Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          5UkQm513uPNpdE0NJ4qD0cI67KtkVyaINFpqDY6LpZs=
Subject key identifier:   66:43:D3:D3:FC:B1:0D:54:68:46:B8:90:AD:F7:7A:77:8B:27:0B:47
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019A52D0EED2703F57D772966BE31A167644
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          16F5
Signing time:             Wed 05 Nov 2025 07:00:15 +0000
Manifest this update:     Wed 05 Nov 2025 07:00:15 +0000
Manifest next update:     Thu 06 Nov 2025 07:00:15 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: SGnJ826NYJeKgMGv1yv8sUE4ZHzGS4Zk1ntdQ197da0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d0:ee:d2:70:3f:57:d7:72:96:6b:e3:1a:16:76:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Nov  5 07:00:15 2025 GMT
            Not After : Nov  6 07:00:15 2025 GMT
        Subject: CN=6643d3d3fcb10d546846b890adf77a778b270b47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fc:00:d4:c5:c9:81:13:00:84:0f:75:9e:04:
                    b6:66:44:66:90:aa:08:14:98:42:30:ee:72:44:21:
                    4e:71:62:05:08:d5:09:30:3c:45:8e:d0:2d:09:4e:
                    af:5d:58:07:77:23:de:7d:77:bd:6f:9d:f1:bc:ad:
                    65:f1:08:87:d0:2f:58:7a:77:b7:80:69:33:74:20:
                    a4:7e:90:ed:db:a2:ea:25:60:e4:cd:15:4b:47:cc:
                    a6:f2:d6:ae:37:07:f9:37:9f:ac:b6:a2:29:e6:e2:
                    f2:bf:67:31:bc:98:b8:e5:b8:b2:27:88:6c:81:29:
                    f4:72:47:ae:4c:d8:39:54:d2:d8:ad:73:a6:33:d9:
                    7c:1b:a6:3b:2d:f4:c8:23:33:c9:92:c8:b6:a3:aa:
                    93:52:69:2d:56:0c:c9:34:12:a3:a2:fc:84:36:fc:
                    31:66:39:5b:0a:a2:f0:cb:9d:eb:81:c5:ec:d2:e9:
                    b4:a0:2c:7c:78:43:b4:32:8a:68:a8:60:9d:72:29:
                    1b:72:2c:dc:bd:a7:f9:99:15:23:1a:e4:7c:f1:f6:
                    cc:43:74:41:ac:0b:92:1d:3c:1d:f4:6c:51:ce:f1:
                    85:72:a6:ad:8d:18:d4:61:d4:74:7f:e5:a3:f0:27:
                    f3:d7:15:fe:6a:61:9d:86:8e:f5:12:01:62:16:bb:
                    35:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:43:D3:D3:FC:B1:0D:54:68:46:B8:90:AD:F7:7A:77:8B:27:0B:47
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:90:8d:78:11:4b:9d:95:a3:a2:3e:4d:85:aa:11:cb:87:bb:
         3f:4e:d9:ac:a2:75:f8:11:70:f0:20:67:ff:11:6b:07:21:fd:
         20:1d:85:3c:d3:02:1b:1e:3b:cc:27:6d:3c:0e:51:d4:b9:94:
         8e:8e:c1:7c:e9:ce:7b:94:c7:24:b4:12:af:e2:50:ea:ee:4a:
         6b:35:3e:29:9f:37:53:a6:db:9a:1c:ae:ac:54:ce:8f:f9:91:
         8b:71:49:25:83:66:ef:0c:2b:40:1c:43:cd:a7:eb:ea:94:17:
         78:94:64:63:cf:b4:ef:28:fe:ad:fa:15:13:b5:1d:30:a8:56:
         b3:54:b6:f0:5e:d0:36:f4:a7:47:e2:23:1e:78:32:5c:ac:0a:
         79:19:7d:0d:f3:7e:57:23:1a:24:fa:6a:6e:66:8e:e1:5d:0c:
         bf:d3:cc:78:fe:8f:d9:43:f2:ea:15:96:bf:81:0a:66:4c:c4:
         96:ae:d0:fc:52:34:b9:c1:5f:d7:65:20:06:03:05:eb:11:8b:
         f0:03:8f:0b:a9:44:61:f5:b2:e1:20:9e:c7:c9:d9:03:69:d2:
         d3:c1:c6:b9:d8:fd:df:34:13:f2:07:76:06:96:7d:b5:d3:41:
         09:0e:42:e9:11:d5:a8:e6:a5:56:af:48:b1:ea:53:71:20:05:
         a6:3f:b3:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0O7ScD9X13KWa+MaFnZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjUxMTA1MDcwMDE1WhcNMjUxMTA2MDcwMDE1WjAzMTEwLwYDVQQD
Eyg2NjQzZDNkM2ZjYjEwZDU0Njg0NmI4OTBhZGY3N2E3NzhiMjcwYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfwA1MXJgRMAhA91ngS2ZkRmkKoI
FJhCMO5yRCFOcWIFCNUJMDxFjtAtCU6vXVgHdyPefXe9b53xvK1l8QiH0C9Yene3
gGkzdCCkfpDt26LqJWDkzRVLR8ym8tauNwf5N5+stqIp5uLyv2cxvJi45biyJ4hs
gSn0ckeuTNg5VNLYrXOmM9l8G6Y7LfTIIzPJksi2o6qTUmktVgzJNBKjovyENvwx
ZjlbCqLwy53rgcXs0um0oCx8eEO0MopoqGCdcikbcizcvaf5mRUjGuR88fbMQ3RB
rAuSHTwd9GxRzvGFcqatjRjUYdR0f+Wj8Cfz1xX+amGdho71EgFiFrs14wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZD09P8sQ1UaEa4kK33eneLJwtHMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapCNeBFL
nZWjoj5NhaoRy4e7P07ZrKJ1+BFw8CBn/xFrByH9IB2FPNMCGx47zCdtPA5R1LmU
jo7BfOnOe5THJLQSr+JQ6u5KazU+KZ83U6bbmhyurFTOj/mRi3FJJYNm7wwrQBxD
zafr6pQXeJRkY8+07yj+rfoVE7UdMKhWs1S28F7QNvSnR+IjHngyXKwKeRl9DfN+
VyMaJPpqbmaO4V0Mv9PMeP6P2UPy6hWWv4EKZkzElq7Q/FI0ucFf12UgBgMF6xGL
8AOPC6lEYfWy4SCex8nZA2nS08HGudj93zQT8gd2BpZ9tdNBCQ5C6RHVqOalVq9I
sepTcSAFpj+zNg==
-----END CERTIFICATE-----