Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
File:                     BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft (raw, json)
Hash identifier:          SKK4GM5k+UkOO+bjqFxPlZIxv4vkMweTlsPnyGA83n0=
Subject key identifier:   AC:BB:2B:3F:90:B6:59:FD:36:C4:D7:F3:0B:53:67:F5:97:1C:E1:5A
Authority key identifier: 06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4
Certificate issuer:       /CN=066ba209c50c02a858b54308c82ae5bf302efaa4
Certificate serial:       0199239FDCDF41E2058977D3FDDE24B31857
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
Manifest number:          1343
Signing time:             Sun 07 Sep 2025 10:01:43 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:43 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:43 +0000
Files and hashes:         1: BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl (hash: hwOV/sM+cSCx9sWw6jjZe+TzF9hFB5PfSwNz9oA7DFg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:dc:df:41:e2:05:89:77:d3:fd:de:24:b3:18:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=066ba209c50c02a858b54308c82ae5bf302efaa4
        Validity
            Not Before: Sep  7 10:01:43 2025 GMT
            Not After : Sep  8 10:01:43 2025 GMT
        Subject: CN=acbb2b3f90b659fd36c4d7f30b5367f5971ce15a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:13:50:53:c8:7d:a5:5f:49:24:12:2e:38:ad:
                    4d:38:82:cf:0b:57:bc:66:b0:81:17:a4:48:74:74:
                    c3:d4:10:54:12:3f:70:c4:c7:0f:d0:81:bd:55:10:
                    99:a4:63:11:53:07:c0:c9:cd:c7:f2:6f:42:fb:01:
                    12:60:e9:26:5d:b8:73:8a:e3:11:82:60:8e:21:08:
                    9b:92:7e:0d:f4:e2:9e:95:f8:25:43:fb:9c:8a:e5:
                    cf:15:64:0c:35:2a:31:1d:01:30:0e:9b:3f:e9:7d:
                    b6:1a:58:cd:0d:dc:72:40:4c:6c:c4:50:c5:dd:06:
                    19:0c:ef:bc:1b:08:54:6b:61:0b:ed:02:35:2b:aa:
                    e8:cd:0a:28:61:38:65:29:44:47:ab:37:d8:0f:69:
                    d8:a7:8b:7a:78:e4:88:91:ae:ac:57:61:0a:91:ec:
                    c0:af:59:21:eb:f7:2d:52:2f:c3:6a:4e:e8:a0:ca:
                    5a:31:48:c7:f8:f9:f8:04:15:49:63:1f:bb:b3:79:
                    3e:3e:ef:95:b1:f1:8d:45:1e:71:3c:61:51:ee:a0:
                    14:aa:e5:6e:43:80:18:56:69:e7:69:51:a4:3f:bd:
                    e9:df:3e:e6:61:0b:7c:c1:07:1f:80:12:ce:d7:15:
                    a4:1e:70:d7:cf:16:ea:cf:79:8f:25:8e:cc:90:dd:
                    68:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:BB:2B:3F:90:B6:59:FD:36:C4:D7:F3:0B:53:67:F5:97:1C:E1:5A
            X509v3 Authority Key Identifier:
                keyid:06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:3d:17:f9:83:06:d3:37:82:16:b8:f6:14:a4:2f:59:d9:ae:
         f0:12:b3:0f:ff:cc:20:e3:31:1f:c7:bf:53:b7:24:d5:5d:6e:
         ca:e1:e9:b6:8a:65:25:64:39:0b:c5:6f:36:53:ce:00:a2:bf:
         5f:db:26:e1:2f:b2:a4:ce:51:7f:5e:b2:fb:f7:70:7e:ef:e5:
         ab:00:54:79:09:16:4c:bc:81:4e:53:ef:fb:7d:b4:de:c7:25:
         2f:33:69:19:9e:c9:d9:c8:04:98:f6:79:17:b7:c0:1c:d3:a2:
         ff:98:a1:91:3e:60:66:0d:e3:e9:88:2d:a7:ce:83:9b:e5:a4:
         70:ac:39:d8:ce:6d:3c:fa:a3:f2:c5:cd:22:04:a3:8b:ee:b1:
         e7:c2:cd:e8:5c:77:30:7e:6d:97:51:d2:b0:50:70:9a:5b:36:
         8b:66:46:b9:44:16:87:51:9a:36:b8:18:37:20:dc:d0:ae:5c:
         d6:ce:0a:45:e1:64:51:28:a5:37:1f:f4:c1:41:3d:a8:3a:aa:
         81:ee:19:9e:0e:e8:c0:49:4f:1d:53:ea:15:18:84:33:d0:b6:
         55:f1:f1:dc:34:c8:7e:ce:73:51:d0:90:0d:b1:df:4c:9e:c6:
         32:a1:72:12:ae:d7:cd:37:9c:2d:ec:d7:7c:11:63:0b:51:d1:
         96:e8:53:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn9zfQeIFiXfT/d4ksxhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NmJhMjA5YzUwYzAyYTg1OGI1NDMwOGM4MmFlNWJmMzAy
ZWZhYTQwHhcNMjUwOTA3MTAwMTQzWhcNMjUwOTA4MTAwMTQzWjAzMTEwLwYDVQQD
EyhhY2JiMmIzZjkwYjY1OWZkMzZjNGQ3ZjMwYjUzNjdmNTk3MWNlMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRNQU8h9pV9JJBIuOK1NOILPC1e8
ZrCBF6RIdHTD1BBUEj9wxMcP0IG9VRCZpGMRUwfAyc3H8m9C+wESYOkmXbhziuMR
gmCOIQibkn4N9OKelfglQ/uciuXPFWQMNSoxHQEwDps/6X22GljNDdxyQExsxFDF
3QYZDO+8GwhUa2EL7QI1K6rozQooYThlKURHqzfYD2nYp4t6eOSIka6sV2EKkezA
r1kh6/ctUi/Dak7ooMpaMUjH+Pn4BBVJYx+7s3k+Pu+VsfGNRR5xPGFR7qAUquVu
Q4AYVmnnaVGkP73p3z7mYQt8wQcfgBLO1xWkHnDXzxbqz3mPJY7MkN1o4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKy7Kz+Qtln9NsTX8wtTZ/WXHOFaMB8GA1UdIwQY
MBaAFAZrognFDAKoWLVDCMgq5b8wLvqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYt
OTNmZmVjNWMzYzgxLzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYtOTNmZmVjNWMzYzgx
LzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALT0X+YMG
0zeCFrj2FKQvWdmu8BKzD//MIOMxH8e/U7ck1V1uyuHptoplJWQ5C8VvNlPOAKK/
X9sm4S+ypM5Rf16y+/dwfu/lqwBUeQkWTLyBTlPv+3203sclLzNpGZ7J2cgEmPZ5
F7fAHNOi/5ihkT5gZg3j6Ygtp86Dm+WkcKw52M5tPPqj8sXNIgSji+6x58LN6Fx3
MH5tl1HSsFBwmls2i2ZGuUQWh1GaNrgYNyDc0K5c1s4KReFkUSilNx/0wUE9qDqq
ge4Zng7owElPHVPqFRiEM9C2VfHx3DTIfs5zUdCQDbHfTJ7GMqFyEq7XzTecLezX
fBFjC1HRluhT8Q==
-----END CERTIFICATE-----