Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
File:                     bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft (raw, json)
Hash identifier:          pKa8EqTwSzTa0VfyvJtfDbTbCb/shPS7M3eQHKwGTnM=
Subject key identifier:   3A:CE:12:C4:12:ED:D3:B0:F4:DC:E8:EA:5A:01:C6:96:5C:24:02:DE
Authority key identifier: 6E:68:C1:B9:0E:45:F9:1B:AB:8D:60:78:8E:ED:25:CB:4A:01:0F:E8
Certificate issuer:       /CN=6e68c1b90e45f91bab8d60788eed25cb4a010fe8
Certificate serial:       019A4D3D4AD7B3E484FAE9BDEC5729E5476B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
Manifest number:          0658
Signing time:             Tue 04 Nov 2025 05:00:53 +0000
Manifest this update:     Tue 04 Nov 2025 05:00:53 +0000
Manifest next update:     Wed 05 Nov 2025 05:00:53 +0000
Files and hashes:         1: bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl (hash: bXl+7BvhqR135PvGErRmjcqd2WK6JJWwZJabfdmR2oA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 05:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:3d:4a:d7:b3:e4:84:fa:e9:bd:ec:57:29:e5:47:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e68c1b90e45f91bab8d60788eed25cb4a010fe8
        Validity
            Not Before: Nov  4 05:00:53 2025 GMT
            Not After : Nov  5 05:00:53 2025 GMT
        Subject: CN=3ace12c412edd3b0f4dce8ea5a01c6965c2402de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:2d:7e:97:c7:4f:41:6a:a2:ce:02:5f:02:9a:
                    86:72:a9:c7:3d:4c:f6:85:f4:02:48:b2:37:5b:60:
                    6f:c4:6e:9c:ce:91:e3:e8:45:d6:c0:a8:56:12:60:
                    bc:7b:f2:dd:9f:76:33:dc:99:6c:02:81:5b:eb:ab:
                    42:04:f5:e2:6a:76:dd:64:d5:c7:55:74:c4:b7:ef:
                    b8:07:59:8e:3f:37:06:ec:4c:da:6d:e4:46:e0:cd:
                    9d:59:c7:cf:9e:04:19:4f:d8:96:8f:76:6e:f8:4b:
                    21:85:51:16:8c:d1:c1:61:84:d3:6d:c8:99:23:21:
                    33:15:36:8d:0d:94:7d:b9:80:ee:7d:eb:fd:b5:ee:
                    0e:af:60:da:c5:75:70:08:81:3e:9a:a1:65:84:64:
                    75:2e:4f:91:e2:c3:8d:7f:2b:2f:e1:fc:c4:5e:2c:
                    b4:b3:e9:45:fd:bd:a0:73:f7:97:db:c2:d9:81:0e:
                    cd:e7:ae:a1:c4:62:45:8f:f4:e9:c5:ce:eb:8b:41:
                    3c:66:c5:fa:28:75:2c:06:3c:29:1d:44:57:6f:0e:
                    23:85:c7:3a:1c:51:04:88:1e:dd:0f:d2:8a:1d:7b:
                    9b:4a:2d:25:df:51:8f:21:a7:94:83:b2:d4:6d:a0:
                    19:0e:8f:0d:17:ff:9e:10:e3:f6:2f:27:c8:38:e1:
                    83:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:CE:12:C4:12:ED:D3:B0:F4:DC:E8:EA:5A:01:C6:96:5C:24:02:DE
