Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d5bc61-6a99-4c4e-84c4-9b21f334d028/1/v_h00BVAcOlio8hxmCH9ucsQFuE.mft
File:                     v_h00BVAcOlio8hxmCH9ucsQFuE.mft (raw, json)
Hash identifier:          kMCyNDb2MTldDLSLRSvspXurpkbX3qtiRNUqI0swo/w=
Subject key identifier:   BF:02:10:F7:5B:74:AC:6D:95:D8:43:E0:AE:1A:A5:E1:17:67:5F:B3
Authority key identifier: BF:F8:74:D0:15:40:70:E9:62:A3:C8:71:98:21:FD:B9:CB:10:16:E1
Certificate issuer:       /CN=bff874d0154070e962a3c8719821fdb9cb1016e1
Certificate serial:       019653B6D62779F4103973A0241DDBE55E62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v_h00BVAcOlio8hxmCH9ucsQFuE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/d5bc61-6a99-4c4e-84c4-9b21f334d028/1/v_h00BVAcOlio8hxmCH9ucsQFuE.mft
Manifest number:          121C
Signing time:             Sun 20 Apr 2025 15:00:12 +0000
Manifest this update:     Sun 20 Apr 2025 15:00:12 +0000
Manifest next update:     Mon 21 Apr 2025 15:00:12 +0000
Files and hashes:         1: v_h00BVAcOlio8hxmCH9ucsQFuE.crl (hash: vUmTVAYb0TGZfYV5yObDn2xRvutBTgAixdf8B1U5AO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/d5bc61-6a99-4c4e-84c4-9b21f334d028/1/v_h00BVAcOlio8hxmCH9ucsQFuE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/d5bc61-6a99-4c4e-84c4-9b21f334d028/1/v_h00BVAcOlio8hxmCH9ucsQFuE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v_h00BVAcOlio8hxmCH9ucsQFuE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b6:d6:27:79:f4:10:39:73:a0:24:1d:db:e5:5e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bff874d0154070e962a3c8719821fdb9cb1016e1
        Validity
            Not Before: Apr 20 15:00:12 2025 GMT
            Not After : Apr 21 15:00:12 2025 GMT
        Subject: CN=bf0210f75b74ac6d95d843e0ae1aa5e117675fb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7e:75:a5:07:3a:cd:4f:6b:20:74:50:dd:4d:
                    bf:18:a9:e9:06:ee:f2:70:3b:c6:97:a0:ba:e6:87:
                    75:a1:7d:9f:9a:6e:1b:70:5d:8d:77:00:f4:3f:2d:
                    84:6f:f9:85:f8:7a:86:cb:95:a6:a8:4e:24:8b:1f:
                    8b:d9:8f:3b:22:ea:0b:22:7d:c5:1c:f8:64:3d:5d:
                    93:7c:86:6c:7f:bf:18:2c:62:06:f3:a6:6b:b4:23:
                    f4:72:75:e1:65:be:5d:00:d3:42:83:17:0c:69:5a:
                    ac:50:e3:ec:ca:66:e3:7c:48:9e:9d:fd:d7:0a:aa:
                    dc:a8:6e:8c:06:60:b2:97:2e:56:ab:49:b1:e6:24:
                    95:ed:15:e3:3d:61:7f:af:f1:b7:ee:c2:11:ad:95:
                    64:2f:db:ed:67:95:31:fa:a6:11:f1:10:a0:25:06:
                    c9:67:30:6e:1e:a8:7a:d0:bd:cd:05:2c:29:aa:fa:
                    33:6d:97:94:ce:62:6a:f9:a7:a7:d1:83:a6:ff:bc:
                    62:7b:9c:71:9a:49:3e:2d:09:b1:49:30:0e:ff:98:
                    7b:70:54:60:ec:a0:bd:51:0b:ef:43:2d:81:10:38:
                    93:a2:50:e5:4c:0b:04:74:7c:92:b6:ed:4f:3c:2a:
                    86:f1:f9:41:76:44:80:fe:53:62:99:68:03:15:5a:
                    62:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:02:10:F7:5B:74:AC:6D:95:D8:43:E0:AE:1A:A5:E1:17:67:5F:B3
