Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          p/1x6COLCG+CDpb+Q4LxyQbsKaBQtVdAZSKVZ+SvCb0=
Subject key identifier:   6A:EA:20:31:0F:72:5B:DF:25:10:64:0F:85:59:13:D2:73:EC:A9:36
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       01974A0CA1E5E4D6365CAD3DF387323B1E22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          01E1
Signing time:             Sat 07 Jun 2025 11:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 11:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 11:00:31 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: mU+9St+myOoDdj8J4EXn4wvHlhRZK45szIhnDzcq8Ck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:0c:a1:e5:e4:d6:36:5c:ad:3d:f3:87:32:3b:1e:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Jun  7 11:00:31 2025 GMT
            Not After : Jun  8 11:00:31 2025 GMT
        Subject: CN=6aea20310f725bdf2510640f855913d273eca936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c4:7c:fb:94:63:17:61:44:54:0a:9b:84:55:
                    90:cf:6f:0e:29:31:52:01:e3:72:1c:cd:23:a7:79:
                    5b:65:33:f4:75:76:82:13:01:05:89:66:e0:c3:df:
                    67:59:f0:42:69:e2:2b:bd:2e:92:21:a6:c2:16:a5:
                    e2:0f:23:20:b6:f1:75:23:93:4b:52:37:c1:8e:37:
                    d2:56:dc:72:58:c4:26:ad:38:2d:5c:36:de:c4:79:
                    9a:f8:c1:e0:4f:4e:cd:61:f6:27:13:b0:c3:1d:b5:
                    33:b4:9d:09:fb:15:ba:ae:fa:10:15:34:d1:ca:14:
                    b5:f6:d2:e4:22:f1:73:00:5a:d0:d6:b2:4b:af:db:
                    0a:71:84:0d:34:30:24:de:7f:57:55:8f:4c:df:f2:
                    fd:04:c7:b9:8c:19:b9:be:9f:16:10:a6:24:56:86:
                    29:c4:4c:99:fa:c0:55:8a:13:98:ac:55:47:f2:cc:
                    5a:95:a0:b9:8d:d6:fb:77:a0:53:4f:3d:a7:77:64:
                    f8:f8:9b:af:15:2d:22:17:7e:8f:11:4c:66:b5:7e:
                    27:ce:a0:a4:1b:de:3b:55:b3:c1:be:08:76:17:28:
                    e6:23:4a:58:f0:ea:57:2a:d5:b7:e5:b2:5e:28:1a:
                    c5:73:41:8b:78:61:af:0f:50:7d:37:6f:03:43:f6:
                    e8:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:EA:20:31:0F:72:5B:DF:25:10:64:0F:85:59:13:D2:73:EC:A9:36
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:fc:62:09:8c:a5:92:d3:96:3e:cf:18:29:8d:b4:eb:d4:db:
         d7:2f:ee:97:78:8a:98:3a:b2:47:4a:55:ef:f6:ef:ec:33:25:
         eb:e3:7e:c3:5a:f6:20:8f:b8:2b:46:e9:c3:56:ad:2b:33:ef:
         2e:51:c8:e2:61:3d:f9:ef:8f:9e:b3:25:a2:af:af:67:b0:61:
         58:63:20:87:a9:83:0d:3f:b3:21:a4:df:20:42:77:3a:1c:d3:
         61:69:49:01:5e:4b:ec:cd:4a:51:79:59:f7:08:de:81:e7:be:
         83:ca:80:63:bb:e8:28:3c:57:0b:35:9f:74:b2:de:6c:ce:af:
         bd:7b:a0:c7:73:96:d1:88:4c:e2:1e:0d:28:32:a6:5c:15:5c:
         a3:92:ac:62:45:15:f9:47:af:18:1f:ae:e9:bc:79:c3:fa:12:
         9f:90:f6:d7:53:f3:7d:d0:63:00:a0:98:eb:4e:74:f6:5c:2a:
         50:47:fd:de:87:62:99:6a:f0:f8:cf:3b:9e:e2:c1:73:4d:5c:
         7e:bd:ae:b5:5d:51:c8:52:c5:18:46:46:9c:19:97:1a:a5:9e:
         59:88:9d:bb:c5:65:18:6e:f6:30:24:42:fc:74:de:7f:ce:6f:
         e3:6c:13:a2:a9:bd:8c:de:69:5b:f6:e2:94:04:b1:92:f4:7a:
         b6:eb:fc:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDKHl5NY2XK0984cyOx4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwNjA3MTEwMDMxWhcNMjUwNjA4MTEwMDMxWjAzMTEwLwYDVQQD
Eyg2YWVhMjAzMTBmNzI1YmRmMjUxMDY0MGY4NTU5MTNkMjczZWNhOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8R8+5RjF2FEVAqbhFWQz28OKTFS
AeNyHM0jp3lbZTP0dXaCEwEFiWbgw99nWfBCaeIrvS6SIabCFqXiDyMgtvF1I5NL
UjfBjjfSVtxyWMQmrTgtXDbexHma+MHgT07NYfYnE7DDHbUztJ0J+xW6rvoQFTTR
yhS19tLkIvFzAFrQ1rJLr9sKcYQNNDAk3n9XVY9M3/L9BMe5jBm5vp8WEKYkVoYp
xEyZ+sBVihOYrFVH8sxalaC5jdb7d6BTTz2nd2T4+JuvFS0iF36PEUxmtX4nzqCk
G947VbPBvgh2FyjmI0pY8OpXKtW35bJeKBrFc0GLeGGvD1B9N28DQ/bokwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrqIDEPclvfJRBkD4VZE9Jz7Kk2MB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvxiCYyl
ktOWPs8YKY2069Tb1y/ul3iKmDqyR0pV7/bv7DMl6+N+w1r2II+4K0bpw1atKzPv
LlHI4mE9+e+PnrMloq+vZ7BhWGMgh6mDDT+zIaTfIEJ3OhzTYWlJAV5L7M1KUXlZ
9wjegee+g8qAY7voKDxXCzWfdLLebM6vvXugx3OW0YhM4h4NKDKmXBVco5KsYkUV
+UevGB+u6bx5w/oSn5D211PzfdBjAKCY60509lwqUEf93odimWrw+M87nuLBc01c
fr2utV1RyFLFGEZGnBmXGqWeWYidu8VlGG72MCRC/HTef85v42wToqm9jN5pW/bi
lASxkvR6tuv89A==
-----END CERTIFICATE-----