            X509v3 Authority Key Identifier:
                keyid:6E:68:C1:B9:0E:45:F9:1B:AB:8D:60:78:8E:ED:25:CB:4A:01:0F:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:e5:a0:e8:c7:41:90:29:76:5d:8c:fb:72:92:0d:2a:c9:5c:
         2b:4b:1f:9d:12:fb:b6:46:49:f4:8b:14:12:4d:03:bf:e7:6d:
         ab:ce:38:2f:a8:2e:1d:aa:59:3b:fa:d2:2f:c6:0e:bf:af:05:
         6c:8d:70:6a:04:54:7f:7a:24:5d:7b:db:32:03:49:54:fe:9b:
         73:70:9e:be:25:c1:bb:0e:84:d1:00:cf:c9:a5:d7:65:fe:1d:
         59:31:1e:65:be:17:26:41:a8:c1:2d:bf:45:2e:10:6e:4b:6c:
         f4:e7:91:b1:f2:27:dd:2a:81:83:dc:7f:98:48:21:48:10:7d:
         e2:4a:ad:79:93:62:f7:8c:e3:21:19:2a:ae:a4:83:0c:04:78:
         4b:78:67:db:fc:a7:58:cf:2f:ef:c9:e9:df:fe:d0:d6:96:0c:
         df:09:51:63:30:fc:df:8e:b7:06:ae:ab:6f:60:77:f8:5d:f5:
         90:8a:bb:59:6b:cf:5d:3f:d5:38:fb:71:64:3c:bd:cf:fc:24:
         0e:46:16:28:20:d8:13:1f:b1:e5:c1:15:78:2f:8d:58:01:6a:
         2b:df:3f:b2:35:e9:64:e4:9d:48:a9:2f:64:9d:0c:26:5e:8b:
         8f:fe:4f:32:fb:e9:3b:52:99:d4:53:6f:ac:4e:75:6d:02:11:
         da:47:94:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPUrXs+SE+um97Fcp5UdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjhjMWI5MGU0NWY5MWJhYjhkNjA3ODhlZWQyNWNiNGEw
MTBmZTgwHhcNMjUxMTA0MDUwMDUzWhcNMjUxMTA1MDUwMDUzWjAzMTEwLwYDVQQD
EygzYWNlMTJjNDEyZWRkM2IwZjRkY2U4ZWE1YTAxYzY5NjVjMjQwMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS1+l8dPQWqizgJfApqGcqnHPUz2
hfQCSLI3W2BvxG6czpHj6EXWwKhWEmC8e/Ldn3Yz3JlsAoFb66tCBPXianbdZNXH
VXTEt++4B1mOPzcG7EzabeRG4M2dWcfPngQZT9iWj3Zu+EshhVEWjNHBYYTTbciZ
IyEzFTaNDZR9uYDufev9te4Or2DaxXVwCIE+mqFlhGR1Lk+R4sONfysv4fzEXiy0
s+lF/b2gc/eX28LZgQ7N566hxGJFj/Tpxc7ri0E8ZsX6KHUsBjwpHURXbw4jhcc6
HFEEiB7dD9KKHXubSi0l31GPIaeUg7LUbaAZDo8NF/+eEOP2LyfIOOGDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrOEsQS7dOw9Nzo6loBxpZcJALeMB8GA1UdIwQY
MBaAFG5owbkORfkbq41geI7tJctKAQ/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmFjYTEtZjU1Ny00MTA0LWI1ZmEt
MTc0MDYzMGZjYzQ1LzEvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmFjYTEtZjU1Ny00MTA0LWI1ZmEtMTc0MDYzMGZjYzQ1
LzEvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr+Wg6MdB
kCl2XYz7cpINKslcK0sfnRL7tkZJ9IsUEk0Dv+dtq844L6guHapZO/rSL8YOv68F
bI1wagRUf3okXXvbMgNJVP6bc3CeviXBuw6E0QDPyaXXZf4dWTEeZb4XJkGowS2/
RS4Qbkts9OeRsfIn3SqBg9x/mEghSBB94kqteZNi94zjIRkqrqSDDAR4S3hn2/yn
WM8v78np3/7Q1pYM3wlRYzD83463Bq6rb2B3+F31kIq7WWvPXT/VOPtxZDy9z/wk
DkYWKCDYEx+x5cEVeC+NWAFqK98/sjXpZOSdSKkvZJ0MJl6Lj/5PMvvpO1KZ1FNv
rE51bQIR2keUmQ==
-----END CERTIFICATE-----