Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          PQt5KwMukXdJL8AUT1/C+plb5xkQVgelo1+RzgBu5rQ=
Subject key identifier:   DC:D3:68:5D:C1:CA:F4:65:C6:ED:00:A4:3D:A9:F0:10:46:A0:68:0C
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       01988DD8B05AC682A4ADBE4A6540AE77C77A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          0664
Signing time:             Sat 09 Aug 2025 08:00:44 +0000
Manifest this update:     Sat 09 Aug 2025 08:00:44 +0000
Manifest next update:     Sun 10 Aug 2025 08:00:44 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: janw28SW7oH4ea2fVcanJo6Vt3IZKaRwE6Fh44gpXpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 05:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8d:d8:b0:5a:c6:82:a4:ad:be:4a:65:40:ae:77:c7:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Aug  9 08:00:44 2025 GMT
            Not After : Aug 10 08:00:44 2025 GMT
        Subject: CN=dcd3685dc1caf465c6ed00a43da9f01046a0680c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c2:7a:9a:c0:97:da:f4:57:a5:30:b1:ba:06:
                    34:8e:75:6e:32:17:d7:23:0a:06:22:cd:a0:c8:30:
                    b9:26:87:75:42:53:e6:a5:db:1a:68:da:99:82:9d:
                    02:9c:ef:40:ce:f9:e4:bd:3a:83:72:9c:f9:c6:a0:
                    0c:22:fb:76:ca:7f:50:1c:fb:61:73:eb:b3:5f:46:
                    41:a8:3d:f9:cf:d0:ee:33:4f:2b:62:71:bc:bd:6f:
                    14:e1:91:a0:c9:63:01:04:29:89:16:88:ce:bd:e4:
                    42:73:d7:77:2b:77:e2:ec:ff:a3:ed:11:16:17:a9:
                    01:7a:7d:4b:89:0b:9f:d6:df:26:e2:98:94:b0:f5:
                    e1:09:3e:ee:b8:6f:6d:b6:5e:99:fa:f4:76:39:1f:
                    9c:be:0c:e4:e9:38:06:c0:40:47:1c:b0:9e:fe:62:
                    20:6b:b3:9a:6b:e2:41:4f:63:63:2a:d3:1f:60:72:
                    9a:d4:49:9d:61:73:0c:e3:66:f1:69:0b:b4:ea:42:
                    34:93:f5:51:47:2b:bb:bf:53:d8:85:3e:ef:4c:ce:
                    50:66:7b:0d:83:74:04:50:8c:56:12:55:04:f5:83:
                    e4:c9:54:8f:68:66:79:a5:9b:2c:cd:de:8a:17:84:
                    a0:fc:b5:1a:d3:a3:2f:9f:be:96:76:3c:c0:6d:ba:
                    c6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:D3:68:5D:C1:CA:F4:65:C6:ED:00:A4:3D:A9:F0:10:46:A0:68:0C
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:b2:98:61:d7:a4:50:db:82:06:07:73:46:52:18:0a:e4:a6:
         e9:12:4c:60:d2:0a:03:21:64:f1:dd:00:57:7c:a0:5f:bb:07:
         1f:23:d5:77:97:95:bf:4b:15:4a:f7:d1:1f:51:ef:74:1e:1f:
         1a:44:aa:9a:5b:7c:5a:f5:d3:67:b3:b5:42:55:27:39:1d:e5:
         cb:28:44:91:1a:a6:76:40:fb:b1:67:64:83:ed:76:01:64:67:
         90:08:07:f2:ee:96:ad:61:31:05:b4:e5:f0:ed:5b:87:f2:db:
         b9:db:60:8e:97:db:fd:0a:b0:1b:8a:79:06:6e:ba:f2:15:85:
         24:db:50:2c:46:d0:1c:5b:b2:42:8a:17:c5:4f:d8:28:66:9e:
         e8:1f:55:10:50:41:95:80:b3:2c:22:18:40:71:89:25:24:4e:
         51:d1:08:e3:62:5c:aa:53:ea:fd:a8:cb:bb:be:3b:ca:de:fd:
         95:f9:b9:9c:8c:f2:17:a3:a3:bc:b4:8d:ec:41:07:8f:8d:3d:
         0d:f7:d3:c4:ba:c7:11:49:86:89:ed:94:68:ac:8d:0e:e3:a1:
         5b:22:92:a9:c3:1e:27:92:2d:22:ce:7c:12:9b:a8:de:6b:b6:
         7c:33:6b:19:d8:bc:2a:79:78:0c:65:ce:f5:e2:c6:5f:97:7b:
         6f:44:01:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiN2LBaxoKkrb5KZUCud8d6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUwODA5MDgwMDQ0WhcNMjUwODEwMDgwMDQ0WjAzMTEwLwYDVQQD
EyhkY2QzNjg1ZGMxY2FmNDY1YzZlZDAwYTQzZGE5ZjAxMDQ2YTA2ODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8J6msCX2vRXpTCxugY0jnVuMhfX
IwoGIs2gyDC5Jod1QlPmpdsaaNqZgp0CnO9AzvnkvTqDcpz5xqAMIvt2yn9QHPth
c+uzX0ZBqD35z9DuM08rYnG8vW8U4ZGgyWMBBCmJFojOveRCc9d3K3fi7P+j7REW
F6kBen1LiQuf1t8m4piUsPXhCT7uuG9ttl6Z+vR2OR+cvgzk6TgGwEBHHLCe/mIg
a7Oaa+JBT2NjKtMfYHKa1EmdYXMM42bxaQu06kI0k/VRRyu7v1PYhT7vTM5QZnsN
g3QEUIxWElUE9YPkyVSPaGZ5pZsszd6KF4Sg/LUa06Mvn76WdjzAbbrGOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzTaF3ByvRlxu0ApD2p8BBGoGgMMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnrKYYdek
UNuCBgdzRlIYCuSm6RJMYNIKAyFk8d0AV3ygX7sHHyPVd5eVv0sVSvfRH1HvdB4f
GkSqmlt8WvXTZ7O1QlUnOR3lyyhEkRqmdkD7sWdkg+12AWRnkAgH8u6WrWExBbTl
8O1bh/Lbudtgjpfb/QqwG4p5Bm668hWFJNtQLEbQHFuyQooXxU/YKGae6B9VEFBB
lYCzLCIYQHGJJSROUdEI42JcqlPq/ajLu747yt79lfm5nIzyF6OjvLSN7EEHj409
DffTxLrHEUmGie2UaKyNDuOhWyKSqcMeJ5ItIs58Epuo3mu2fDNrGdi8Knl4DGXO
9eLGX5d7b0QB+Q==
-----END CERTIFICATE-----