Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          wIeJ9THstW1lCwajgssyzlqu0kjZIGvCbDfx1xgSyOI=
Subject key identifier:   D8:CE:3C:9B:79:F8:A2:46:9B:DE:3A:6E:12:05:23:2A:4D:2B:BD:A7
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       019A4D73DA211B4BE9F2B7CEED5DE4957354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          0608
Signing time:             Tue 04 Nov 2025 06:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:29 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: mERBr9+kmOgQErhPQL+GrB3XtMoJxO37LNipvJ+o0Q0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:da:21:1b:4b:e9:f2:b7:ce:ed:5d:e4:95:73:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Nov  4 06:00:29 2025 GMT
            Not After : Nov  5 06:00:29 2025 GMT
        Subject: CN=d8ce3c9b79f8a2469bde3a6e1205232a4d2bbda7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0d:10:db:e7:5f:04:e8:70:27:57:fb:4c:8a:
                    56:8b:a9:38:63:d6:a6:8d:48:71:43:3d:51:d9:a8:
                    e5:65:e4:14:02:a2:0b:cc:75:90:c9:e9:ec:e3:b5:
                    37:56:d9:2e:9b:e0:a7:6f:7d:cc:1d:79:99:1e:93:
                    f4:1f:90:13:10:d4:54:d7:e0:b7:8b:90:cd:13:bd:
                    ef:76:d5:d4:c9:8f:8a:fb:03:93:1d:0d:a0:d0:48:
                    ec:48:e3:e6:58:65:92:32:31:13:66:71:63:e8:ac:
                    81:a4:7c:63:36:9d:41:6d:94:cb:16:46:35:b4:35:
                    f1:b3:89:e1:7a:71:30:d5:dd:1f:41:84:09:b6:60:
                    c9:b2:d8:6d:72:cf:db:72:36:0d:1d:2e:40:4d:71:
                    9e:d8:ca:30:dd:85:dc:6b:7e:bc:da:e4:f0:3a:60:
                    a2:84:3e:97:bb:5e:bf:71:41:32:cd:17:0e:8b:b1:
                    49:b2:eb:4c:17:71:63:61:80:41:d5:ba:bd:37:7e:
                    e6:9b:5a:66:7c:17:1c:b0:8d:74:96:11:95:d9:17:
                    67:05:ab:68:4a:93:3d:42:bc:31:5a:67:d6:97:05:
                    f9:c5:39:3f:96:98:84:08:17:62:32:8a:e5:a9:6a:
                    ae:e0:bb:f4:1c:75:f2:b6:10:e5:1a:59:6d:e2:cc:
                    4f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:CE:3C:9B:79:F8:A2:46:9B:DE:3A:6E:12:05:23:2A:4D:2B:BD:A7
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:2e:8a:ff:4a:23:c3:07:cc:e9:58:35:23:09:2a:f6:2c:ec:
         a8:8d:24:fc:50:2f:64:d8:97:1d:00:bd:b2:1e:e7:ac:50:12:
         89:69:20:00:36:24:aa:a6:b3:d8:b5:cc:67:57:67:46:f8:ab:
         61:85:15:5d:9e:2d:96:37:ac:de:f3:81:ba:0e:f3:66:12:2d:
         85:e0:a1:c4:8a:00:ce:db:c9:84:15:f4:16:3a:e8:9f:61:15:
         66:7f:6e:fe:45:df:87:fc:c6:80:dc:91:04:ff:e3:24:84:53:
         b8:b7:81:e4:50:7c:7d:39:95:14:a7:46:33:3f:df:92:fd:f4:
         bd:9b:ed:ba:fe:94:fa:17:c6:15:c1:2f:be:10:49:c4:03:35:
         89:28:73:85:d9:63:77:99:a7:d0:7a:ca:77:6a:f1:7d:e3:9d:
         bd:08:8a:fe:6a:cd:01:96:9f:92:e1:c4:cb:50:f1:77:e3:23:
         9e:eb:42:b6:6f:49:53:9c:5a:32:83:1a:9b:1c:60:cf:4b:36:
         64:e8:51:8a:a5:1b:de:c1:42:81:4f:df:77:02:e4:9c:f7:b7:
         a0:fd:83:b4:9f:8f:6d:70:cf:e4:b6:9d:06:17:22:1b:cc:17:
         65:b8:81:43:8c:74:4a:c2:26:f9:08:02:c9:9b:60:a0:35:66:
         66:d4:93:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc9ohG0vp8rfO7V3klXNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUxMTA0MDYwMDI5WhcNMjUxMTA1MDYwMDI5WjAzMTEwLwYDVQQD
EyhkOGNlM2M5Yjc5ZjhhMjQ2OWJkZTNhNmUxMjA1MjMyYTRkMmJiZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA0Q2+dfBOhwJ1f7TIpWi6k4Y9am
jUhxQz1R2ajlZeQUAqILzHWQyens47U3Vtkum+Cnb33MHXmZHpP0H5ATENRU1+C3
i5DNE73vdtXUyY+K+wOTHQ2g0EjsSOPmWGWSMjETZnFj6KyBpHxjNp1BbZTLFkY1
tDXxs4nhenEw1d0fQYQJtmDJsthtcs/bcjYNHS5ATXGe2Mow3YXca3682uTwOmCi
hD6Xu16/cUEyzRcOi7FJsutMF3FjYYBB1bq9N37mm1pmfBccsI10lhGV2RdnBato
SpM9QrwxWmfWlwX5xTk/lpiECBdiMorlqWqu4Lv0HHXythDlGllt4sxPuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjOPJt5+KJGm946bhIFIypNK72nMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2C6K/0oj
wwfM6Vg1Iwkq9izsqI0k/FAvZNiXHQC9sh7nrFASiWkgADYkqqaz2LXMZ1dnRvir
YYUVXZ4tljes3vOBug7zZhItheChxIoAztvJhBX0Fjron2EVZn9u/kXfh/zGgNyR
BP/jJIRTuLeB5FB8fTmVFKdGMz/fkv30vZvtuv6U+hfGFcEvvhBJxAM1iShzhdlj
d5mn0HrKd2rxfeOdvQiK/mrNAZafkuHEy1Dxd+MjnutCtm9JU5xaMoMamxxgz0s2
ZOhRiqUb3sFCgU/fdwLknPe3oP2DtJ+PbXDP5LadBhciG8wXZbiBQ4x0SsIm+QgC
yZtgoDVmZtSTKg==
-----END CERTIFICATE-----