Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          U0TFHWQd2ABnwcAB7NwP1WgpFS7N+RND4oeKflF077Y=
Subject key identifier:   C0:67:90:BF:3F:A1:7C:C1:59:1B:B7:69:4B:05:11:79:22:C9:54:93
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       019A7149BBC1FB94B65BD7EF6A79A8F98FA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          0383
Signing time:             Tue 11 Nov 2025 05:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:48 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: vxNKWM0s8fu2caM8udJbiBcMbG69oEmSXNi1/kbEu+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:bb:c1:fb:94:b6:5b:d7:ef:6a:79:a8:f9:8f:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Nov 11 05:00:48 2025 GMT
            Not After : Nov 12 05:00:48 2025 GMT
        Subject: CN=c06790bf3fa17cc1591bb7694b05117922c95493
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2d:07:b8:0f:c4:b7:22:0a:61:93:34:60:bd:
                    6f:11:c7:bd:15:67:5e:a3:6a:ed:21:b2:ba:24:92:
                    40:d2:68:52:93:01:57:0e:a3:4c:68:a8:e0:f7:3e:
                    6a:de:17:18:66:f7:25:1f:24:4a:89:ed:0d:6b:ff:
                    17:a3:59:bd:04:6c:0a:b8:93:7f:6c:92:d6:57:af:
                    01:ba:a5:85:be:24:d4:be:58:f3:aa:94:bd:0b:83:
                    6a:93:db:63:aa:40:ab:19:dc:48:22:24:69:54:d8:
                    a6:47:bd:32:dc:7e:3e:91:fd:1f:46:75:c2:38:49:
                    72:6d:b6:8c:27:e8:b5:28:b8:25:95:59:84:36:a6:
                    34:d8:60:61:28:4c:bc:46:60:b7:a0:5e:4a:32:4a:
                    23:a0:6e:40:21:e3:76:e3:3a:f9:54:32:7d:3e:09:
                    57:d8:a2:d3:f0:73:9d:67:c7:7e:63:93:f4:90:e1:
                    dd:63:65:fd:c2:c8:e0:79:c8:dd:89:27:fc:e0:98:
                    09:2a:1b:1d:11:52:8f:14:cc:ce:d8:54:72:17:44:
                    9f:57:04:43:fe:e2:91:af:4c:8d:a2:31:6d:59:23:
                    c6:e3:d9:24:dc:5c:77:ce:6d:6b:e3:ec:4d:bb:2b:
                    7f:a2:0a:15:14:63:de:6a:af:00:9b:fe:78:84:bd:
                    dd:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:67:90:BF:3F:A1:7C:C1:59:1B:B7:69:4B:05:11:79:22:C9:54:93
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:c3:c0:11:1d:49:ee:97:4c:67:f5:24:7e:cf:8f:29:a0:57:
         0d:bd:9a:9d:38:2a:db:9c:c4:28:d9:63:ca:c4:71:3d:71:d8:
         3f:36:5a:61:c5:b2:96:85:81:ea:6e:b4:36:ad:82:cb:46:6d:
         8d:04:e4:38:b9:21:24:d0:fe:f7:e1:6a:40:a8:a7:a1:f6:fa:
         50:5e:41:6c:79:61:e9:8d:75:27:91:4c:4d:30:92:69:2b:ce:
         51:8e:64:c9:25:6e:dc:87:e5:f3:f4:20:79:4f:22:41:e8:7c:
         6c:94:b2:de:28:17:49:ad:b1:3d:2f:9d:90:0d:53:4d:4c:0b:
         04:c4:b2:10:90:90:d9:5f:dc:b1:43:4a:00:14:0a:42:bf:d2:
         c6:e5:e4:d3:2a:16:46:63:ee:ce:aa:90:20:59:05:2e:34:47:
         96:23:0b:9b:f3:2a:4e:4f:c8:84:70:dc:a6:59:1d:e4:22:b7:
         6b:7c:36:6e:e3:6f:51:8a:a3:da:c7:95:e5:7c:b1:23:26:8c:
         3f:cc:07:7d:4a:c9:22:fb:50:62:4c:20:15:fb:62:e6:75:50:
         fb:38:00:b2:f7:33:b0:2c:be:bf:d8:d7:e9:ef:1f:5a:f3:cd:
         27:07:14:fc:48:0e:f6:f9:10:01:f6:5e:67:5d:21:57:11:52:
         75:a9:1a:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSbvB+5S2W9fvanmo+Y+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUxMTExMDUwMDQ4WhcNMjUxMTEyMDUwMDQ4WjAzMTEwLwYDVQQD
EyhjMDY3OTBiZjNmYTE3Y2MxNTkxYmI3Njk0YjA1MTE3OTIyYzk1NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi0HuA/EtyIKYZM0YL1vEce9FWde
o2rtIbK6JJJA0mhSkwFXDqNMaKjg9z5q3hcYZvclHyRKie0Na/8Xo1m9BGwKuJN/
bJLWV68BuqWFviTUvljzqpS9C4Nqk9tjqkCrGdxIIiRpVNimR70y3H4+kf0fRnXC
OElybbaMJ+i1KLgllVmENqY02GBhKEy8RmC3oF5KMkojoG5AIeN24zr5VDJ9PglX
2KLT8HOdZ8d+Y5P0kOHdY2X9wsjgecjdiSf84JgJKhsdEVKPFMzO2FRyF0SfVwRD
/uKRr0yNojFtWSPG49kk3Fx3zm1r4+xNuyt/ogoVFGPeaq8Am/54hL3dSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBnkL8/oXzBWRu3aUsFEXkiyVSTMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAcPAER1J
7pdMZ/Ukfs+PKaBXDb2anTgq25zEKNljysRxPXHYPzZaYcWyloWB6m60Nq2Cy0Zt
jQTkOLkhJND+9+FqQKinofb6UF5BbHlh6Y11J5FMTTCSaSvOUY5kySVu3Ifl8/Qg
eU8iQeh8bJSy3igXSa2xPS+dkA1TTUwLBMSyEJCQ2V/csUNKABQKQr/SxuXk0yoW
RmPuzqqQIFkFLjRHliMLm/MqTk/IhHDcplkd5CK3a3w2buNvUYqj2seV5XyxIyaM
P8wHfUrJIvtQYkwgFfti5nVQ+zgAsvczsCy+v9jX6e8fWvPNJwcU/EgO9vkQAfZe
Z10hVxFSdakaQg==
-----END CERTIFICATE-----