Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          mdPN24CEdp7RQANiqYfy7BHsFFgudVjQTNjDv0VcrYw=
Subject key identifier:   BE:11:A0:D2:D0:85:9E:B4:5E:97:9B:5A:27:69:99:01:70:31:A7:57
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       01974CD71B735261620B9597A30588777447
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0A0C
Signing time:             Sun 08 Jun 2025 00:00:55 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:55 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:55 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: kdjoAK5Je9Xdq+Qe4LGbwLkK7sCe0aHh8a16SIYGgE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:1b:73:52:61:62:0b:95:97:a3:05:88:77:74:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Jun  8 00:00:55 2025 GMT
            Not After : Jun  9 00:00:55 2025 GMT
        Subject: CN=be11a0d2d0859eb45e979b5a276999017031a757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:31:86:56:83:e1:db:f1:c3:fd:4b:10:47:d3:
                    c6:e8:70:f6:2f:2a:5e:b2:ff:58:92:b7:62:82:b5:
                    86:04:58:2e:9f:4d:d7:c0:c5:58:84:13:95:90:cd:
                    39:06:16:f8:63:3e:10:66:12:bc:8b:9c:e6:a8:ec:
                    d7:24:4c:a9:6b:03:07:f9:a0:31:e2:47:4f:54:f1:
                    11:0a:be:73:a3:2b:9a:31:1c:7d:c7:d3:52:ae:df:
                    28:d8:12:62:7b:70:ad:85:0b:40:06:27:8a:3f:34:
                    1d:76:6c:d9:f8:77:87:44:0b:13:89:49:d2:83:2e:
                    d5:61:7c:5b:a9:b7:01:a5:b1:bd:8c:fa:28:bd:90:
                    37:eb:9b:97:67:91:84:f8:9b:5b:7b:83:6b:7b:3c:
                    5a:0d:f3:86:43:85:5b:6f:cc:ae:fe:37:36:0a:ac:
                    65:0f:f2:ab:c8:a0:35:d4:dc:88:18:6e:79:70:6e:
                    73:f3:35:b4:3e:ee:0d:74:82:57:9e:eb:ab:e1:8a:
                    e4:a7:00:d9:f6:fc:97:c8:97:f2:5e:9d:10:04:db:
                    af:1a:0e:5d:e6:88:4b:22:60:b2:f1:46:93:bf:9b:
                    16:bb:7e:74:80:0a:dd:18:77:39:47:e4:48:ba:67:
                    a4:69:ab:8b:21:52:6f:a4:84:4e:4c:42:58:f0:e1:
                    e5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:11:A0:D2:D0:85:9E:B4:5E:97:9B:5A:27:69:99:01:70:31:A7:57
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:0b:e1:a2:43:df:3a:83:85:54:a6:3c:08:72:f1:03:25:05:
         86:90:1b:9d:cc:71:2d:6b:db:2a:98:0f:d9:4b:96:49:08:38:
         30:19:42:df:06:77:df:c9:61:68:17:53:26:65:37:6c:aa:09:
         07:d3:6f:b4:61:79:0c:d1:40:c0:72:51:e8:36:31:72:b2:44:
         0e:80:3d:a4:f7:33:2e:04:72:63:dd:e4:e1:a9:b0:2e:8d:cd:
         66:4c:ff:02:0b:25:8c:d1:11:18:40:41:52:51:ae:04:92:9b:
         ca:52:7f:4c:27:57:d3:b0:aa:81:15:7b:66:63:ce:91:f8:33:
         61:c4:61:1a:bc:a2:5b:0a:c4:1e:a9:bd:79:75:db:f3:02:43:
         ce:73:38:de:14:59:68:5b:1c:b9:e5:d2:40:7b:46:75:34:f9:
         4a:1e:d7:63:ee:f4:3b:5a:7e:97:93:f5:71:13:f2:db:e9:78:
         d7:24:76:7a:81:d8:fe:e9:0f:03:d2:01:02:aa:1b:59:59:dd:
         cf:66:c5:c4:05:11:8b:17:bb:c7:22:9e:a8:22:f5:26:26:9f:
         3c:1e:b0:ad:16:fd:42:4e:a6:f6:5b:0f:03:d6:3d:09:2b:61:
         6e:65:5b:82:71:3e:90:a5:38:36:ec:79:4e:3a:35:31:4d:8a:
         de:98:0b:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1xtzUmFiC5WXowWId3RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjUwNjA4MDAwMDU1WhcNMjUwNjA5MDAwMDU1WjAzMTEwLwYDVQQD
EyhiZTExYTBkMmQwODU5ZWI0NWU5NzliNWEyNzY5OTkwMTcwMzFhNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jGGVoPh2/HD/UsQR9PG6HD2Lype
sv9YkrdigrWGBFgun03XwMVYhBOVkM05Bhb4Yz4QZhK8i5zmqOzXJEypawMH+aAx
4kdPVPERCr5zoyuaMRx9x9NSrt8o2BJie3CthQtABieKPzQddmzZ+HeHRAsTiUnS
gy7VYXxbqbcBpbG9jPoovZA365uXZ5GE+Jtbe4NrezxaDfOGQ4Vbb8yu/jc2Cqxl
D/KryKA11NyIGG55cG5z8zW0Pu4NdIJXnuur4YrkpwDZ9vyXyJfyXp0QBNuvGg5d
5ohLImCy8UaTv5sWu350gArdGHc5R+RIumekaauLIVJvpIROTEJY8OHlSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4RoNLQhZ60XpebWidpmQFwMadXMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXAvhokPf
OoOFVKY8CHLxAyUFhpAbncxxLWvbKpgP2UuWSQg4MBlC3wZ338lhaBdTJmU3bKoJ
B9NvtGF5DNFAwHJR6DYxcrJEDoA9pPczLgRyY93k4amwLo3NZkz/AgsljNERGEBB
UlGuBJKbylJ/TCdX07CqgRV7ZmPOkfgzYcRhGryiWwrEHqm9eXXb8wJDznM43hRZ
aFscueXSQHtGdTT5Sh7XY+70O1p+l5P1cRPy2+l41yR2eoHY/ukPA9IBAqobWVnd
z2bFxAURixe7xyKeqCL1JiafPB6wrRb9Qk6m9lsPA9Y9CSthbmVbgnE+kKU4Nux5
Tjo1MU2K3pgLFw==
-----END CERTIFICATE-----