Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          Hi++TJ3BRnUyaPsfgcobO1fT1mRHBogioejmy5FJi3Q=
Subject key identifier:   FB:D3:BA:AB:83:D1:A2:B6:37:1F:0B:29:30:29:F1:32:B0:5A:36:67
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       019651C8B17C4687AA8D0351D5B0CF68ED60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          0747
Signing time:             Sun 20 Apr 2025 06:00:29 +0000
Manifest this update:     Sun 20 Apr 2025 06:00:29 +0000
Manifest next update:     Mon 21 Apr 2025 06:00:29 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: ACuFG+XCQ02uUq8DZrLxI+A1Z8iSppeWHq7itTw1nZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 06:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:c8:b1:7c:46:87:aa:8d:03:51:d5:b0:cf:68:ed:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Apr 20 06:00:29 2025 GMT
            Not After : Apr 21 06:00:29 2025 GMT
        Subject: CN=fbd3baab83d1a2b6371f0b293029f132b05a3667
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:16:34:f7:b7:5d:6d:66:e5:a6:50:b7:cd:00:
                    dc:d5:b8:00:8d:77:d3:13:af:da:57:9e:46:00:5d:
                    a5:f8:a4:cd:d9:80:73:e3:89:58:17:78:de:e3:4a:
                    8b:06:a9:e4:5a:c5:d7:79:2f:d8:99:21:03:21:59:
                    a8:19:4e:e2:a7:a2:f3:36:c9:4b:9d:ac:ee:f1:04:
                    de:65:9b:0c:72:a4:7e:2f:b7:9e:04:4f:42:fb:fb:
                    6e:c2:72:9a:04:de:61:61:57:2a:7d:51:c1:b9:73:
                    fc:1b:a4:55:cf:ae:b2:53:67:b4:28:b9:45:1e:12:
                    30:7f:c8:ff:59:0b:d9:5c:d5:39:d0:79:69:22:2c:
                    b4:9f:79:c4:f1:89:82:2a:81:92:b3:96:c1:94:44:
                    e3:ff:9f:5f:72:8c:c3:4f:76:f2:32:4e:19:5c:33:
                    42:a2:4a:d2:dd:ad:2b:ed:1d:e4:59:5d:4f:f0:8a:
                    b4:cc:54:1c:1d:e5:a5:ed:4d:5f:1f:9b:2e:3d:4c:
                    63:7a:5f:2c:a8:15:cf:f2:df:1e:37:07:f2:e5:e7:
                    c8:2b:80:d6:98:42:89:45:e3:7a:cb:fc:20:31:12:
                    d9:0b:f3:f7:f1:0b:11:24:2d:ea:4b:f9:5d:dd:26:
                    cb:d7:90:2d:db:19:bd:54:56:f9:ad:b7:6f:d3:4d:
                    cc:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:D3:BA:AB:83:D1:A2:B6:37:1F:0B:29:30:29:F1:32:B0:5A:36:67
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:a5:9e:b8:e1:7f:1f:3e:15:a6:b9:9b:c5:42:46:33:20:88:
         86:c2:49:a3:d0:35:9e:66:ac:b9:c9:89:fc:34:8c:7c:0d:85:
         4a:97:72:ad:cb:c2:71:0c:a4:5a:48:f8:08:77:4e:c9:db:77:
         20:11:d9:b6:ac:f5:a0:32:4f:d7:e9:4a:22:23:54:fe:2a:58:
         ef:5a:2c:3e:47:80:f4:5f:f1:90:06:ee:ad:f0:33:7b:65:b2:
         14:d5:ee:29:27:a6:01:0d:53:10:9e:71:2b:fe:6d:78:99:38:
         67:bb:2e:77:a0:f7:79:56:55:22:46:87:a0:81:86:23:d4:81:
         11:ee:f8:28:c8:48:99:1a:95:a8:94:97:10:fe:94:01:56:ff:
         00:a0:25:a1:f2:86:25:6d:18:1e:4a:72:70:e5:8b:52:1d:26:
         35:e6:28:5d:c2:70:d5:63:61:1e:04:a5:dd:15:89:5c:ff:6a:
         11:85:9b:8b:84:1d:a5:ae:aa:68:46:40:b8:98:7b:40:4c:21:
         3b:71:b5:ed:99:53:9e:8f:98:d5:01:fe:ff:14:41:39:35:96:
         1c:2c:5c:e7:09:72:c2:c4:aa:03:64:4e:c9:78:31:68:36:42:
         17:c0:12:72:69:7e:6e:c1:33:55:97:f5:5d:23:75:58:1e:05:
         7c:34:c6:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRyLF8RoeqjQNR1bDPaO1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjUwNDIwMDYwMDI5WhcNMjUwNDIxMDYwMDI5WjAzMTEwLwYDVQQD
EyhmYmQzYmFhYjgzZDFhMmI2MzcxZjBiMjkzMDI5ZjEzMmIwNWEzNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBY097ddbWblplC3zQDc1bgAjXfT
E6/aV55GAF2l+KTN2YBz44lYF3je40qLBqnkWsXXeS/YmSEDIVmoGU7ip6LzNslL
nazu8QTeZZsMcqR+L7eeBE9C+/tuwnKaBN5hYVcqfVHBuXP8G6RVz66yU2e0KLlF
HhIwf8j/WQvZXNU50HlpIiy0n3nE8YmCKoGSs5bBlETj/59fcozDT3byMk4ZXDNC
okrS3a0r7R3kWV1P8Iq0zFQcHeWl7U1fH5suPUxjel8sqBXP8t8eNwfy5efIK4DW
mEKJReN6y/wgMRLZC/P38QsRJC3qS/ld3SbL15At2xm9VFb5rbdv003MiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvTuquD0aK2Nx8LKTAp8TKwWjZnMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOqWeuOF/
Hz4VprmbxUJGMyCIhsJJo9A1nmasucmJ/DSMfA2FSpdyrcvCcQykWkj4CHdOydt3
IBHZtqz1oDJP1+lKIiNU/ipY71osPkeA9F/xkAburfAze2WyFNXuKSemAQ1TEJ5x
K/5teJk4Z7sud6D3eVZVIkaHoIGGI9SBEe74KMhImRqVqJSXEP6UAVb/AKAlofKG
JW0YHkpycOWLUh0mNeYoXcJw1WNhHgSl3RWJXP9qEYWbi4Qdpa6qaEZAuJh7QEwh
O3G17ZlTno+Y1QH+/xRBOTWWHCxc5wlywsSqA2ROyXgxaDZCF8AScml+bsEzVZf1
XSN1WB4FfDTGFA==
-----END CERTIFICATE-----