Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
File:                     BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft (raw, json)
Hash identifier:          zH6ItPUnNGoJUz7XHdLzKYJlzsLqbTkz2Uy1lZlaImk=
Subject key identifier:   B7:4D:45:40:AE:EF:A5:84:29:B7:98:77:26:DF:BB:D1:67:20:5C:7F
Authority key identifier: 05:87:C8:49:0B:37:20:45:66:9F:45:F1:83:19:3E:ED:46:F9:91:F5
Certificate issuer:       /CN=0587c8490b372045669f45f183193eed46f991f5
Certificate serial:       0197488C7D0267D732980BC5CDAFA8EC6024
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
Manifest number:          08DB
Signing time:             Sat 07 Jun 2025 04:00:55 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:55 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:55 +0000
Files and hashes:         1: BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl (hash: XGzIIQTc0cipe4nW8MwrbxgElwflu8QVSIWoleucsY0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:7d:02:67:d7:32:98:0b:c5:cd:af:a8:ec:60:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0587c8490b372045669f45f183193eed46f991f5
        Validity
            Not Before: Jun  7 04:00:55 2025 GMT
            Not After : Jun  8 04:00:55 2025 GMT
        Subject: CN=b74d4540aeefa58429b7987726dfbbd167205c7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8e:d2:81:91:75:69:a2:e0:45:a0:7a:de:4d:
                    a4:cc:a0:34:f5:00:9c:3d:22:93:af:39:34:1a:87:
                    0f:29:7d:bc:92:23:df:7f:d5:1f:67:be:6d:e7:bb:
                    3b:e1:b4:cc:a0:9c:a6:46:1c:eb:f4:de:3b:e7:46:
                    be:d1:f6:3e:90:47:e0:08:11:b7:34:3f:65:1f:85:
                    e1:ce:81:49:26:2f:83:56:7c:31:b4:53:b3:82:e7:
                    df:bf:ad:05:3c:19:26:a8:8b:48:c9:0b:70:bb:d5:
                    75:33:ee:32:1a:50:d2:fc:94:c8:50:51:0c:2b:98:
                    4e:e4:05:da:9c:12:ff:c4:96:4e:2f:a8:f2:1a:d1:
                    4b:b9:d8:8c:b1:4d:bc:4f:5f:81:a9:11:1d:90:69:
                    b9:d4:71:65:7d:4b:09:47:16:84:f1:3f:29:ba:5b:
                    5f:75:f3:ba:01:bd:8d:98:c1:34:10:0b:29:72:d2:
                    3a:c4:5d:f5:a6:fd:bc:37:38:11:27:52:59:0d:59:
                    01:b6:da:55:63:a9:65:cc:ed:1f:a2:87:1d:b1:ee:
                    3c:08:b5:73:4c:ce:01:bb:dc:85:10:51:64:dc:69:
                    ce:f5:5d:d1:ac:84:a2:15:67:36:04:77:4f:25:05:
                    e2:59:d0:d7:60:25:a0:46:d0:13:c7:c7:58:80:12:
                    77:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:4D:45:40:AE:EF:A5:84:29:B7:98:77:26:DF:BB:D1:67:20:5C:7F
            X509v3 Authority Key Identifier:
