Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          koF4B5DKYaD4iOF0/vxJnrp0AIb9S7cjWW/dOhVD0lw=
Subject key identifier:   DB:E1:0D:07:F6:BC:35:AC:7A:CB:89:78:64:64:C4:09:69:A2:F6:F0
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       019677FB4271603978EAE7F2887C76D9F420
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0C9D
Signing time:             Sun 27 Apr 2025 16:01:17 +0000
Manifest this update:     Sun 27 Apr 2025 16:01:17 +0000
Manifest next update:     Mon 28 Apr 2025 16:01:17 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: NXcC7/rbGAN3t+XhSvvEOmNXON6NOzlQee9xajM6xuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fb:42:71:60:39:78:ea:e7:f2:88:7c:76:d9:f4:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Apr 27 16:01:17 2025 GMT
            Not After : Apr 28 16:01:17 2025 GMT
        Subject: CN=dbe10d07f6bc35ac7acb89786464c40969a2f6f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:95:01:6d:bf:3a:84:f5:cf:43:18:78:71:60:
                    07:a6:59:52:cf:db:98:7e:33:58:f0:b2:62:1f:e3:
                    be:b2:15:95:da:47:b7:d9:b4:e0:b8:b3:7c:04:a7:
                    46:4e:98:28:3b:83:c9:66:14:f5:a0:48:62:07:f5:
                    5c:47:b3:b7:60:b0:7a:75:bc:43:ff:95:51:11:8b:
                    9e:5f:11:7e:47:69:e3:af:35:66:db:ec:bc:c2:74:
                    4c:63:26:c6:42:a4:cb:d8:5f:3c:a0:e3:4e:90:af:
                    0b:b8:79:bd:07:c5:d6:01:95:2c:31:cf:25:20:82:
                    1b:a5:7f:10:c1:66:29:9b:05:c7:d1:88:4e:94:f1:
                    e8:3d:8d:ab:7f:96:08:02:e0:cc:e6:49:a1:0f:22:
                    d8:ff:3d:74:1e:fb:f3:16:c8:bf:26:09:f7:6f:c3:
                    48:45:63:08:8a:79:cb:fc:56:57:b7:f9:77:3d:80:
                    62:92:66:31:a2:d8:4b:a4:c1:32:6f:9c:83:2f:06:
                    8f:39:45:43:3a:d3:be:fe:91:1a:33:07:27:1e:73:
                    83:f8:58:d6:77:47:03:3e:95:7b:5c:53:27:c7:d3:
                    d6:e4:15:31:ba:0a:20:f9:f1:70:63:93:80:d9:ce:
                    d4:f0:50:c9:e5:ec:fd:b7:99:ef:6f:22:0e:d2:09:
                    49:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:E1:0D:07:F6:BC:35:AC:7A:CB:89:78:64:64:C4:09:69:A2:F6:F0
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:92:ff:30:d2:05:3c:96:74:be:a5:7f:cc:da:0b:96:3d:bd:
         e2:8c:3a:f4:6a:f7:b5:5b:1c:3f:0e:b0:a5:56:9b:59:10:ff:
         08:ff:4b:fc:30:68:13:10:a2:8a:28:54:12:27:e4:db:ed:e6:
         72:54:e5:67:b9:81:fa:74:25:05:46:83:b9:fb:35:dc:1c:d9:
         df:77:67:18:18:be:d9:a1:9d:a6:8c:4c:bf:b6:45:97:87:c8:
         cb:88:f5:b7:d9:59:fd:4e:c6:4c:8d:62:ed:95:3d:d1:9e:fe:
         bb:76:3e:45:6a:2b:cc:46:cd:ca:e9:9b:2f:c9:ea:4e:5f:97:
         76:ea:a4:b4:70:53:4e:80:4e:b8:33:b3:2c:d0:a5:84:43:2d:
         61:28:21:84:a0:a5:33:6f:d3:55:b1:d6:cb:73:c6:c3:04:af:
         3b:9a:14:82:5c:49:be:4f:82:aa:3e:6e:ec:3d:b9:61:02:9c:
         56:27:88:da:a6:59:b5:c8:bc:65:d4:e1:fa:86:fa:e1:00:af:
         2c:e8:cd:b1:ff:7b:ea:41:a0:9b:73:80:1d:e1:19:65:e7:d8:
         1a:aa:8b:de:54:0e:a6:77:17:ea:05:95:05:e3:cf:36:31:e6:
         88:e0:4b:2b:5c:be:8c:db:c5:56:28:cc:ff:ae:10:c5:a0:c6:
         f3:f5:ac:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+0JxYDl46ufyiHx22fQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUwNDI3MTYwMTE3WhcNMjUwNDI4MTYwMTE3WjAzMTEwLwYDVQQD
EyhkYmUxMGQwN2Y2YmMzNWFjN2FjYjg5Nzg2NDY0YzQwOTY5YTJmNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5UBbb86hPXPQxh4cWAHpllSz9uY
fjNY8LJiH+O+shWV2ke32bTguLN8BKdGTpgoO4PJZhT1oEhiB/VcR7O3YLB6dbxD
/5VREYueXxF+R2njrzVm2+y8wnRMYybGQqTL2F88oONOkK8LuHm9B8XWAZUsMc8l
IIIbpX8QwWYpmwXH0YhOlPHoPY2rf5YIAuDM5kmhDyLY/z10HvvzFsi/Jgn3b8NI
RWMIinnL/FZXt/l3PYBikmYxothLpMEyb5yDLwaPOUVDOtO+/pEaMwcnHnOD+FjW
d0cDPpV7XFMnx9PW5BUxugog+fFwY5OA2c7U8FDJ5ez9t5nvbyIO0glJFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvhDQf2vDWsesuJeGRkxAlpovbwMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFZL/MNIF
PJZ0vqV/zNoLlj294ow69Gr3tVscPw6wpVabWRD/CP9L/DBoExCiiihUEifk2+3m
clTlZ7mB+nQlBUaDufs13BzZ33dnGBi+2aGdpoxMv7ZFl4fIy4j1t9lZ/U7GTI1i
7ZU90Z7+u3Y+RWorzEbNyumbL8nqTl+XduqktHBTToBOuDOzLNClhEMtYSghhKCl
M2/TVbHWy3PGwwSvO5oUglxJvk+Cqj5u7D25YQKcVieI2qZZtci8ZdTh+ob64QCv
LOjNsf976kGgm3OAHeEZZefYGqqL3lQOpncX6gWVBePPNjHmiOBLK1y+jNvFVijM
/64QxaDG8/Wsuw==
-----END CERTIFICATE-----