Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          l020+7qoVDp8BVn6gzRv2HLfEjvPh/ajw5SwLzZP1f8=
Subject key identifier:   4B:77:25:73:A4:20:99:13:63:93:D2:5B:9E:B3:3F:67:BD:0D:B7:60
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       019659829A47769751257149635E864CAB03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 18:00:53 +0000
Manifest this update:     Mon 21 Apr 2025 18:00:53 +0000
Manifest next update:     Tue 22 Apr 2025 18:00:53 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: /+5UXq9aDwRBcX1Z52QKuboxHZWuB+DawGMWoDSNgLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 13:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:82:9a:47:76:97:51:25:71:49:63:5e:86:4c:ab:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: Apr 21 18:00:53 2025 GMT
            Not After : Apr 22 18:00:53 2025 GMT
        Subject: CN=4b772573a42099136393d25b9eb33f67bd0db760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:60:82:07:61:92:df:91:3d:20:d2:a0:11:a3:
                    13:02:b0:16:ba:e3:51:ec:9e:58:23:24:2f:fc:b9:
                    82:42:99:0e:e0:5d:3d:75:ec:16:9b:1d:f4:6a:2a:
                    85:a4:a5:c2:29:65:f6:15:c5:e4:73:0e:f0:f9:9e:
                    11:7d:d1:4b:0c:e7:4c:00:ad:ba:33:2c:48:7a:cc:
                    d0:c9:c7:79:14:38:54:de:c3:2c:33:89:8c:66:be:
                    a7:fd:c5:92:0c:40:f5:8a:3d:26:aa:2b:9e:db:0f:
                    d9:9d:85:75:9f:5b:42:ea:a4:4f:ec:a1:b4:c6:2d:
                    5b:9e:fa:f6:86:66:96:ec:6d:c6:9a:50:ad:d5:27:
                    bf:dc:19:f7:d2:9c:72:d6:48:87:f4:ba:6a:40:26:
                    23:a0:29:e1:08:2d:ac:6f:f6:a0:7a:63:a1:32:2f:
                    f7:9a:91:8e:20:1a:88:7e:3b:d4:22:1f:38:c6:cf:
                    d8:ad:c1:d5:3f:4c:ec:48:33:ea:f3:6b:63:b9:94:
                    d6:04:00:a4:db:3a:a8:e3:f9:3d:71:56:b7:af:a8:
                    71:19:e7:62:b6:d5:bc:8c:cd:75:9e:0a:47:39:1e:
                    b9:26:b4:5d:93:b2:ad:a6:50:a1:4d:84:06:cc:a5:
                    4e:e9:68:a0:6b:6c:e8:98:f3:cb:c1:71:fb:2d:16:
                    db:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:77:25:73:A4:20:99:13:63:93:D2:5B:9E:B3:3F:67:BD:0D:B7:60
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:be:68:46:9e:ec:79:80:ad:6d:c4:9e:87:ff:0a:ab:ae:79:
         20:ec:9e:0a:4e:62:ad:aa:ad:92:c5:62:bd:7b:6f:89:6a:54:
         c4:22:91:f8:ae:cf:eb:d1:9c:1e:97:0a:af:4e:78:3a:95:d7:
         44:4b:3a:26:fd:b6:7f:ac:70:1c:09:16:ee:47:18:4b:a3:eb:
         be:bf:73:e6:f6:da:29:83:56:95:97:84:05:fe:bd:2d:2b:9f:
         33:bd:70:40:37:58:03:01:c9:45:b8:89:bf:6e:2a:0f:8b:56:
         ff:8e:b4:99:49:c2:73:ac:76:f8:8d:ee:b6:35:00:fb:f2:4f:
         07:1c:36:ab:07:b1:ed:ce:97:5f:03:62:22:32:6c:2b:78:03:
         f7:91:9d:a2:0e:e0:e7:78:45:4e:1e:5f:4e:12:7d:a8:7d:48:
         95:86:12:ff:9e:79:69:23:42:b9:d5:38:e2:d5:f0:2b:69:6d:
         62:41:aa:ec:7c:85:46:66:69:50:93:04:d7:86:94:eb:ef:7a:
         c6:b8:08:31:43:88:c4:3e:86:24:be:77:d3:05:52:d8:2c:2b:
         69:f2:d1:24:f6:52:b2:19:c4:22:00:e3:32:34:18:bc:72:37:
         fd:c6:34:4e:b9:eb:4c:c7:82:aa:52:87:a7:3d:d8:41:18:ea:
         c6:ef:7e:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgppHdpdRJXFJY16GTKsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjUwNDIxMTgwMDUzWhcNMjUwNDIyMTgwMDUzWjAzMTEwLwYDVQQD
Eyg0Yjc3MjU3M2E0MjA5OTEzNjM5M2QyNWI5ZWIzM2Y2N2JkMGRiNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2CCB2GS35E9INKgEaMTArAWuuNR
7J5YIyQv/LmCQpkO4F09dewWmx30aiqFpKXCKWX2FcXkcw7w+Z4RfdFLDOdMAK26
MyxIeszQycd5FDhU3sMsM4mMZr6n/cWSDED1ij0mqiue2w/ZnYV1n1tC6qRP7KG0
xi1bnvr2hmaW7G3GmlCt1Se/3Bn30pxy1kiH9LpqQCYjoCnhCC2sb/agemOhMi/3
mpGOIBqIfjvUIh84xs/YrcHVP0zsSDPq82tjuZTWBACk2zqo4/k9cVa3r6hxGedi
ttW8jM11ngpHOR65JrRdk7KtplChTYQGzKVO6Wiga2zomPPLwXH7LRbbVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEt3JXOkIJkTY5PSW56zP2e9DbdgMB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeb5oRp7s
eYCtbcSeh/8Kq655IOyeCk5iraqtksVivXtviWpUxCKR+K7P69GcHpcKr054OpXX
REs6Jv22f6xwHAkW7kcYS6Prvr9z5vbaKYNWlZeEBf69LSufM71wQDdYAwHJRbiJ
v24qD4tW/460mUnCc6x2+I3utjUA+/JPBxw2qwex7c6XXwNiIjJsK3gD95Gdog7g
53hFTh5fThJ9qH1IlYYS/555aSNCudU44tXwK2ltYkGq7HyFRmZpUJME14aU6+96
xrgIMUOIxD6GJL530wVS2CwrafLRJPZSshnEIgDjMjQYvHI3/cY0TrnrTMeCqlKH
pz3YQRjqxu9+Og==
-----END CERTIFICATE-----