Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
File:                     bdEoKnfiVmUBaNLlZWrvzprWouw.mft (raw, json)
Hash identifier:          Nn1y8bpQAYyiB6buZhZphk1dYBrDnL3MYesPfEi1nok=
Subject key identifier:   25:48:0E:30:75:55:89:30:3B:54:3B:7C:0F:BB:27:57:26:27:00:70
Authority key identifier: 6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC
Certificate issuer:       /CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
Certificate serial:       01963E42382D37CEBFDABCE32ACF97F184EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
Manifest number:          0326
Signing time:             Wed 16 Apr 2025 11:00:49 +0000
Manifest this update:     Wed 16 Apr 2025 11:00:49 +0000
Manifest next update:     Thu 17 Apr 2025 11:00:49 +0000
Files and hashes:         1: bdEoKnfiVmUBaNLlZWrvzprWouw.crl (hash: 57YplysoQT4y8Vkt8tCJSD4AYf34zih4/Yehpa3+YpE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 11:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3e:42:38:2d:37:ce:bf:da:bc:e3:2a:cf:97:f1:84:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
        Validity
            Not Before: Apr 16 11:00:49 2025 GMT
            Not After : Apr 17 11:00:49 2025 GMT
        Subject: CN=25480e30755589303b543b7c0fbb275726270070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:aa:1e:7c:c6:3e:1a:f9:d3:3b:1f:10:f2:c7:
                    10:0d:4d:bf:23:51:ff:fc:8f:7a:f8:cc:57:2d:0d:
                    ec:39:e9:e1:42:3a:88:39:78:44:80:b5:19:4d:b4:
                    ad:fc:d7:eb:60:06:cf:09:67:5d:b7:19:85:e9:e7:
                    e5:af:2c:7b:cc:3e:bd:f3:2e:79:f5:ec:73:71:32:
                    75:b4:84:29:ce:b4:f1:07:3b:ce:ac:87:8c:4a:b4:
                    58:c4:36:07:e3:dd:8e:d2:c9:94:93:b2:19:2b:5f:
                    b7:83:69:27:75:86:f7:e0:2f:81:ad:b2:bd:71:f2:
                    08:61:b7:06:30:69:11:51:c3:b5:8a:7e:be:b0:99:
                    d3:ed:be:09:fc:ff:44:fa:3b:04:1b:93:cb:dd:84:
                    ff:2c:14:8a:ad:72:a3:45:71:6d:a0:45:fd:e4:a6:
                    94:4f:f2:e9:44:4b:2b:44:ca:2d:1d:5d:57:dd:f7:
                    72:ef:c3:ab:48:5f:dc:99:8f:0e:88:2c:c9:7d:d0:
                    1e:01:3f:81:39:e4:da:7e:7c:36:32:81:7f:a7:0c:
                    d5:92:5b:bf:ba:c2:6e:82:49:02:17:09:ac:15:a1:
                    23:a5:8f:cb:e3:3f:e9:ea:13:8a:e1:e8:13:b8:38:
                    c0:cc:ce:d0:4a:28:31:17:96:59:7b:60:1b:eb:bf:
                    c2:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:48:0E:30:75:55:89:30:3B:54:3B:7C:0F:BB:27:57:26:27:00:70
            X509v3 Authority Key Identifier:
                keyid:6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:65:52:b2:5c:f3:74:1e:9f:94:ce:13:bf:67:0c:0b:3c:2e:
         77:5a:7b:20:1c:07:d1:35:b1:ca:b2:2d:24:a0:9d:8f:66:4d:
         f8:0c:e8:a6:80:d6:ba:c0:21:c5:d9:0e:90:9d:ac:8c:60:5a:
         2b:bb:b7:12:d3:35:c3:ee:28:ef:2d:1b:2f:a9:09:29:ba:31:
         68:7e:dc:7b:70:0c:22:05:78:fe:67:b7:6b:e5:95:a4:50:ac:
         d2:b4:1e:10:f6:84:a2:30:05:1c:a0:02:59:ae:fc:94:bd:f7:
         db:1b:39:cd:6d:32:43:02:f3:cc:d8:58:f8:2c:d5:f1:75:28:
         e9:20:da:35:81:8b:c5:0c:60:1d:f9:d1:15:2b:37:12:7b:f8:
         fc:6e:cc:40:13:51:37:04:49:82:a6:43:8c:a1:ca:b4:99:7c:
         41:1e:77:f0:a8:9d:5d:73:df:ef:69:48:ce:26:15:3c:cd:05:
         f7:b6:1c:c0:8f:5a:fe:c5:73:49:8b:e7:56:c1:72:95:96:e1:
         e3:50:71:11:02:10:de:b3:2c:6a:dd:ac:78:e8:88:c0:a8:49:
         e7:80:d7:c5:ff:6e:50:35:fa:65:5b:91:4e:91:82:b6:12:b3:
         cd:92:df:01:bf:39:d4:7d:8c:d0:f3:ce:c6:6e:98:b7:cb:42:
         69:d1:2b:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY+QjgtN86/2rzjKs+X8YTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZDEyODJhNzdlMjU2NjUwMTY4ZDJlNTY1NmFlZmNlOWFk
NmEyZWMwHhcNMjUwNDE2MTEwMDQ5WhcNMjUwNDE3MTEwMDQ5WjAzMTEwLwYDVQQD
EygyNTQ4MGUzMDc1NTU4OTMwM2I1NDNiN2MwZmJiMjc1NzI2MjcwMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaoefMY+GvnTOx8Q8scQDU2/I1H/
/I96+MxXLQ3sOenhQjqIOXhEgLUZTbSt/NfrYAbPCWddtxmF6eflryx7zD698y55
9exzcTJ1tIQpzrTxBzvOrIeMSrRYxDYH492O0smUk7IZK1+3g2kndYb34C+BrbK9
cfIIYbcGMGkRUcO1in6+sJnT7b4J/P9E+jsEG5PL3YT/LBSKrXKjRXFtoEX95KaU
T/LpREsrRMotHV1X3fdy78OrSF/cmY8OiCzJfdAeAT+BOeTafnw2MoF/pwzVklu/
usJugkkCFwmsFaEjpY/L4z/p6hOK4egTuDjAzM7QSigxF5ZZe2Ab67/C9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVIDjB1VYkwO1Q7fA+7J1cmJwBwMB8GA1UdIwQY
MBaAFG3RKCp34lZlAWjS5WVq786a1qLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgt
ZTAyMzNiN2M2MGFhLzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgtZTAyMzNiN2M2MGFh
LzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhmVSslzz
dB6flM4Tv2cMCzwud1p7IBwH0TWxyrItJKCdj2ZN+AzopoDWusAhxdkOkJ2sjGBa
K7u3EtM1w+4o7y0bL6kJKboxaH7ce3AMIgV4/me3a+WVpFCs0rQeEPaEojAFHKAC
Wa78lL332xs5zW0yQwLzzNhY+CzV8XUo6SDaNYGLxQxgHfnRFSs3Env4/G7MQBNR
NwRJgqZDjKHKtJl8QR538KidXXPf72lIziYVPM0F97YcwI9a/sVzSYvnVsFylZbh
41BxEQIQ3rMsat2seOiIwKhJ54DXxf9uUDX6ZVuRTpGCthKzzZLfAb851H2M0PPO
xm6Yt8tCadErTA==
-----END CERTIFICATE-----