Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          UAz7otHVCIeisFuGhXdReW5fTrFXzUJh5beaxHNGqPs=
Subject key identifier:   00:CC:8E:F2:07:4C:60:4F:67:51:DE:E2:6D:AE:12:0A:F2:BC:73:41
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       01965236B4296565779FF8B8074778FEA67B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0CD3
Signing time:             Sun 20 Apr 2025 08:00:38 +0000
Manifest this update:     Sun 20 Apr 2025 08:00:38 +0000
Manifest next update:     Mon 21 Apr 2025 08:00:38 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: NItIK9NVFn0tuD3G27yfKURP4eh3hz6iJQo+cqFt+x8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:36:b4:29:65:65:77:9f:f8:b8:07:47:78:fe:a6:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Apr 20 08:00:38 2025 GMT
            Not After : Apr 21 08:00:38 2025 GMT
        Subject: CN=00cc8ef2074c604f6751dee26dae120af2bc7341
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1d:b2:06:f9:79:c3:ee:09:c4:81:99:f2:72:
                    50:c0:3a:17:eb:2a:35:7b:5b:44:d8:1a:ad:35:84:
                    9b:cb:b9:de:75:d0:87:a2:83:19:31:e6:f0:4d:83:
                    95:a9:74:80:2c:26:dd:0b:4e:c0:f7:54:bb:53:f5:
                    e9:86:ae:fd:43:e7:b3:b9:e5:e6:f0:62:84:66:77:
                    1b:08:dd:6c:8d:50:93:e2:b7:dc:6a:95:54:c0:10:
                    ca:3b:f5:86:38:06:5e:5d:60:57:e5:43:fd:f5:e5:
                    f5:15:bf:19:62:52:9e:8a:8e:68:78:1b:f6:8f:88:
                    69:ba:5c:c4:13:d5:c0:65:26:32:82:ef:78:0f:50:
                    86:35:ba:54:94:64:89:fc:51:ad:ed:85:4c:2d:fe:
                    8c:ce:3f:77:5c:21:b6:02:1e:67:4f:48:a1:6d:2d:
                    a7:e1:77:cf:a8:d4:a2:6e:ac:76:18:6c:c0:20:f7:
                    37:bd:6c:35:48:14:21:b0:0d:9e:61:da:c6:bd:9b:
                    27:c1:72:07:fb:3f:f8:12:79:8c:bc:47:42:51:25:
                    7e:c3:24:f5:7b:c7:22:53:2a:65:e8:95:a5:c0:84:
                    03:e6:5b:e8:31:c5:cf:31:c7:2f:63:37:1e:df:b0:
                    60:4f:2a:e5:f8:7e:f9:64:26:80:85:e3:7b:05:5e:
                    b9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:CC:8E:F2:07:4C:60:4F:67:51:DE:E2:6D:AE:12:0A:F2:BC:73:41
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:92:05:fe:fe:5f:c0:8a:84:2d:19:0c:ab:d8:5f:0a:7e:d0:
         87:b5:48:c7:19:9c:d4:c1:f9:e3:d2:55:52:e6:5a:0b:3f:e9:
         71:29:5b:9f:ae:6e:71:9b:66:ff:2f:2a:5f:c8:c2:9f:8d:0e:
         ac:8d:9f:c8:91:c8:13:d6:c8:e8:5c:8b:25:ee:cc:c5:9c:d3:
         23:c7:cf:05:cf:e2:d3:0b:48:a2:85:14:85:59:19:f9:f2:e9:
         73:7e:cf:a3:83:6f:b4:a3:f2:c0:d3:e1:3e:92:94:02:e3:d8:
         18:18:8c:ed:9a:5e:f0:a7:6d:ce:ab:97:98:64:e5:4f:ab:e3:
         ac:3c:7a:bc:29:5a:a7:c9:94:c6:01:83:88:2d:9e:88:07:2a:
         2c:18:78:a9:2d:80:04:2c:9d:7a:ab:c0:c8:f1:4e:7e:9f:8d:
         77:de:dc:c0:a4:6e:09:67:18:1b:9f:d3:74:b5:18:b8:f6:f6:
         98:5f:c0:34:56:88:de:49:ed:3d:01:32:9e:ff:d0:e5:d5:e6:
         75:16:41:1e:3d:de:26:d1:9d:b9:79:22:2b:b0:fb:4e:b6:9d:
         7d:86:a5:f7:82:e2:0f:34:f9:14:67:5c:4f:62:6e:af:22:5e:
         2e:4b:76:d8:b1:27:37:2e:81:f3:3b:93:ee:a2:04:34:65:35:
         36:fa:ab:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNrQpZWV3n/i4B0d4/qZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwNDIwMDgwMDM4WhcNMjUwNDIxMDgwMDM4WjAzMTEwLwYDVQQD
EygwMGNjOGVmMjA3NGM2MDRmNjc1MWRlZTI2ZGFlMTIwYWYyYmM3MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB2yBvl5w+4JxIGZ8nJQwDoX6yo1
e1tE2BqtNYSby7neddCHooMZMebwTYOVqXSALCbdC07A91S7U/Xphq79Q+ezueXm
8GKEZncbCN1sjVCT4rfcapVUwBDKO/WGOAZeXWBX5UP99eX1Fb8ZYlKeio5oeBv2
j4hpulzEE9XAZSYygu94D1CGNbpUlGSJ/FGt7YVMLf6Mzj93XCG2Ah5nT0ihbS2n
4XfPqNSibqx2GGzAIPc3vWw1SBQhsA2eYdrGvZsnwXIH+z/4EnmMvEdCUSV+wyT1
e8ciUypl6JWlwIQD5lvoMcXPMccvYzce37BgTyrl+H75ZCaAheN7BV659QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADMjvIHTGBPZ1He4m2uEgryvHNBMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJIF/v5f
wIqELRkMq9hfCn7Qh7VIxxmc1MH549JVUuZaCz/pcSlbn65ucZtm/y8qX8jCn40O
rI2fyJHIE9bI6FyLJe7MxZzTI8fPBc/i0wtIooUUhVkZ+fLpc37Po4NvtKPywNPh
PpKUAuPYGBiM7Zpe8KdtzquXmGTlT6vjrDx6vClap8mUxgGDiC2eiAcqLBh4qS2A
BCydeqvAyPFOfp+Nd97cwKRuCWcYG5/TdLUYuPb2mF/ANFaI3kntPQEynv/Q5dXm
dRZBHj3eJtGduXkiK7D7TradfYal94LiDzT5FGdcT2JuryJeLkt22LEnNy6B8zuT
7qIENGU1Nvqr8g==
-----END CERTIFICATE-----