Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
File:                     BsL3NfcUX3DScCYC7oyBVknrLkU.mft (raw, json)
Hash identifier:          iWyVaJaSnNVLmZvMiLZS0kc/1E5eWcKFnRaAg8haRm0=
Subject key identifier:   9D:B3:8A:03:A5:E4:E4:E8:67:77:09:FB:3A:2E:1A:7D:B8:2F:2C:31
Authority key identifier: 06:C2:F7:35:F7:14:5F:70:D2:70:26:02:EE:8C:81:56:49:EB:2E:45
Certificate issuer:       /CN=06c2f735f7145f70d2702602ee8c815649eb2e45
Certificate serial:       0197488D13FC1E64F3D07BF9D8EC136E57E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
Manifest number:          0FB0
Signing time:             Sat 07 Jun 2025 04:01:34 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:34 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:34 +0000
Files and hashes:         1: BsL3NfcUX3DScCYC7oyBVknrLkU.crl (hash: IEH6BS99JETYPNfRWmrnJzS+VAEYz950rE4AqXFRBUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:13:fc:1e:64:f3:d0:7b:f9:d8:ec:13:6e:57:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06c2f735f7145f70d2702602ee8c815649eb2e45
        Validity
            Not Before: Jun  7 04:01:34 2025 GMT
            Not After : Jun  8 04:01:34 2025 GMT
        Subject: CN=9db38a03a5e4e4e8677709fb3a2e1a7db82f2c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c4:5f:63:d8:88:47:57:c3:b9:17:7b:6e:67:
                    e4:e6:6e:eb:92:09:b6:13:1b:ac:4e:ee:b9:ee:46:
                    6c:44:d3:68:37:11:51:3e:fe:38:0f:89:19:f6:01:
                    cc:2a:27:94:9b:53:7d:75:51:5c:3d:37:2c:b1:0d:
                    39:f3:bc:a7:a9:2d:d7:75:a9:36:ad:e3:fb:76:92:
                    65:c1:4b:c0:bf:2b:75:e6:71:2d:d3:78:e1:b6:15:
                    32:a1:f9:55:04:71:d5:16:3b:80:6d:d3:49:0f:53:
                    41:40:53:dd:ec:e3:b5:b0:e3:ca:18:24:a7:e4:42:
                    cd:98:3f:2d:9c:e1:88:26:5e:6c:74:1b:7f:e4:00:
                    52:25:53:e2:a7:c2:92:1c:b9:9f:74:d5:26:15:45:
                    65:73:99:b5:e3:0e:de:1f:8a:c6:42:36:bf:07:5b:
                    67:2d:c1:da:9c:07:dd:c3:f3:ef:4d:e9:50:ed:87:
                    79:32:ac:af:db:c6:ab:f0:95:d1:f1:2e:37:70:1b:
                    7a:ca:c1:ed:49:13:83:0c:c3:57:77:ba:52:ea:a2:
                    6d:a8:69:7c:13:ca:3b:17:80:2e:09:f8:8a:5b:35:
                    d3:08:3b:64:3a:8b:0f:10:02:d1:bd:ea:8d:89:94:
                    79:18:1c:cf:5b:96:f4:c4:17:83:3f:59:63:0c:ce:
                    88:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:B3:8A:03:A5:E4:E4:E8:67:77:09:FB:3A:2E:1A:7D:B8:2F:2C:31
