Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          3wakXgMGinotC5C3lTpmrJf0mD0QIHy1b7xbu1VthnI=
Subject key identifier:   EB:55:07:CD:AF:2E:05:A4:1C:96:8A:2C:0A:0F:04:DE:90:9F:2A:6F
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       0198971350E5350262334AB1E685DE5964F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          0525
Signing time:             Mon 11 Aug 2025 03:01:22 +0000
Manifest this update:     Mon 11 Aug 2025 03:01:22 +0000
Manifest next update:     Tue 12 Aug 2025 03:01:22 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: lBDsd/yt4kNP+YdiQQR0EN8GI1V3KDJorBK6W06RmfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:13:50:e5:35:02:62:33:4a:b1:e6:85:de:59:64:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Aug 11 03:01:22 2025 GMT
            Not After : Aug 12 03:01:22 2025 GMT
        Subject: CN=eb5507cdaf2e05a41c968a2c0a0f04de909f2a6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4f:26:9a:3d:b2:f3:24:3d:65:92:23:fa:2b:
                    56:1b:02:ce:14:a9:c3:df:8a:e4:35:4c:59:80:3a:
                    13:2c:55:a9:c3:84:bc:ba:8b:41:cb:76:43:0d:cf:
                    25:b5:8b:ef:b7:78:85:61:8e:1a:f9:49:f7:d1:e3:
                    90:f1:bb:db:b7:b4:21:b5:78:7b:0f:76:6c:d6:3f:
                    72:57:a7:43:ad:75:60:d2:56:c3:e0:3a:39:3f:d5:
                    d7:c4:aa:1e:5c:6e:34:f1:73:22:bd:28:c3:e8:c8:
                    14:4e:99:cc:31:91:cd:49:b7:e7:d8:f2:13:61:36:
                    eb:62:aa:e2:2f:98:e7:f9:d7:5e:b8:4d:6b:20:25:
                    c1:25:bb:de:0e:ac:d9:2f:0d:bf:e3:43:6b:e7:14:
                    3e:53:fd:af:6b:ba:b4:72:02:84:5a:af:0d:64:85:
                    14:45:d5:02:c1:35:ae:50:e7:3f:e3:db:4b:2e:53:
                    f6:a1:a3:9a:17:d2:b0:4f:de:70:8e:c5:d5:a8:53:
                    bd:06:60:6e:75:5e:97:aa:41:2e:a5:30:b2:56:44:
                    09:b5:93:43:ec:10:45:a3:c7:be:a2:ad:90:e3:ce:
                    be:ab:f8:64:44:c4:fc:09:31:36:f9:d6:85:18:57:
                    cc:ec:11:df:0c:cc:fc:64:d7:cd:32:6a:43:de:ac:
                    32:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:55:07:CD:AF:2E:05:A4:1C:96:8A:2C:0A:0F:04:DE:90:9F:2A:6F
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:04:b7:27:f1:54:03:10:a2:2e:fb:49:1e:24:30:80:3d:eb:
         b1:c3:19:4e:52:96:eb:9e:d2:d7:f2:c1:58:86:c3:c8:d3:4e:
         94:b8:30:c4:b1:21:23:80:6b:7b:0c:0c:57:f4:59:23:6b:55:
         4f:82:1e:34:cc:04:0a:69:82:00:9a:11:6e:77:9a:45:5b:f9:
         29:66:bc:c4:cc:5d:22:9b:37:e3:2b:4e:4d:f1:c7:e6:dd:b0:
         2c:52:5f:f4:b2:8d:ed:d9:10:7b:6a:ef:60:c6:62:c5:53:9f:
         d4:b4:a9:55:b9:ba:8d:de:23:e0:97:8e:4a:48:3a:74:f5:21:
         56:8f:4e:5a:0f:c8:29:38:72:21:14:dc:26:82:a4:27:5e:14:
         80:e3:10:d2:97:79:e6:ac:e2:f5:b1:30:ec:8b:dd:d8:c8:11:
         8f:54:d0:09:7a:35:8b:e8:b0:08:d8:ae:06:8b:3b:fb:f2:8a:
         8a:fc:1b:15:3d:d6:6b:ef:04:5a:99:55:4f:87:1d:6e:7d:42:
         7c:54:87:bf:6d:69:ce:7b:de:20:88:77:47:5b:ae:89:22:e9:
         a6:30:cf:05:b9:72:6c:10:f9:e4:b6:65:ee:fe:43:19:59:6a:
         10:9c:37:be:11:18:46:64:43:10:84:1f:5b:9c:c4:b4:93:65:
         d0:3b:22:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXE1DlNQJiM0qx5oXeWWTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUwODExMDMwMTIyWhcNMjUwODEyMDMwMTIyWjAzMTEwLwYDVQQD
EyhlYjU1MDdjZGFmMmUwNWE0MWM5NjhhMmMwYTBmMDRkZTkwOWYyYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk8mmj2y8yQ9ZZIj+itWGwLOFKnD
34rkNUxZgDoTLFWpw4S8uotBy3ZDDc8ltYvvt3iFYY4a+Un30eOQ8bvbt7QhtXh7
D3Zs1j9yV6dDrXVg0lbD4Do5P9XXxKoeXG408XMivSjD6MgUTpnMMZHNSbfn2PIT
YTbrYqriL5jn+ddeuE1rICXBJbveDqzZLw2/40Nr5xQ+U/2va7q0cgKEWq8NZIUU
RdUCwTWuUOc/49tLLlP2oaOaF9KwT95wjsXVqFO9BmBudV6XqkEupTCyVkQJtZND
7BBFo8e+oq2Q486+q/hkRMT8CTE2+daFGFfM7BHfDMz8ZNfNMmpD3qwySQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtVB82vLgWkHJaKLAoPBN6QnypvMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQS3J/FU
AxCiLvtJHiQwgD3rscMZTlKW657S1/LBWIbDyNNOlLgwxLEhI4BrewwMV/RZI2tV
T4IeNMwECmmCAJoRbneaRVv5KWa8xMxdIps34ytOTfHH5t2wLFJf9LKN7dkQe2rv
YMZixVOf1LSpVbm6jd4j4JeOSkg6dPUhVo9OWg/IKThyIRTcJoKkJ14UgOMQ0pd5
5qzi9bEw7Ivd2MgRj1TQCXo1i+iwCNiuBos7+/KKivwbFT3Wa+8EWplVT4cdbn1C
fFSHv21pznveIIh3R1uuiSLppjDPBblybBD55LZl7v5DGVlqEJw3vhEYRmRDEIQf
W5zEtJNl0DsidQ==
-----END CERTIFICATE-----