Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          DBGrnIGAGSIEhKks6A8cz/wiQlp8bG2D0VdW0/+gaMk=
Subject key identifier:   36:D7:21:56:1D:1B:40:4B:E6:7C:37:E9:21:FF:43:A5:37:27:72:BE
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019655A62B2FA7251B40D855F83C56210648
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          098C
Signing time:             Mon 21 Apr 2025 00:01:15 +0000
Manifest this update:     Mon 21 Apr 2025 00:01:15 +0000
Manifest next update:     Tue 22 Apr 2025 00:01:15 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: nxyHHwnLhRHm840V+ZhSjxd8c/x4pO+SUBPSCetU5Ew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a6:2b:2f:a7:25:1b:40:d8:55:f8:3c:56:21:06:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Apr 21 00:01:15 2025 GMT
            Not After : Apr 22 00:01:15 2025 GMT
        Subject: CN=36d721561d1b404be67c37e921ff43a5372772be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:85:b9:77:fb:20:c4:fe:98:2b:b8:64:08:68:
                    34:56:ef:dc:b1:74:89:72:bb:8c:b2:f0:3a:1a:e5:
                    c3:b3:31:f3:44:a9:ef:0a:f2:ae:19:9b:bf:44:2d:
                    fd:c4:4b:c1:49:70:1e:12:97:a9:dd:07:af:76:ab:
                    5c:cd:91:d8:d3:04:65:01:25:47:f6:32:57:b9:ef:
                    d0:14:8b:17:48:d3:9d:9a:18:83:c1:83:0f:e1:2a:
                    be:dd:7c:0e:92:fc:79:51:97:24:97:15:8b:bb:e5:
                    35:c8:e2:32:4e:c6:0d:0a:be:87:37:2d:e1:d4:6f:
                    f0:f8:a6:5b:02:23:bc:e2:da:b1:d8:a0:de:6c:d0:
                    4a:73:23:f7:c8:65:08:87:e2:6e:51:7a:70:bc:db:
                    ff:86:b4:02:f2:3e:a0:2e:f1:cb:6f:69:51:90:ac:
                    cb:ad:a6:d2:61:f8:86:0e:87:f2:40:d4:80:d2:e3:
                    50:7b:e9:a9:81:b6:9f:cd:26:a7:0c:51:06:57:f8:
                    fe:9f:72:9d:6c:ce:84:9d:af:8e:1b:7d:b2:b0:df:
                    61:ad:c1:be:f4:2f:97:9c:4d:8e:c3:16:49:ba:14:
                    ab:11:55:b6:05:85:01:d2:08:a5:99:3e:4c:19:d0:
                    d5:d8:7a:60:bc:d7:23:48:80:43:fa:02:1c:14:a5:
                    75:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D7:21:56:1D:1B:40:4B:E6:7C:37:E9:21:FF:43:A5:37:27:72:BE
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:c6:c1:9a:1d:76:31:74:a8:d6:e2:f4:2f:a1:e0:ab:43:f5:
         09:5a:13:d3:f8:39:73:5b:0b:2e:51:22:ed:df:d9:f0:54:37:
         ea:90:ba:77:62:37:b2:b0:b7:7e:87:fa:dc:56:88:ec:36:7a:
         84:24:06:e3:c7:38:f0:a6:3e:58:2b:22:26:ef:3c:51:5e:8d:
         bc:86:03:af:2c:cf:25:36:05:74:46:41:5d:cd:be:b4:bc:66:
         b5:db:bc:cf:6f:da:dd:59:3d:7e:2f:59:84:e6:0c:6f:47:87:
         3e:47:17:7d:31:03:43:86:87:15:de:c4:df:d3:d5:d5:06:92:
         63:12:34:64:aa:0f:30:c8:09:16:cc:fa:71:e2:ec:d9:b2:a1:
         d7:58:5a:c3:fe:51:a1:01:b6:e9:1d:11:3d:5d:0f:45:18:26:
         90:13:96:ee:70:ce:b0:3a:d3:58:26:40:99:92:82:c2:0a:f9:
         cd:9c:b5:6f:44:ae:36:13:81:18:11:e2:a6:6f:4a:96:5b:79:
         12:d3:98:ef:0c:c2:d6:f4:58:d5:23:01:3e:6e:63:4c:0e:60:
         f4:88:01:7a:5f:3d:a5:73:d1:d7:b7:1e:40:56:5a:03:fc:4f:
         cb:f7:83:2c:ec:ad:3d:31:f4:4e:39:4b:5d:68:b2:a7:56:48:
         75:29:af:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpisvpyUbQNhV+DxWIQZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjUwNDIxMDAwMTE1WhcNMjUwNDIyMDAwMTE1WjAzMTEwLwYDVQQD
EygzNmQ3MjE1NjFkMWI0MDRiZTY3YzM3ZTkyMWZmNDNhNTM3Mjc3MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IW5d/sgxP6YK7hkCGg0Vu/csXSJ
cruMsvA6GuXDszHzRKnvCvKuGZu/RC39xEvBSXAeEpep3QevdqtczZHY0wRlASVH
9jJXue/QFIsXSNOdmhiDwYMP4Sq+3XwOkvx5UZcklxWLu+U1yOIyTsYNCr6HNy3h
1G/w+KZbAiO84tqx2KDebNBKcyP3yGUIh+JuUXpwvNv/hrQC8j6gLvHLb2lRkKzL
rabSYfiGDofyQNSA0uNQe+mpgbafzSanDFEGV/j+n3KdbM6Ena+OG32ysN9hrcG+
9C+XnE2OwxZJuhSrEVW2BYUB0gilmT5MGdDV2HpgvNcjSIBD+gIcFKV1RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbXIVYdG0BL5nw36SH/Q6U3J3K+MB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqMbBmh12
MXSo1uL0L6Hgq0P1CVoT0/g5c1sLLlEi7d/Z8FQ36pC6d2I3srC3fof63FaI7DZ6
hCQG48c48KY+WCsiJu88UV6NvIYDryzPJTYFdEZBXc2+tLxmtdu8z2/a3Vk9fi9Z
hOYMb0eHPkcXfTEDQ4aHFd7E39PV1QaSYxI0ZKoPMMgJFsz6ceLs2bKh11haw/5R
oQG26R0RPV0PRRgmkBOW7nDOsDrTWCZAmZKCwgr5zZy1b0SuNhOBGBHipm9Kllt5
EtOY7wzC1vRY1SMBPm5jTA5g9IgBel89pXPR17ceQFZaA/xPy/eDLOytPTH0TjlL
XWiyp1ZIdSmvTA==
-----END CERTIFICATE-----