Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          8VVdFOGDKm+tcOgPDpDt9+qTcWSxAukk2I0zW0DbOFA=
Subject key identifier:   F9:C3:8C:46:4B:D5:FB:DD:D7:6C:11:26:12:98:FA:6B:5D:FB:66:12
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       019654C9CC4F050C92C88514B90D5C7D2C00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          0162
Signing time:             Sun 20 Apr 2025 20:00:33 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:33 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:33 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: tn+tw3VluwboUOhramKizuqLIOQOSNJFsYnFl4P04Rs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:c9:cc:4f:05:0c:92:c8:85:14:b9:0d:5c:7d:2c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Apr 20 20:00:33 2025 GMT
            Not After : Apr 21 20:00:33 2025 GMT
        Subject: CN=f9c38c464bd5fbddd76c11261298fa6b5dfb6612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4f:62:2a:e9:22:2e:12:58:28:b6:d8:94:1d:
                    9e:fe:bb:14:c4:6e:a1:c2:c1:eb:b5:38:d9:3e:13:
                    fc:36:55:1f:fc:62:88:62:a9:f2:30:be:28:98:50:
                    9f:44:1e:1a:4a:c6:13:45:e8:a9:4f:ef:94:80:ce:
                    e4:79:a7:bf:6f:75:a4:48:53:cd:f7:a9:b3:78:81:
                    9b:78:dc:2a:c3:66:96:0a:a3:e7:4a:a0:05:34:43:
                    2d:44:8a:6d:12:73:74:68:c1:9c:81:f8:bc:24:ed:
                    ae:0f:fb:ba:8e:f0:6e:6c:60:3d:1c:e1:4c:46:d3:
                    6f:07:80:04:cb:dd:e7:9c:61:a5:00:67:ff:fb:29:
                    f4:d6:b1:d7:0b:0a:aa:d6:f6:50:e0:e2:20:04:6b:
                    c4:73:92:1f:1d:c1:77:e0:3c:cb:ad:1f:e5:82:c1:
                    f7:02:9a:1d:b8:a8:ac:31:ac:f5:34:12:6d:9c:30:
                    5f:dc:73:ab:46:37:dd:a4:96:8d:6f:e2:db:9d:43:
                    29:8b:57:e9:7d:10:bc:ec:16:d9:74:00:35:56:86:
                    73:27:17:78:00:22:50:b1:d4:d3:7a:59:03:9e:ae:
                    77:e2:05:7d:a3:43:bf:c0:a9:1b:4a:66:7c:91:69:
                    f7:47:58:40:d2:a9:25:78:99:d6:0f:b0:d7:b7:1c:
                    51:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:C3:8C:46:4B:D5:FB:DD:D7:6C:11:26:12:98:FA:6B:5D:FB:66:12
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:65:5f:80:83:1b:85:b3:96:f4:59:88:97:37:0d:24:70:1a:
         01:5a:72:b7:4f:de:14:8c:21:22:ca:14:54:19:14:b1:c4:d4:
         75:ae:83:db:a2:b7:59:f9:b1:f3:5c:6c:90:61:84:df:41:7b:
         fc:59:d1:5b:7d:a8:5c:1a:b4:e9:02:ee:b9:7e:63:b8:ef:64:
         b4:66:8a:9e:0f:16:c6:f7:e9:7a:1e:c9:b1:17:31:d6:b9:65:
         b7:68:a7:52:7c:70:4c:41:85:8b:fa:4a:78:ac:f5:83:54:e6:
         88:4a:c0:de:cc:e0:ff:03:a5:45:8c:37:03:5f:85:4d:89:35:
         21:57:9e:ab:57:fe:55:12:5d:c0:0d:ab:e4:c9:1a:a1:17:4a:
         e6:f9:10:bf:09:19:3e:78:0a:b7:84:d3:e0:9c:5e:70:90:e1:
         28:db:90:e5:f5:db:da:08:ea:3d:1a:ba:37:c4:e2:06:04:9a:
         f5:51:d5:f4:5c:4a:56:d7:5b:fc:78:45:9b:0b:93:d0:3a:89:
         78:04:ab:60:10:d2:b2:98:79:61:bc:89:be:ee:1f:1e:61:32:
         5a:90:9c:96:c5:d6:13:eb:3b:e1:e3:07:ce:ce:99:46:45:32:
         a1:90:c3:7e:4e:91:7e:bf:7e:5f:ff:74:0b:62:e7:e4:2b:ba:
         fc:20:58:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUycxPBQySyIUUuQ1cfSwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwNDIwMjAwMDMzWhcNMjUwNDIxMjAwMDMzWjAzMTEwLwYDVQQD
EyhmOWMzOGM0NjRiZDVmYmRkZDc2YzExMjYxMjk4ZmE2YjVkZmI2NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk9iKukiLhJYKLbYlB2e/rsUxG6h
wsHrtTjZPhP8NlUf/GKIYqnyML4omFCfRB4aSsYTReipT++UgM7keae/b3WkSFPN
96mzeIGbeNwqw2aWCqPnSqAFNEMtRIptEnN0aMGcgfi8JO2uD/u6jvBubGA9HOFM
RtNvB4AEy93nnGGlAGf/+yn01rHXCwqq1vZQ4OIgBGvEc5IfHcF34DzLrR/lgsH3
ApoduKisMaz1NBJtnDBf3HOrRjfdpJaNb+LbnUMpi1fpfRC87BbZdAA1VoZzJxd4
ACJQsdTTelkDnq534gV9o0O/wKkbSmZ8kWn3R1hA0qkleJnWD7DXtxxREwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnDjEZL1fvd12wRJhKY+mtd+2YSMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApWVfgIMb
hbOW9FmIlzcNJHAaAVpyt0/eFIwhIsoUVBkUscTUda6D26K3Wfmx81xskGGE30F7
/FnRW32oXBq06QLuuX5juO9ktGaKng8Wxvfpeh7JsRcx1rllt2inUnxwTEGFi/pK
eKz1g1TmiErA3szg/wOlRYw3A1+FTYk1IVeeq1f+VRJdwA2r5MkaoRdK5vkQvwkZ
PngKt4TT4JxecJDhKNuQ5fXb2gjqPRq6N8TiBgSa9VHV9FxKVtdb/HhFmwuT0DqJ
eASrYBDSsph5YbyJvu4fHmEyWpCclsXWE+s74eMHzs6ZRkUyoZDDfk6Rfr9+X/90
C2Ln5Cu6/CBYTQ==
-----END CERTIFICATE-----