Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
File:                     bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json)
Hash identifier:          yhDSKIRQ5+pyBfazaSHUHIb71b9NMTHDDRQmWy6lA4Y=
Subject key identifier:   B9:B2:C5:47:E0:2E:8B:21:25:A2:FC:42:5C:32:88:37:EF:0C:48:52
Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C
Certificate issuer:       /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
Certificate serial:       01965EA873151AEDBE2D8834E6FC54821137
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
Manifest number:          0322
Signing time:             Tue 22 Apr 2025 18:00:19 +0000
Manifest this update:     Tue 22 Apr 2025 18:00:19 +0000
Manifest next update:     Wed 23 Apr 2025 18:00:19 +0000
Files and hashes:         1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: 4nRm92ki2iyXRrCACUNVeq8CXUq+gIhNO6MpKq3U2tg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 14:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5e:a8:73:15:1a:ed:be:2d:88:34:e6:fc:54:82:11:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
        Validity
            Not Before: Apr 22 18:00:19 2025 GMT
            Not After : Apr 23 18:00:19 2025 GMT
        Subject: CN=b9b2c547e02e8b2125a2fc425c328837ef0c4852
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:32:4f:00:6a:27:0e:3e:2e:98:b8:5a:ae:8b:
                    73:f5:f4:0b:39:9a:ff:c4:c8:99:3c:f9:84:ee:2f:
                    ee:6f:ca:ae:8a:e8:e7:35:40:a7:4d:9b:cf:74:ea:
                    25:73:15:0e:e2:d0:2d:15:07:32:59:b3:fc:09:e2:
                    a7:14:11:ad:d5:94:cd:e2:00:ef:50:b3:39:b5:bc:
                    a5:b9:ec:f4:50:a1:aa:3d:5e:22:09:68:e9:a3:58:
                    2d:0e:49:df:81:ac:5d:be:3f:54:77:fe:a6:2a:09:
                    ca:cf:89:6b:65:a3:32:3e:5e:a7:bc:60:44:e4:f7:
                    0d:2d:4a:e4:9a:5b:8a:b5:80:97:72:d4:10:a0:02:
                    86:df:85:59:ae:08:07:b1:3a:be:db:47:16:ee:31:
                    df:fa:6b:e1:2e:80:72:a7:5e:47:96:14:86:1a:17:
                    5b:d8:d1:d9:32:96:e4:91:30:bc:d3:e0:5b:f3:77:
                    2c:d4:32:ce:26:a6:4e:af:5c:97:77:24:37:57:b2:
                    91:af:69:0c:a1:61:78:91:49:6e:81:87:19:15:05:
                    71:a2:07:c8:8f:f3:a7:c7:36:ff:7f:0f:52:69:70:
                    98:27:d5:f2:d0:a0:8b:6e:f8:56:9b:dd:a0:af:3d:
                    64:66:d4:6f:b8:d0:bf:41:a2:b9:56:c6:0a:a1:dd:
                    c6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:B2:C5:47:E0:2E:8B:21:25:A2:FC:42:5C:32:88:37:EF:0C:48:52
            X509v3 Authority Key Identifier:
                keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:22:5c:3e:f3:e3:9c:f5:78:93:59:5b:a6:59:4f:30:9f:6c:
         c7:88:af:d9:d6:87:e6:07:d1:4c:a0:8e:53:0d:79:be:85:fb:
         93:09:f1:c6:05:65:bd:c2:5d:67:0b:aa:08:ae:6e:cf:f9:b2:
         87:86:2f:91:43:99:1e:6b:ca:9b:2e:0c:0b:56:8e:e3:5c:5f:
         92:7e:b6:27:1f:95:31:7c:64:33:50:8c:61:22:8d:ba:63:8f:
         92:53:10:3b:91:2e:19:85:1d:cd:8e:89:15:74:c3:e3:c5:b6:
         fd:59:51:bd:71:6e:9f:d0:04:56:af:8c:ef:43:4e:c2:ac:ac:
         b8:b7:f9:34:7e:12:a5:4e:a4:c8:ff:82:89:23:3d:d6:5f:c3:
         db:b7:ca:3f:6e:77:95:64:ba:ee:31:1d:a9:73:b7:47:cf:d3:
         fc:4c:1c:02:ea:0a:ae:3b:3a:ec:2d:7b:56:4c:9d:ae:0f:8e:
         ed:18:cc:f2:41:cb:0a:9d:79:5e:9f:10:84:bb:4f:2a:08:c6:
         c1:a6:c5:eb:ef:ea:c5:e6:6b:b9:6e:31:f4:0e:c8:7d:db:97:
         5b:16:d1:66:00:2b:ff:5e:d5:04:d5:77:d3:07:d3:b2:3c:3f:
         fa:0e:20:7e:3d:ec:c9:50:1f:c3:21:a8:42:8b:78:cd:c9:76:
         23:7d:e2:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZeqHMVGu2+LYg05vxUghE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0
MmRmMWMwHhcNMjUwNDIyMTgwMDE5WhcNMjUwNDIzMTgwMDE5WjAzMTEwLwYDVQQD
EyhiOWIyYzU0N2UwMmU4YjIxMjVhMmZjNDI1YzMyODgzN2VmMGM0ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjJPAGonDj4umLharotz9fQLOZr/
xMiZPPmE7i/ub8quiujnNUCnTZvPdOolcxUO4tAtFQcyWbP8CeKnFBGt1ZTN4gDv
ULM5tbyluez0UKGqPV4iCWjpo1gtDknfgaxdvj9Ud/6mKgnKz4lrZaMyPl6nvGBE
5PcNLUrkmluKtYCXctQQoAKG34VZrggHsTq+20cW7jHf+mvhLoByp15HlhSGGhdb
2NHZMpbkkTC80+Bb83cs1DLOJqZOr1yXdyQ3V7KRr2kMoWF4kUlugYcZFQVxogfI
j/Onxzb/fw9SaXCYJ9Xy0KCLbvhWm92grz1kZtRvuNC/QaK5VsYKod3GnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmyxUfgLoshJaL8QlwyiDfvDEhSMB8GA1UdIwQY
MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt
MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0
LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzyJcPvPj
nPV4k1lbpllPMJ9sx4iv2daH5gfRTKCOUw15voX7kwnxxgVlvcJdZwuqCK5uz/my
h4YvkUOZHmvKmy4MC1aO41xfkn62Jx+VMXxkM1CMYSKNumOPklMQO5EuGYUdzY6J
FXTD48W2/VlRvXFun9AEVq+M70NOwqysuLf5NH4SpU6kyP+CiSM91l/D27fKP253
lWS67jEdqXO3R8/T/EwcAuoKrjs67C17Vkydrg+O7RjM8kHLCp15Xp8QhLtPKgjG
wabF6+/qxeZruW4x9A7IfduXWxbRZgAr/17VBNV30wfTsjw/+g4gfj3syVAfwyGo
Qot4zcl2I33i5g==
-----END CERTIFICATE-----