Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          dRCC5cf+BbDcsFcaHmSs17c9rxwTXOqtrYrl9A7YUF8=
Subject key identifier:   29:41:40:3B:13:85:67:83:12:02:B1:60:BF:35:FC:A7:77:26:BD:B5
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       01976DAB6DF0A297B523A18B1E17C80C0E25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 09:00:40 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:40 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:40 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: rzdToiEtLxG9oyFRA37cubkeyffNY+2ogtI6eVCOBu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:6d:f0:a2:97:b5:23:a1:8b:1e:17:c8:0c:0e:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Jun 14 09:00:40 2025 GMT
            Not After : Jun 15 09:00:40 2025 GMT
        Subject: CN=2941403b138567831202b160bf35fca77726bdb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e4:bb:9f:e7:62:44:5f:da:e5:6b:58:aa:6a:
                    6d:29:83:dc:52:e4:d6:28:1d:02:5e:d2:fc:d4:ef:
                    fe:db:e8:e4:78:fe:84:54:de:4f:7a:be:aa:54:13:
                    0b:f2:4c:1a:f8:b8:7f:e9:f6:d4:bf:e3:7b:93:13:
                    38:a5:85:35:34:f4:0f:4a:ba:79:07:c8:4d:a4:c7:
                    89:3e:76:9b:3d:99:83:d0:59:d5:55:97:c5:33:42:
                    0b:7a:11:0b:75:ba:ae:19:96:b1:be:da:5e:66:2b:
                    c1:8a:1a:fd:a6:08:c5:a5:49:96:e5:29:78:4d:73:
                    a2:df:0c:22:c4:91:59:92:92:34:d2:22:18:2c:90:
                    c7:95:53:9c:62:cc:94:a2:da:9a:d9:69:5c:22:34:
                    3c:19:ae:2b:f0:a9:7e:27:59:28:30:8a:f3:1b:2a:
                    a7:3c:39:db:6f:0a:48:8e:fc:da:cc:08:4a:15:dc:
                    6f:87:de:ac:fe:76:17:36:51:d3:3b:37:8f:d8:72:
                    59:56:87:5c:a2:dd:0a:6a:39:90:21:ad:0a:cf:34:
                    50:fa:86:59:7a:f2:63:e6:7d:49:77:fb:c0:3f:fb:
                    04:1d:e4:cb:80:9e:f7:f2:0f:63:72:09:94:fc:b3:
                    9b:99:6b:f7:95:43:45:14:d7:25:88:58:72:4d:bb:
                    3a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:41:40:3B:13:85:67:83:12:02:B1:60:BF:35:FC:A7:77:26:BD:B5
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:cd:56:2e:48:74:7d:86:7f:b1:c9:55:fe:88:fe:3b:f8:49:
         ad:5a:df:a0:73:5f:02:b8:e9:2f:d9:8a:7a:71:8f:c8:74:c0:
         02:bf:6f:45:23:6d:ed:e5:e2:fd:2f:e4:df:68:a0:86:d1:69:
         4f:d8:91:77:c6:fa:7c:43:9a:8c:8e:93:03:b0:e4:e4:a8:23:
         a0:65:bb:cf:75:2e:eb:fe:2f:02:dd:2a:68:6d:12:02:fe:04:
         64:98:19:b1:fc:e8:0a:8d:02:1a:26:d6:68:d6:91:17:be:ca:
         95:2e:33:36:a1:08:b0:18:08:f0:aa:43:15:51:c8:9d:7b:4e:
         11:32:83:85:eb:47:44:7d:5d:02:cd:be:33:64:b3:e5:f8:b4:
         c6:93:64:dd:39:0a:6d:9b:6a:75:37:ce:50:68:74:df:3d:c5:
         a2:a6:f6:d1:24:b7:ea:23:92:9d:8b:d5:21:7c:85:c4:00:86:
         53:f1:8a:87:46:f5:9b:d1:c9:a8:3d:db:0a:07:3b:d0:d0:04:
         32:9d:54:56:e1:51:33:d9:25:f0:2b:4d:9f:d6:68:94:39:8d:
         ea:fd:09:49:fd:bd:a2:db:83:ca:29:80:1d:7f:79:c2:4e:72:
         f2:46:cc:77:b1:71:66:37:67:b8:68:d7:88:48:1a:bc:28:42:
         8f:e6:f4:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq23wope1I6GLHhfIDA4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjUwNjE0MDkwMDQwWhcNMjUwNjE1MDkwMDQwWjAzMTEwLwYDVQQD
EygyOTQxNDAzYjEzODU2NzgzMTIwMmIxNjBiZjM1ZmNhNzc3MjZiZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+S7n+diRF/a5WtYqmptKYPcUuTW
KB0CXtL81O/+2+jkeP6EVN5Per6qVBML8kwa+Lh/6fbUv+N7kxM4pYU1NPQPSrp5
B8hNpMeJPnabPZmD0FnVVZfFM0ILehELdbquGZaxvtpeZivBihr9pgjFpUmW5Sl4
TXOi3wwixJFZkpI00iIYLJDHlVOcYsyUotqa2WlcIjQ8Ga4r8Kl+J1koMIrzGyqn
PDnbbwpIjvzazAhKFdxvh96s/nYXNlHTOzeP2HJZVodcot0KajmQIa0KzzRQ+oZZ
evJj5n1Jd/vAP/sEHeTLgJ738g9jcgmU/LObmWv3lUNFFNcliFhyTbs69wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClBQDsThWeDEgKxYL81/Kd3Jr21MB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARM1WLkh0
fYZ/sclV/oj+O/hJrVrfoHNfArjpL9mKenGPyHTAAr9vRSNt7eXi/S/k32ightFp
T9iRd8b6fEOajI6TA7Dk5KgjoGW7z3Uu6/4vAt0qaG0SAv4EZJgZsfzoCo0CGibW
aNaRF77KlS4zNqEIsBgI8KpDFVHInXtOETKDhetHRH1dAs2+M2Sz5fi0xpNk3TkK
bZtqdTfOUGh03z3Foqb20SS36iOSnYvVIXyFxACGU/GKh0b1m9HJqD3bCgc70NAE
Mp1UVuFRM9kl8CtNn9ZolDmN6v0JSf29otuDyimAHX95wk5y8kbMd7FxZjdnuGjX
iEgavChCj+b0Yg==
-----END CERTIFICATE-----