Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
File:                     BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft (raw, json)
Hash identifier:          2lWztPvOfDXwhQu3MPAUs4vCRr6aTIdzL6BRbU/SroY=
Subject key identifier:   F4:44:96:37:CF:2D:9F:3A:D8:BE:F0:FF:91:4A:6D:9B:00:D5:2E:62
Authority key identifier: 04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6
Certificate issuer:       /CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
Certificate serial:       0199239F45E2723FFCA007DADD2C4AE58829
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
Manifest number:          0CCA
Signing time:             Sun 07 Sep 2025 10:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:04 +0000
Files and hashes:         1: BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl (hash: lWJX4iM7yVEiNEGBwWoexdO6k5z7aDEm3avSkO6gBIY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:45:e2:72:3f:fc:a0:07:da:dd:2c:4a:e5:88:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
        Validity
            Not Before: Sep  7 10:01:04 2025 GMT
            Not After : Sep  8 10:01:04 2025 GMT
        Subject: CN=f4449637cf2d9f3ad8bef0ff914a6d9b00d52e62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1d:6f:17:7c:2b:9d:b6:08:0c:55:d1:2e:7f:
                    a7:84:da:9e:62:32:30:01:6b:94:40:3b:98:c1:f6:
                    d1:73:7c:88:84:1f:93:52:b0:ab:1e:03:0f:36:4f:
                    3f:66:6d:97:31:d0:60:06:4d:64:4a:e3:17:a2:9f:
                    f4:22:30:b3:d8:c6:2c:e4:26:71:f6:eb:04:35:96:
                    73:73:73:05:a4:a5:13:00:bc:d4:80:06:d0:d6:c1:
                    5f:08:32:fb:80:6d:50:11:56:a4:4c:e5:c0:d2:3e:
                    b6:94:b8:94:49:03:7d:33:03:d5:f4:45:3d:0a:3e:
                    48:33:61:48:69:d0:54:1d:bf:da:a9:61:d0:5c:7f:
                    6a:3c:30:27:8c:a2:33:f8:e9:e8:d3:13:49:90:29:
                    0b:64:29:55:a4:29:bc:df:f9:94:d6:a4:de:eb:04:
                    7f:5b:37:00:23:23:75:35:a3:92:7d:55:ae:b3:b7:
                    65:ad:9f:1b:98:b4:41:c4:61:95:65:6c:38:76:38:
                    df:5b:7d:be:06:70:48:3c:2e:19:39:07:85:94:7a:
                    13:09:ac:47:46:d5:df:7c:d5:43:8d:cf:b8:1c:a3:
                    0b:51:a7:de:59:1f:6b:a0:19:40:e8:03:22:44:a5:
                    5e:9b:b0:80:ba:f9:88:4a:f0:04:74:5b:9b:6b:5e:
                    1b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:44:96:37:CF:2D:9F:3A:D8:BE:F0:FF:91:4A:6D:9B:00:D5:2E:62
            X509v3 Authority Key Identifier:
                keyid:04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:35:c0:48:ef:20:e0:39:fc:2b:e7:e1:ea:e5:63:59:f7:0c:
         4b:bb:38:b9:9b:8f:c3:10:82:a2:e9:7d:1d:25:f9:07:2d:26:
         86:f4:f7:cb:d3:22:ce:d9:42:ab:fd:68:81:5d:e4:a7:9c:75:
         9c:33:8f:60:62:10:eb:9b:d4:82:f9:4c:8f:b5:66:49:aa:31:
         d9:92:c0:77:dc:51:3b:48:d0:d4:2f:3c:e9:e5:a6:6d:70:e5:
         c2:17:44:d2:fc:02:fc:ac:6d:56:a0:b9:09:f9:8b:64:0d:98:
         ef:c2:a8:4e:d5:af:70:fc:9a:97:bd:97:35:05:62:67:2b:a9:
         3d:86:2d:17:7a:1a:b7:99:d4:04:8a:72:e7:04:81:cb:2e:92:
         65:98:67:eb:df:f5:99:a8:0b:1c:a4:c9:cd:bd:eb:04:df:1f:
         41:4a:9f:e2:a9:cb:bd:21:c4:21:11:fa:80:17:62:e5:01:0d:
         cd:21:1a:71:bd:d3:e6:a4:f6:d7:1d:ff:3c:5c:58:42:e6:59:
         7d:72:fb:91:0b:4e:e7:bb:e3:8a:6d:d8:e5:20:3b:a6:96:91:
         75:ac:97:e5:b7:74:ac:44:0e:15:bc:07:79:82:7d:04:5c:bd:
         28:3f:c3:c6:10:d7:b0:5a:59:a8:67:e0:ca:61:c6:7f:8b:9d:
         73:e7:e3:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn0Xicj/8oAfa3SxK5YgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YjYxZTUxNDBjZDg5ODRmN2ZlMjAxMGRiNTllYmRiMmYz
ZWQ0ZTYwHhcNMjUwOTA3MTAwMTA0WhcNMjUwOTA4MTAwMTA0WjAzMTEwLwYDVQQD
EyhmNDQ0OTYzN2NmMmQ5ZjNhZDhiZWYwZmY5MTRhNmQ5YjAwZDUyZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R1vF3wrnbYIDFXRLn+nhNqeYjIw
AWuUQDuYwfbRc3yIhB+TUrCrHgMPNk8/Zm2XMdBgBk1kSuMXop/0IjCz2MYs5CZx
9usENZZzc3MFpKUTALzUgAbQ1sFfCDL7gG1QEVakTOXA0j62lLiUSQN9MwPV9EU9
Cj5IM2FIadBUHb/aqWHQXH9qPDAnjKIz+Ono0xNJkCkLZClVpCm83/mU1qTe6wR/
WzcAIyN1NaOSfVWus7dlrZ8bmLRBxGGVZWw4djjfW32+BnBIPC4ZOQeFlHoTCaxH
RtXffNVDjc+4HKMLUafeWR9roBlA6AMiRKVem7CAuvmISvAEdFuba14bpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPREljfPLZ862L7w/5FKbZsA1S5iMB8GA1UdIwQY
MBaAFAS2HlFAzYmE9/4gENtZ69svPtTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTkt
NjE3NWU4M2M2YTJiLzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTktNjE3NWU4M2M2YTJi
LzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsjXASO8g
4Dn8K+fh6uVjWfcMS7s4uZuPwxCCoul9HSX5By0mhvT3y9MiztlCq/1ogV3kp5x1
nDOPYGIQ65vUgvlMj7VmSaox2ZLAd9xRO0jQ1C886eWmbXDlwhdE0vwC/KxtVqC5
CfmLZA2Y78KoTtWvcPyal72XNQViZyupPYYtF3oat5nUBIpy5wSByy6SZZhn69/1
magLHKTJzb3rBN8fQUqf4qnLvSHEIRH6gBdi5QENzSEacb3T5qT21x3/PFxYQuZZ
fXL7kQtO57vjim3Y5SA7ppaRdayX5bd0rEQOFbwHeYJ9BFy9KD/DxhDXsFpZqGfg
ymHGf4udc+fjhA==
-----END CERTIFICATE-----