            X509v3 Authority Key Identifier:
                keyid:BF:F8:74:D0:15:40:70:E9:62:A3:C8:71:98:21:FD:B9:CB:10:16:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_h00BVAcOlio8hxmCH9ucsQFuE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d5bc61-6a99-4c4e-84c4-9b21f334d028/1/v_h00BVAcOlio8hxmCH9ucsQFuE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d5bc61-6a99-4c4e-84c4-9b21f334d028/1/v_h00BVAcOlio8hxmCH9ucsQFuE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:69:41:00:18:3b:83:8e:a8:f4:cf:f9:27:f6:ed:de:df:00:
         dd:8d:c7:8d:5a:a9:86:07:8b:a3:1c:ec:ae:67:3b:d9:d5:d1:
         82:c5:2f:62:c7:fd:cf:3f:d4:69:4e:af:74:f9:50:71:f4:da:
         82:f9:34:5c:51:63:30:80:cc:78:9b:3a:8f:a6:a3:52:22:58:
         32:a1:28:e0:b8:b7:83:9d:1a:91:10:ee:52:73:52:36:0d:b3:
         02:44:2b:fe:4f:ba:f8:7c:6e:11:06:97:25:1c:30:23:15:b2:
         0b:12:72:81:9a:df:38:25:66:2d:86:05:a8:18:57:ef:f7:e7:
         3d:a8:8e:2e:b9:32:3e:44:7c:40:a2:ca:6b:f4:c1:3d:bb:e7:
         54:86:8f:ab:75:1f:8f:aa:9a:3f:54:5a:77:34:62:ff:76:76:
         88:6a:33:61:f1:f5:15:14:37:45:57:0f:1a:23:7d:7f:27:12:
         aa:d5:c3:37:98:2f:4e:bb:99:85:72:47:24:e6:d5:a0:18:54:
         cd:55:2d:a3:c8:e4:8f:eb:df:ab:d3:37:db:ae:c7:1c:9b:66:
         52:4e:d9:13:a1:25:76:ae:16:06:d7:ad:68:be:02:90:b5:66:
         70:16:84:ba:85:f5:f1:9b:8b:a1:30:e0:bf:89:9e:b9:5f:76:
         62:c2:d7:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTttYnefQQOXOgJB3b5V5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZjg3NGQwMTU0MDcwZTk2MmEzYzg3MTk4MjFmZGI5Y2Ix
MDE2ZTEwHhcNMjUwNDIwMTUwMDEyWhcNMjUwNDIxMTUwMDEyWjAzMTEwLwYDVQQD
EyhiZjAyMTBmNzViNzRhYzZkOTVkODQzZTBhZTFhYTVlMTE3Njc1ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX51pQc6zU9rIHRQ3U2/GKnpBu7y
cDvGl6C65od1oX2fmm4bcF2NdwD0Py2Eb/mF+HqGy5WmqE4kix+L2Y87IuoLIn3F
HPhkPV2TfIZsf78YLGIG86ZrtCP0cnXhZb5dANNCgxcMaVqsUOPsymbjfEienf3X
CqrcqG6MBmCyly5Wq0mx5iSV7RXjPWF/r/G37sIRrZVkL9vtZ5Ux+qYR8RCgJQbJ
ZzBuHqh60L3NBSwpqvozbZeUzmJq+aen0YOm/7xie5xxmkk+LQmxSTAO/5h7cFRg
7KC9UQvvQy2BEDiTolDlTAsEdHyStu1PPCqG8flBdkSA/lNimWgDFVpibwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8CEPdbdKxtldhD4K4apeEXZ1+zMB8GA1UdIwQY
MBaAFL/4dNAVQHDpYqPIcZgh/bnLEBbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl9oMDBCVkFjT2xpbzhoeG1DSDl1Y3NRRnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kNWJjNjEtNmE5OS00YzRlLTg0YzQt
OWIyMWYzMzRkMDI4LzEvdl9oMDBCVkFjT2xpbzhoeG1DSDl1Y3NRRnVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9kNWJjNjEtNmE5OS00YzRlLTg0YzQtOWIyMWYzMzRkMDI4
LzEvdl9oMDBCVkFjT2xpbzhoeG1DSDl1Y3NRRnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJGlBABg7
g46o9M/5J/bt3t8A3Y3HjVqphgeLoxzsrmc72dXRgsUvYsf9zz/UaU6vdPlQcfTa
gvk0XFFjMIDMeJs6j6ajUiJYMqEo4Li3g50akRDuUnNSNg2zAkQr/k+6+HxuEQaX
JRwwIxWyCxJygZrfOCVmLYYFqBhX7/fnPaiOLrkyPkR8QKLKa/TBPbvnVIaPq3Uf
j6qaP1RadzRi/3Z2iGozYfH1FRQ3RVcPGiN9fycSqtXDN5gvTruZhXJHJObVoBhU
zVUto8jkj+vfq9M3267HHJtmUk7ZE6Eldq4WBtetaL4CkLVmcBaEuoX18ZuLoTDg
v4meuV92YsLXdg==
-----END CERTIFICATE-----