Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          wz/+mCflhLLsDrNQ8WlidunxxwjtJYtIQykkQ5g9Yy4=
Subject key identifier:   85:D6:43:EB:F5:F1:3C:4F:6A:8E:8F:88:02:C5:68:9E:E2:8E:09:97
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       01974C31C13F92BA916362EA4F95A5F6A55F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          02A8
Signing time:             Sat 07 Jun 2025 21:00:18 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:18 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:18 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: RS55zRR4SX7DJ6vX7wbxpwCaEdz8SY3UnWFAUvEsTME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:31:c1:3f:92:ba:91:63:62:ea:4f:95:a5:f6:a5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: Jun  7 21:00:18 2025 GMT
            Not After : Jun  8 21:00:18 2025 GMT
        Subject: CN=85d643ebf5f13c4f6a8e8f8802c5689ee28e0997
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:11:1c:38:5c:f3:cb:11:61:07:c6:57:79:15:
                    ba:1e:64:06:5d:83:9b:e3:b4:88:34:fe:98:da:9d:
                    d4:81:90:9b:bd:ad:91:2d:bf:59:f1:e9:34:7e:3c:
                    1e:03:e2:50:61:25:a2:fb:c1:1c:87:bc:d7:c9:a7:
                    f9:02:1c:04:e8:af:84:5b:68:cc:97:af:24:e0:af:
                    71:0a:cf:d2:7a:f4:e1:1c:db:1f:51:e5:77:50:99:
                    b0:06:5e:b9:d6:4e:51:e1:89:7f:c2:ed:43:01:04:
                    35:60:a5:cc:ee:3e:fd:f1:78:9b:fa:86:62:e5:58:
                    69:e0:1e:01:64:0f:a6:94:87:53:95:87:d0:3f:eb:
                    ce:ef:aa:49:0d:0e:60:01:c6:ac:9e:2f:46:e4:7b:
                    e3:9f:be:22:7b:a3:da:b5:59:9a:4f:35:94:ec:89:
                    7f:8c:d5:8b:d1:7e:0f:72:10:49:e7:da:19:3b:90:
                    1e:2e:6f:51:e4:66:2a:13:0e:8b:f8:28:b4:ba:6e:
                    90:10:68:20:69:e8:64:57:c3:bf:3d:69:00:0d:19:
                    72:58:de:85:eb:18:38:8e:8c:63:7e:e1:73:65:53:
                    b3:88:9d:9e:00:d9:b4:32:c6:3d:a8:7d:9e:26:a2:
                    3b:aa:77:b8:91:f9:44:32:8b:2e:3f:d5:54:d1:38:
                    e4:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D6:43:EB:F5:F1:3C:4F:6A:8E:8F:88:02:C5:68:9E:E2:8E:09:97
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:96:b2:11:73:bc:47:27:d9:cf:24:14:04:a1:f8:21:ea:d6:
         86:d4:7d:28:60:5e:16:ce:67:b7:77:9e:1c:ab:77:82:50:99:
         d2:58:8b:c5:6a:3b:3e:0f:92:12:10:2b:88:c4:f6:3f:70:7a:
         2c:db:e0:a0:3c:82:d0:d2:72:a1:1e:38:7b:e4:ac:89:f4:26:
         1d:01:7f:ef:88:c8:60:9e:77:49:46:fd:0c:2d:c9:47:da:12:
         cc:ff:67:52:ab:ec:99:31:16:74:60:95:bb:5f:84:d2:a3:19:
         b1:82:f1:2f:ac:ea:9c:13:e2:8a:bd:f7:a5:00:93:a9:01:3f:
         61:3f:87:64:07:7f:a1:dc:6e:2d:1f:48:bb:83:ba:40:e3:a9:
         16:85:e1:92:4f:c0:e4:b2:47:ed:51:80:0d:54:5a:88:7e:06:
         d3:b9:d5:5b:58:52:6d:15:17:f0:24:92:31:f4:24:dc:f2:36:
         65:93:c6:0c:ec:f5:b0:a3:4d:e6:f2:55:72:d2:1c:2d:ad:18:
         e7:d1:99:60:6a:ef:77:59:58:68:28:9e:43:df:10:3e:c5:4d:
         5d:b1:4a:90:83:5d:79:fe:e8:11:85:c8:5a:70:53:5d:35:27:
         9a:e2:65:e7:3b:45:98:7f:d7:8e:bc:52:ae:55:0e:fe:95:51:
         5a:56:e9:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMcE/krqRY2LqT5Wl9qVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjUwNjA3MjEwMDE4WhcNMjUwNjA4MjEwMDE4WjAzMTEwLwYDVQQD
Eyg4NWQ2NDNlYmY1ZjEzYzRmNmE4ZThmODgwMmM1Njg5ZWUyOGUwOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihEcOFzzyxFhB8ZXeRW6HmQGXYOb
47SINP6Y2p3UgZCbva2RLb9Z8ek0fjweA+JQYSWi+8Ech7zXyaf5AhwE6K+EW2jM
l68k4K9xCs/SevThHNsfUeV3UJmwBl651k5R4Yl/wu1DAQQ1YKXM7j798Xib+oZi
5Vhp4B4BZA+mlIdTlYfQP+vO76pJDQ5gAcasni9G5Hvjn74ie6PatVmaTzWU7Il/
jNWL0X4PchBJ59oZO5AeLm9R5GYqEw6L+Ci0um6QEGggaehkV8O/PWkADRlyWN6F
6xg4joxjfuFzZVOziJ2eANm0MsY9qH2eJqI7qne4kflEMosuP9VU0TjkjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXWQ+v18TxPao6PiALFaJ7ijgmXMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwJayEXO8
RyfZzyQUBKH4IerWhtR9KGBeFs5nt3eeHKt3glCZ0liLxWo7Pg+SEhAriMT2P3B6
LNvgoDyC0NJyoR44e+SsifQmHQF/74jIYJ53SUb9DC3JR9oSzP9nUqvsmTEWdGCV
u1+E0qMZsYLxL6zqnBPiir33pQCTqQE/YT+HZAd/odxuLR9Iu4O6QOOpFoXhkk/A
5LJH7VGADVRaiH4G07nVW1hSbRUX8CSSMfQk3PI2ZZPGDOz1sKNN5vJVctIcLa0Y
59GZYGrvd1lYaCieQ98QPsVNXbFKkINdef7oEYXIWnBTXTUnmuJl5ztFmH/XjrxS
rlUO/pVRWlbpvA==
-----END CERTIFICATE-----