            X509v3 Authority Key Identifier:
                keyid:06:C2:F7:35:F7:14:5F:70:D2:70:26:02:EE:8C:81:56:49:EB:2E:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:67:f5:21:78:11:a8:a4:02:95:cb:06:ab:97:7a:14:83:2c:
         b9:03:e3:b8:07:e8:96:53:7d:a4:4b:bc:cf:6f:98:26:63:0c:
         75:40:17:d4:e4:92:3e:37:f9:2a:73:a6:0d:90:87:a9:26:ae:
         a6:58:68:2d:64:08:06:7f:29:d8:ca:a1:60:5b:56:ae:eb:0d:
         4b:16:2c:3a:01:49:15:61:56:d0:ec:ab:9f:8b:79:fd:85:07:
         39:4e:a4:8e:f8:65:bb:dd:3b:b1:38:ce:cd:15:d0:fe:30:f5:
         5e:48:87:11:79:a8:a2:e7:8a:fa:60:00:4c:96:2b:a6:c5:b2:
         c2:fd:68:29:eb:6c:ea:69:a3:52:42:1f:82:0c:58:5b:e4:34:
         0d:98:e2:fe:fb:0b:61:04:70:e6:b8:5b:2a:04:1f:47:22:69:
         d6:1c:92:0e:84:e5:ff:7e:16:43:33:f7:72:08:f9:de:18:9f:
         94:90:e8:75:19:df:1a:6b:f2:4c:ab:70:6f:c7:e0:bf:cc:e6:
         f0:a0:11:9a:3b:63:0b:01:33:21:36:3c:9a:7d:28:a5:ea:40:
         04:28:77:65:0c:1e:eb:d1:aa:4b:59:29:fc:36:a5:88:e3:03:
         1c:76:5e:b8:20:8b:ba:6e:0a:60:c6:3c:e5:e9:a1:c8:ae:00:
         a8:2f:84:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjRP8HmTz0Hv52OwTblfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzJmNzM1ZjcxNDVmNzBkMjcwMjYwMmVlOGM4MTU2NDll
YjJlNDUwHhcNMjUwNjA3MDQwMTM0WhcNMjUwNjA4MDQwMTM0WjAzMTEwLwYDVQQD
Eyg5ZGIzOGEwM2E1ZTRlNGU4Njc3NzA5ZmIzYTJlMWE3ZGI4MmYyYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsRfY9iIR1fDuRd7bmfk5m7rkgm2
ExusTu657kZsRNNoNxFRPv44D4kZ9gHMKieUm1N9dVFcPTcssQ0587ynqS3Xdak2
reP7dpJlwUvAvyt15nEt03jhthUyoflVBHHVFjuAbdNJD1NBQFPd7OO1sOPKGCSn
5ELNmD8tnOGIJl5sdBt/5ABSJVPip8KSHLmfdNUmFUVlc5m14w7eH4rGQja/B1tn
LcHanAfdw/PvTelQ7Yd5Mqyv28ar8JXR8S43cBt6ysHtSRODDMNXd7pS6qJtqGl8
E8o7F4AuCfiKWzXTCDtkOosPEALRveqNiZR5GBzPW5b0xBeDP1ljDM6IZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2zigOl5OToZ3cJ+zouGn24LywxMB8GA1UdIwQY
MBaAFAbC9zX3FF9w0nAmAu6MgVZJ6y5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTczMjgtNzdjNi00Y2EzLThiNmQt
MWZmNjMwYzM1MGZmLzEvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTczMjgtNzdjNi00Y2EzLThiNmQtMWZmNjMwYzM1MGZm
LzEvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHWf1IXgR
qKQClcsGq5d6FIMsuQPjuAfollN9pEu8z2+YJmMMdUAX1OSSPjf5KnOmDZCHqSau
plhoLWQIBn8p2MqhYFtWrusNSxYsOgFJFWFW0Oyrn4t5/YUHOU6kjvhlu907sTjO
zRXQ/jD1XkiHEXmooueK+mAATJYrpsWywv1oKets6mmjUkIfggxYW+Q0DZji/vsL
YQRw5rhbKgQfRyJp1hySDoTl/34WQzP3cgj53hiflJDodRnfGmvyTKtwb8fgv8zm
8KARmjtjCwEzITY8mn0opepABCh3ZQwe69GqS1kp/DaliOMDHHZeuCCLum4KYMY8
5emhyK4AqC+EPw==
-----END CERTIFICATE-----