:
                    d2:f2:68:32:a4:b0:72:dd:9d:70:86:50:02:9f:4d:
                    29:05:1a:70:6b:8e:46:9a:62:30:41:9e:b7:e6:f5:
                    46:c0:3f:09:1e:e2:fd:02:c4:2d:56:1b:16:52:83:
                    0c:9c:0b:f6:99:5d:2a:f7:b2:2b:65:23:3b:06:32:
                    24:30:be:4a:18:74:4f:90:77:30:10:6d:b6:0f:9e:
                    86:71:5b:24:6f:95:28:95:e0:0d:11:be:6b:45:66:
                    29:c7:9d:c7:fe:63:fa:cf:c2:a8:4a:3c:cc:a9:cb:
                    d9:9d:a6:01:9e:1d:54:80:50:55:44:9d:09:48:67:
                    1f:28:01:88:2a:a5:76:a4:6d:7d:81:b0:c8:09:23:
                    18:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:8E:E7:DC:08:96:1E:28:64:1B:76:6D:E7:37:FA:94:15:2F:CB:9C
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:6c:23:92:85:c7:fd:bc:ff:51:04:1f:60:ba:2d:cd:13:7b:
         bb:e3:b5:f7:8c:40:aa:2a:a6:23:4d:2d:5d:2d:16:d1:48:9b:
         6e:b6:b3:e5:79:72:af:c6:cd:20:4e:8e:4f:10:57:af:b1:84:
         ef:9d:1d:9c:37:ea:df:39:1a:60:a7:89:d7:3f:2e:c2:a5:cd:
         f9:9f:04:be:f4:11:72:ff:12:8c:24:62:ed:b0:d0:4a:27:d6:
         8a:de:46:cc:bf:69:6c:62:72:c8:d5:f3:bb:77:0d:14:a9:b8:
         ae:e9:4d:ba:01:a9:df:95:9b:35:97:08:c5:98:ae:ba:2a:7e:
         b5:83:5a:ec:36:c6:27:b1:9a:8b:4c:3b:d5:f9:82:17:43:32:
         74:3f:30:3e:1c:b4:d8:8c:23:79:dd:d7:3f:e5:af:4d:01:09:
         a6:bb:cd:f6:d3:34:93:a7:a7:3b:ad:26:f9:4e:b6:ef:ef:79:
         27:13:6a:b8:e4:01:62:81:7c:0a:b7:b1:08:c3:4d:bc:43:67:
         f3:38:de:3d:fd:d9:04:dd:76:39:f6:11:10:be:fe:26:14:d6:
         9e:99:83:8a:9c:cd:65:f7:e0:d5:9f:8c:58:d0:6a:3c:a8:22:
         3c:01:9b:b4:43:27:cc:cb:70:4c:a4:71:12:e9:c9:2c:79:31:
         a2:27:75:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDm4vvqXig6x0TJlKNJKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUwODA4MTkwMDM1WhcNMjUwODA5MTkwMDM1WjAzMTEwLwYDVQQD
EyhiYjhlZTdkYzA4OTYxZTI4NjQxYjc2NmRlNzM3ZmE5NDE1MmZjYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRkwEh06Fh65cLoeR7s7WsDwsadE
d5mbsdZPvNSFn6Pt/32P0TajoZEIg5v48nLxJeFPsFkp+K2/SoHitKdTPyFuBivP
hyhAjD2OIjqY3qzQiD7HaApn5t/QRih+xQCD6TfUvCLZEtlmWHGOOHb/gpBPTRn6
4WTS8mgypLBy3Z1whlACn00pBRpwa45GmmIwQZ635vVGwD8JHuL9AsQtVhsWUoMM
nAv2mV0q97IrZSM7BjIkML5KGHRPkHcwEG22D56GcVskb5UoleANEb5rRWYpx53H
/mP6z8KoSjzMqcvZnaYBnh1UgFBVRJ0JSGcfKAGIKqV2pG19gbDICSMYTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuO59wIlh4oZBt2bec3+pQVL8ucMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZWwjkoXH
/bz/UQQfYLotzRN7u+O194xAqiqmI00tXS0W0Uibbraz5Xlyr8bNIE6OTxBXr7GE
750dnDfq3zkaYKeJ1z8uwqXN+Z8EvvQRcv8SjCRi7bDQSifWit5GzL9pbGJyyNXz
u3cNFKm4rulNugGp35WbNZcIxZiuuip+tYNa7DbGJ7Gai0w71fmCF0MydD8wPhy0
2Iwjed3XP+WvTQEJprvN9tM0k6enO60m+U627+95JxNquOQBYoF8CrexCMNNvENn
8zjePf3ZBN12OfYREL7+JhTWnpmDipzNZffg1Z+MWNBqPKgiPAGbtEMnzMtwTKRx
EunJLHkxoid1tg==
-----END CERTIFICATE-----