Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          FhaxBPjv+GYEQw2wKuPFjs2YPd6Y/s2tcElJ3Cw5X0g=
Subject key identifier:   A2:D3:04:55:65:BA:0B:2E:58:4A:CE:12:38:ED:85:83:CB:0A:F2:E4
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       019A4DE1F6262563699EA609A42D7D39F23F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          074C
Signing time:             Tue 04 Nov 2025 08:00:45 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:45 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:45 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: mCxK/wNeVKL3A9DZqk6CuMaeCj3sfsGB8olnT0OI1mk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:f6:26:25:63:69:9e:a6:09:a4:2d:7d:39:f2:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Nov  4 08:00:45 2025 GMT
            Not After : Nov  5 08:00:45 2025 GMT
        Subject: CN=a2d3045565ba0b2e584ace1238ed8583cb0af2e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:37:04:78:1d:82:9e:84:0e:f7:85:33:4f:62:
                    11:6b:40:1c:24:9d:eb:b0:aa:ed:0f:25:f9:32:d5:
                    3d:c0:22:ae:ed:a5:ef:50:12:1a:b3:46:cd:e0:e2:
                    60:7a:0a:19:80:eb:38:4b:cf:be:74:c3:21:de:8f:
                    2a:96:d8:a5:30:a6:f6:a0:3f:c1:ed:78:e8:9f:1d:
                    3c:13:6c:80:d2:fd:c8:cc:81:25:2d:cb:44:ec:0e:
                    88:cc:e2:90:34:00:11:d2:76:57:18:84:17:5b:df:
                    e2:9d:40:2f:2d:b7:a0:15:51:a0:2c:bd:5d:e8:03:
                    67:51:6d:d2:b0:03:75:cd:7b:a6:78:95:4f:74:d1:
                    35:da:00:ed:27:62:0e:e1:cf:c8:6b:1a:38:ab:b3:
                    7c:ee:ea:58:e2:a7:2c:f4:3e:c1:6c:d6:27:28:13:
                    04:71:cc:27:ca:80:76:1b:21:28:40:b8:f6:ec:4c:
                    21:86:82:f2:cf:de:8f:f8:69:44:53:13:89:3d:0d:
                    0b:6a:80:93:3b:20:d2:79:ae:0e:c5:27:df:73:df:
                    19:dc:ba:b8:2f:46:ec:0f:21:7f:b9:90:09:9e:8c:
                    e1:1c:b8:60:7e:3c:68:14:5f:6f:4f:40:80:d1:b0:
                    81:fb:7d:b0:30:b8:71:93:5e:f9:b1:2a:56:85:74:
                    40:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D3:04:55:65:BA:0B:2E:58:4A:CE:12:38:ED:85:83:CB:0A:F2:E4
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:2b:68:7e:65:06:47:92:d6:4c:f3:84:03:06:3e:c4:f8:bf:
         d8:e7:17:4c:8f:22:1a:57:f7:ca:75:0b:44:76:e1:58:ba:35:
         bc:1f:c4:89:e4:5a:f3:6b:72:99:9b:b9:16:f7:7c:c9:bf:c4:
         d5:b3:1b:fc:40:f6:c8:32:c5:e6:48:7d:76:37:9c:62:18:a0:
         4b:99:47:ed:61:57:09:b0:60:37:b4:a0:ec:14:ec:58:b1:04:
         5d:4c:61:76:a1:75:0a:72:92:c8:ac:4c:ce:87:bb:bb:26:58:
         6b:1a:8c:eb:14:e7:5b:67:3e:ce:d2:bc:df:0b:54:07:ff:8d:
         2a:09:9a:5b:9a:ad:9a:42:0b:91:1c:77:de:be:06:01:04:2c:
         49:be:ff:d1:2a:30:ae:57:5c:a3:5e:f9:35:85:c2:c7:e8:8d:
         2e:01:4b:0e:0c:0b:67:b0:e2:30:40:16:2b:2e:89:ca:98:83:
         c1:b4:86:e6:bf:60:56:ca:fa:f3:0a:b6:8c:77:55:a5:5d:4b:
         7c:f9:9b:24:b2:a0:53:56:94:8e:90:39:10:02:74:c3:7f:cf:
         8f:9c:60:b0:00:a1:b7:98:6f:1e:f4:78:fd:0c:b4:89:4a:49:
         bd:e3:09:ad:80:48:a2:e9:83:74:6c:da:af:83:ed:e5:9e:1e:
         c8:69:90:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4fYmJWNpnqYJpC19OfI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUxMTA0MDgwMDQ1WhcNMjUxMTA1MDgwMDQ1WjAzMTEwLwYDVQQD
EyhhMmQzMDQ1NTY1YmEwYjJlNTg0YWNlMTIzOGVkODU4M2NiMGFmMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DcEeB2CnoQO94UzT2IRa0AcJJ3r
sKrtDyX5MtU9wCKu7aXvUBIas0bN4OJgegoZgOs4S8++dMMh3o8qltilMKb2oD/B
7Xjonx08E2yA0v3IzIElLctE7A6IzOKQNAAR0nZXGIQXW9/inUAvLbegFVGgLL1d
6ANnUW3SsAN1zXumeJVPdNE12gDtJ2IO4c/Iaxo4q7N87upY4qcs9D7BbNYnKBME
ccwnyoB2GyEoQLj27EwhhoLyz96P+GlEUxOJPQ0LaoCTOyDSea4OxSffc98Z3Lq4
L0bsDyF/uZAJnozhHLhgfjxoFF9vT0CA0bCB+32wMLhxk175sSpWhXRAxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLTBFVlugsuWErOEjjthYPLCvLkMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHCtofmUG
R5LWTPOEAwY+xPi/2OcXTI8iGlf3ynULRHbhWLo1vB/EieRa82tymZu5Fvd8yb/E
1bMb/ED2yDLF5kh9djecYhigS5lH7WFXCbBgN7Sg7BTsWLEEXUxhdqF1CnKSyKxM
zoe7uyZYaxqM6xTnW2c+ztK83wtUB/+NKgmaW5qtmkILkRx33r4GAQQsSb7/0Sow
rldco175NYXCx+iNLgFLDgwLZ7DiMEAWKy6JypiDwbSG5r9gVsr68wq2jHdVpV1L
fPmbJLKgU1aUjpA5EAJ0w3/Pj5xgsACht5hvHvR4/Qy0iUpJveMJrYBIoumDdGza
r4Pt5Z4eyGmQ+Q==
-----END CERTIFICATE-----