Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
File:                     BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft (raw, json)
Hash identifier:          eFMCdps/5T9bZ6C18rNrVCN+93uprejiL62Db9PoMUg=
Subject key identifier:   63:59:7B:E4:1D:74:D5:55:BA:02:28:6E:14:BC:79:4E:08:5A:61:46
Authority key identifier: 06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4
Certificate issuer:       /CN=066ba209c50c02a858b54308c82ae5bf302efaa4
Certificate serial:       019655382615F5738A85CBE7F5B51FDF972F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
Manifest number:          11CF
Signing time:             Sun 20 Apr 2025 22:01:05 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:05 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:05 +0000
Files and hashes:         1: BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl (hash: +5JFYs/wBzUdiVOfaNdgU+3BsfIWFVosWUh4xR0z2iU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:26:15:f5:73:8a:85:cb:e7:f5:b5:1f:df:97:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=066ba209c50c02a858b54308c82ae5bf302efaa4
        Validity
            Not Before: Apr 20 22:01:05 2025 GMT
            Not After : Apr 21 22:01:05 2025 GMT
        Subject: CN=63597be41d74d555ba02286e14bc794e085a6146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:16:01:56:83:9d:cb:54:20:31:02:f5:12:48:
                    2d:ad:11:57:3e:91:ef:73:51:da:4b:6d:78:32:52:
                    a2:0e:63:e6:5f:c8:ec:ae:5d:bf:39:47:25:b8:0f:
                    7b:8f:e6:89:49:50:32:aa:7c:3d:ba:e4:ee:e5:8f:
                    0f:37:ef:05:eb:b1:24:c1:0f:a6:bd:ea:7c:95:12:
                    ab:30:46:7e:a3:e4:fd:21:1b:1b:3c:92:96:93:71:
                    ca:59:15:26:36:c2:9e:f7:93:63:76:59:74:3b:b8:
                    72:0f:b6:1c:44:d8:6e:3d:75:c9:1e:9e:35:ab:03:
                    ba:b7:21:10:25:5d:2b:d4:26:3b:6e:38:f2:18:61:
                    40:ac:79:6d:0b:a0:37:98:60:51:76:e2:72:5d:c3:
                    8a:40:7f:ea:f9:9c:d8:0f:cf:77:f5:37:41:d9:4a:
                    d6:0a:58:cd:9f:95:c3:54:c9:97:90:8d:ac:13:d5:
                    42:db:82:d4:56:6f:93:18:86:47:7e:b7:2f:e0:a5:
                    b8:26:7e:10:6a:4a:ff:01:e1:23:fc:6a:24:5d:b6:
                    de:1b:7a:91:70:8f:d9:b5:ef:19:d1:c8:43:34:3a:
                    03:02:78:b2:8e:30:02:e9:95:40:d7:14:83:76:f9:
                    30:29:38:f0:d1:c9:4e:6f:9b:1d:68:cf:46:28:56:
                    47:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:59:7B:E4:1D:74:D5:55:BA:02:28:6E:14:BC:79:4E:08:5A:61:46
            X509v3 Authority Key Identifier:
                keyid:06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:09:8a:0d:01:8f:f9:96:21:84:8a:39:c4:7e:a1:17:bd:a0:
         40:b3:76:1f:6a:be:53:76:30:3a:a6:7e:fc:4e:09:d8:e8:c7:
         64:79:2e:f2:66:53:dc:53:f7:be:b9:da:f0:02:ca:1e:8b:61:
         6c:18:07:2b:e5:93:76:2b:39:f2:84:af:f1:07:09:fb:ba:4d:
         96:2d:8f:3a:63:e2:1b:d8:e3:6f:a6:5e:cf:34:d6:39:9b:ba:
         e9:e5:db:b7:ad:06:78:78:10:5d:83:24:c1:f5:84:61:48:51:
         ec:ff:47:e1:fc:44:86:55:c4:2d:73:70:1d:c0:00:f6:7e:31:
         bb:60:5f:8c:40:33:87:07:19:aa:3b:40:97:0a:ac:13:8d:82:
         d7:d2:24:14:a5:ab:55:09:1b:9a:5b:0f:de:65:79:91:3e:de:
         8a:83:c3:85:6d:13:6a:11:cf:9e:f6:e5:96:96:e3:40:ff:5a:
         61:52:30:a1:08:6f:2c:0a:8a:25:e4:a0:50:8d:10:f5:89:a6:
         b0:3b:cf:ca:93:c6:6e:e2:ca:bd:0e:c5:70:c8:8f:91:02:03:
         e4:12:59:08:ec:4c:ba:bc:ea:10:b8:71:f0:6e:9f:6c:c3:c7:
         ae:ef:46:31:46:05:0b:9e:0d:af:cd:98:44:70:e0:68:67:38:
         91:af:34:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOCYV9XOKhcvn9bUf35cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NmJhMjA5YzUwYzAyYTg1OGI1NDMwOGM4MmFlNWJmMzAy
ZWZhYTQwHhcNMjUwNDIwMjIwMTA1WhcNMjUwNDIxMjIwMTA1WjAzMTEwLwYDVQQD
Eyg2MzU5N2JlNDFkNzRkNTU1YmEwMjI4NmUxNGJjNzk0ZTA4NWE2MTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBYBVoOdy1QgMQL1EkgtrRFXPpHv
c1HaS214MlKiDmPmX8jsrl2/OUcluA97j+aJSVAyqnw9uuTu5Y8PN+8F67EkwQ+m
vep8lRKrMEZ+o+T9IRsbPJKWk3HKWRUmNsKe95Njdll0O7hyD7YcRNhuPXXJHp41
qwO6tyEQJV0r1CY7bjjyGGFArHltC6A3mGBRduJyXcOKQH/q+ZzYD8939TdB2UrW
CljNn5XDVMmXkI2sE9VC24LUVm+TGIZHfrcv4KW4Jn4Qakr/AeEj/GokXbbeG3qR
cI/Zte8Z0chDNDoDAniyjjAC6ZVA1xSDdvkwKTjw0clOb5sdaM9GKFZHswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNZe+QddNVVugIobhS8eU4IWmFGMB8GA1UdIwQY
MBaAFAZrognFDAKoWLVDCMgq5b8wLvqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYt
OTNmZmVjNWMzYzgxLzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYtOTNmZmVjNWMzYzgx
LzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcAmKDQGP
+ZYhhIo5xH6hF72gQLN2H2q+U3YwOqZ+/E4J2OjHZHku8mZT3FP3vrna8ALKHoth
bBgHK+WTdis58oSv8QcJ+7pNli2POmPiG9jjb6ZezzTWOZu66eXbt60GeHgQXYMk
wfWEYUhR7P9H4fxEhlXELXNwHcAA9n4xu2BfjEAzhwcZqjtAlwqsE42C19IkFKWr
VQkbmlsP3mV5kT7eioPDhW0TahHPnvbllpbjQP9aYVIwoQhvLAqKJeSgUI0Q9Ymm
sDvPypPGbuLKvQ7FcMiPkQID5BJZCOxMurzqELhx8G6fbMPHru9GMUYFC54Nr82Y
RHDgaGc4ka80mg==
-----END CERTIFICATE-----