Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          NlZC/cLmFgnXfG+C3cwi7M6O75eshy1uK9BJq+/B0iY=
Subject key identifier:   34:02:93:BC:4C:D9:61:A2:93:01:40:DE:6F:3B:0E:D0:C3:DE:92:1C
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       0199228C5B1EC6F3E10FDE71966FDEE665E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0E48
Signing time:             Sun 07 Sep 2025 05:00:47 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:47 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:47 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: RWNrVznMi8Ltxr5g2p22aiVvz3N9pVWFDyppzn+K8H0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:5b:1e:c6:f3:e1:0f:de:71:96:6f:de:e6:65:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Sep  7 05:00:47 2025 GMT
            Not After : Sep  8 05:00:47 2025 GMT
        Subject: CN=340293bc4cd961a2930140de6f3b0ed0c3de921c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b3:32:93:36:ea:08:09:1a:d2:ac:9a:6d:51:
                    87:ce:ae:30:37:2b:49:a6:c5:06:86:e0:43:c7:67:
                    f2:36:bd:83:a0:e3:07:a6:fa:67:25:5d:04:29:67:
                    e5:cc:f7:47:1d:e0:2f:72:32:67:6a:82:6e:eb:fd:
                    13:ae:f6:b2:5f:eb:b2:53:ab:8d:9c:58:f0:52:96:
                    d8:6d:83:cf:3e:66:0c:28:f9:b5:e1:1a:98:8f:d5:
                    6e:73:d7:a2:39:cb:45:79:62:d2:21:49:94:b7:88:
                    85:97:e6:ca:af:c8:61:1f:17:05:c0:94:b3:fc:b6:
                    d1:c0:aa:f8:e5:ea:f3:7f:ce:8a:ed:b0:1b:44:db:
                    02:3b:fa:44:4f:c7:67:99:39:03:41:81:9e:ae:19:
                    de:4f:01:1b:2a:ad:82:89:08:91:01:32:a4:5a:52:
                    57:3b:4c:84:37:17:3b:a0:9e:ef:71:37:66:17:40:
                    f7:a5:13:5b:70:ac:a5:7e:1f:ce:d3:a2:7b:33:f1:
                    af:80:07:8a:fb:63:4e:b3:66:9b:61:6b:ec:95:c1:
                    2b:eb:15:6f:bd:f2:6b:4a:3f:18:8b:af:1b:0e:0a:
                    c3:15:a9:6c:74:6e:a6:ec:a7:ce:e1:d2:84:e6:34:
                    cb:3d:0c:88:06:d1:8c:9e:17:cc:de:f5:90:e2:cf:
                    d3:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:02:93:BC:4C:D9:61:A2:93:01:40:DE:6F:3B:0E:D0:C3:DE:92:1C
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:1a:c8:83:77:a0:08:5d:13:8a:da:30:dc:fd:bf:d4:65:b0:
         4f:f7:8c:01:8a:42:69:8a:4c:39:c0:e9:8a:be:37:bc:ef:59:
         7a:1e:df:93:4c:fd:bb:73:dc:aa:72:45:a5:06:d1:52:7d:6f:
         b5:81:04:ae:ca:8d:ba:f3:7f:c6:af:9f:28:1d:21:77:2f:c9:
         af:64:77:4e:4c:96:f5:a3:83:83:76:5a:2c:04:db:d0:51:27:
         8f:d7:30:e3:f9:97:31:63:2a:1a:e6:c6:21:33:1d:b9:da:2b:
         a8:48:3f:1b:89:ff:99:ec:d8:b4:c3:99:cd:ed:ca:73:f4:eb:
         c8:bc:5e:e7:c0:b8:2a:08:93:1f:c4:df:9b:9e:14:54:fe:f5:
         44:da:64:50:c9:d4:63:ea:81:de:1f:13:6f:0b:97:cf:39:0e:
         ec:fb:e9:29:05:b5:80:d8:42:6f:14:86:e5:c9:89:ed:3b:33:
         6e:48:ef:9b:5a:1e:f8:96:10:01:ee:11:0f:6e:7b:61:4f:f8:
         e5:fd:42:e2:5d:b7:64:91:a9:19:50:bd:75:78:a7:46:ea:6e:
         31:d7:e8:58:64:bd:7f:97:1c:1e:b4:01:5f:5b:1c:c8:ae:20:
         f7:17:20:47:01:9f:ed:92:02:8f:e9:b8:fe:dc:a0:00:12:aa:
         32:0f:b9:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijFsexvPhD95xlm/e5mXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwOTA3MDUwMDQ3WhcNMjUwOTA4MDUwMDQ3WjAzMTEwLwYDVQQD
EygzNDAyOTNiYzRjZDk2MWEyOTMwMTQwZGU2ZjNiMGVkMGMzZGU5MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLMykzbqCAka0qyabVGHzq4wNytJ
psUGhuBDx2fyNr2DoOMHpvpnJV0EKWflzPdHHeAvcjJnaoJu6/0TrvayX+uyU6uN
nFjwUpbYbYPPPmYMKPm14RqYj9Vuc9eiOctFeWLSIUmUt4iFl+bKr8hhHxcFwJSz
/LbRwKr45erzf86K7bAbRNsCO/pET8dnmTkDQYGerhneTwEbKq2CiQiRATKkWlJX
O0yENxc7oJ7vcTdmF0D3pRNbcKylfh/O06J7M/GvgAeK+2NOs2abYWvslcEr6xVv
vfJrSj8Yi68bDgrDFalsdG6m7KfO4dKE5jTLPQyIBtGMnhfM3vWQ4s/TxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQCk7xM2WGikwFA3m87DtDD3pIcMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMhrIg3eg
CF0Titow3P2/1GWwT/eMAYpCaYpMOcDpir43vO9Zeh7fk0z9u3PcqnJFpQbRUn1v
tYEErsqNuvN/xq+fKB0hdy/Jr2R3TkyW9aODg3ZaLATb0FEnj9cw4/mXMWMqGubG
ITMdudorqEg/G4n/mezYtMOZze3Kc/TryLxe58C4KgiTH8Tfm54UVP71RNpkUMnU
Y+qB3h8TbwuXzzkO7PvpKQW1gNhCbxSG5cmJ7Tszbkjvm1oe+JYQAe4RD257YU/4
5f1C4l23ZJGpGVC9dXinRupuMdfoWGS9f5ccHrQBX1scyK4g9xcgRwGf7ZICj+m4
/tygABKqMg+5Pg==
-----END CERTIFICATE-----