                keyid:05:87:C8:49:0B:37:20:45:66:9F:45:F1:83:19:3E:ED:46:F9:91:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cd0169-ffc1-401a-abbd-ba033f907d91/1/BYfISQs3IEVmn0Xxgxk-7Ub5kfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:35:14:36:a0:93:2a:c7:29:71:e4:21:1f:50:f8:b0:de:47:
         b9:00:aa:30:3c:2d:e6:a3:8a:e5:46:0d:ae:14:e1:c0:9f:2a:
         13:6b:b0:eb:c4:4e:35:a5:22:0d:02:3e:e8:f9:98:2d:e7:fe:
         d1:47:5d:13:ca:4c:a0:7c:ce:2b:15:b6:37:41:de:08:4e:f6:
         c5:54:53:1f:aa:de:6c:cd:e1:a8:bf:15:29:11:fa:21:89:6b:
         8d:e4:6c:20:04:40:1c:9e:d3:65:35:2e:ca:05:6d:43:2c:69:
         ff:bd:4f:08:52:0f:fd:70:86:76:dd:6f:05:13:1f:78:d0:84:
         93:75:01:15:3c:3b:d8:57:87:d8:cb:e6:9f:f2:54:32:36:3a:
         e1:f8:ad:19:5e:1b:0b:ea:9a:cd:e5:d5:09:1c:69:7f:a8:e9:
         45:1e:c9:69:c7:34:37:cb:73:10:f5:6b:61:e1:b5:01:d2:be:
         fe:93:df:94:5e:ec:94:e4:86:b6:c2:10:f0:47:f4:64:b4:7a:
         96:be:44:71:2a:f7:c9:9f:59:cf:58:b4:33:05:c1:58:d5:ef:
         88:80:b6:c8:cf:d9:7b:33:e3:b9:13:bf:b1:e5:6e:f9:aa:c4:
         dd:a1:18:92:13:5d:7c:6e:3a:b2:89:e7:83:aa:bf:84:61:f0:
         19:6f:25:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjH0CZ9cymAvFza+o7GAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODdjODQ5MGIzNzIwNDU2NjlmNDVmMTgzMTkzZWVkNDZm
OTkxZjUwHhcNMjUwNjA3MDQwMDU1WhcNMjUwNjA4MDQwMDU1WjAzMTEwLwYDVQQD
EyhiNzRkNDU0MGFlZWZhNTg0MjliNzk4NzcyNmRmYmJkMTY3MjA1YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY7SgZF1aaLgRaB63k2kzKA09QCc
PSKTrzk0GocPKX28kiPff9UfZ75t57s74bTMoJymRhzr9N4750a+0fY+kEfgCBG3
ND9lH4XhzoFJJi+DVnwxtFOzguffv60FPBkmqItIyQtwu9V1M+4yGlDS/JTIUFEM
K5hO5AXanBL/xJZOL6jyGtFLudiMsU28T1+BqREdkGm51HFlfUsJRxaE8T8pultf
dfO6Ab2NmME0EAspctI6xF31pv28NzgRJ1JZDVkBttpVY6llzO0foocdse48CLVz
TM4Bu9yFEFFk3GnO9V3RrISiFWc2BHdPJQXiWdDXYCWgRtATx8dYgBJ3OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdNRUCu76WEKbeYdybfu9FnIFx/MB8GA1UdIwQY
MBaAFAWHyEkLNyBFZp9F8YMZPu1G+ZH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jZDAxNjktZmZjMS00MDFhLWFiYmQt
YmEwMzNmOTA3ZDkxLzEvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jZDAxNjktZmZjMS00MDFhLWFiYmQtYmEwMzNmOTA3ZDkx
LzEvQllmSVNRczNJRVZtbjBYeGd4ay03VWI1a2ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmDUUNqCT
KscpceQhH1D4sN5HuQCqMDwt5qOK5UYNrhThwJ8qE2uw68RONaUiDQI+6PmYLef+
0UddE8pMoHzOKxW2N0HeCE72xVRTH6rebM3hqL8VKRH6IYlrjeRsIARAHJ7TZTUu
ygVtQyxp/71PCFIP/XCGdt1vBRMfeNCEk3UBFTw72FeH2Mvmn/JUMjY64fitGV4b
C+qazeXVCRxpf6jpRR7Jacc0N8tzEPVrYeG1AdK+/pPflF7slOSGtsIQ8Ef0ZLR6
lr5EcSr3yZ9Zz1i0MwXBWNXviIC2yM/ZezPjuRO/seVu+arE3aEYkhNdfG46sonn
g6q/hGHwGW8lHA==
-----END CERTIFICATE-----