Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
File:                     bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft (raw, json)
Hash identifier:          LboKIzZgefy4trInx8aAzB6p3+gA4zdd9L74favfGkU=
Subject key identifier:   6C:75:B6:1B:6B:77:93:79:76:D7:90:FA:BD:63:B2:39:2A:2C:1E:26
Authority key identifier: 6E:99:CC:CD:6F:0F:F2:6D:E8:ED:39:36:F4:A6:4B:EE:98:D9:DC:66
Certificate issuer:       /CN=6e99cccd6f0ff26de8ed3936f4a64bee98d9dc66
Certificate serial:       0196409E44FF08BD3110C95C1FF0C6C15B21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
Manifest number:          14A5
Signing time:             Wed 16 Apr 2025 22:00:36 +0000
Manifest this update:     Wed 16 Apr 2025 22:00:36 +0000
Manifest next update:     Thu 17 Apr 2025 22:00:36 +0000
Files and hashes:         1: bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl (hash: a4+nLbY6MqCTE456zButQF1+7QzvNenk4upf9fOyBYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:40:9e:44:ff:08:bd:31:10:c9:5c:1f:f0:c6:c1:5b:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e99cccd6f0ff26de8ed3936f4a64bee98d9dc66
        Validity
            Not Before: Apr 16 22:00:36 2025 GMT
            Not After : Apr 17 22:00:36 2025 GMT
        Subject: CN=6c75b61b6b77937976d790fabd63b2392a2c1e26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:08:c7:3c:57:d5:ef:33:34:5e:b9:ce:f0:7a:
                    3f:e3:0a:82:2f:5b:59:9c:97:11:b3:37:fa:d3:3c:
                    c4:ab:90:ae:88:f1:7f:25:a9:34:ab:12:a3:d2:c4:
                    b6:ba:92:86:95:d9:49:47:eb:e0:28:99:50:56:5b:
                    57:7a:05:88:53:7a:7b:ce:37:9c:c2:d3:5f:27:f8:
                    61:65:4e:ca:6a:d5:13:64:2e:a2:fa:af:be:96:29:
                    30:25:0b:6c:54:a8:6b:a4:ed:46:68:4b:f7:a5:96:
                    54:44:39:a8:44:b2:e0:4f:20:f8:a1:7a:71:90:58:
                    6c:a3:f5:82:85:3f:c7:8a:8c:ec:7d:14:34:a7:e2:
                    14:87:16:d6:ec:e0:db:c3:8d:7c:55:a7:3d:df:cd:
                    ad:df:a4:97:1c:6a:a0:ae:e4:32:0b:4a:49:e9:46:
                    bc:d3:ca:ef:67:5c:59:8c:f4:55:32:a2:40:f8:0b:
                    0a:41:df:88:3d:06:50:3f:e3:97:c1:2e:d5:ee:01:
                    11:56:6e:8b:ae:72:c0:63:6d:2c:81:89:8d:36:c4:
                    3b:09:86:a3:ff:f2:70:b4:14:73:74:55:20:7e:d0:
                    fe:43:31:45:34:69:4f:d1:80:a8:28:a9:91:b5:f1:
                    94:5f:2a:a4:75:65:98:c3:83:d2:7b:27:fa:3f:3c:
                    0a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:75:B6:1B:6B:77:93:79:76:D7:90:FA:BD:63:B2:39:2A:2C:1E:26
            X509v3 Authority Key Identifier:
                keyid:6E:99:CC:CD:6F:0F:F2:6D:E8:ED:39:36:F4:A6:4B:EE:98:D9:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:f1:a9:52:09:dd:7a:7e:09:ef:5e:16:17:77:e5:d4:62:1c:
         5f:d8:06:e3:75:3d:77:0b:05:5d:03:0c:75:9d:3b:18:1b:bd:
         d8:74:3b:f8:71:1d:4b:e4:24:b8:94:4f:9f:e2:10:f2:36:c9:
         25:9c:be:47:ff:f5:b1:af:1a:58:73:8f:7a:db:5d:5c:13:b5:
         7c:08:c3:07:b8:ff:e5:66:72:cd:06:88:f2:8c:3b:9b:2a:74:
         97:a2:d3:86:cd:80:09:64:fd:fe:ed:d1:bb:d6:8b:cb:0f:6e:
         53:79:0d:ef:a6:d7:2c:ea:57:55:8f:c7:f6:6b:37:66:24:ba:
         0e:83:8d:5b:a9:c5:2a:24:d7:bb:57:f9:c8:6c:d8:1f:42:b1:
         c8:c4:ba:d1:6f:a4:43:71:5c:3a:29:b2:7f:78:85:c7:42:36:
         4a:b0:4a:5a:f6:4e:0b:cc:de:c4:49:75:5a:09:1f:fd:a8:90:
         94:91:c3:c4:91:c1:77:62:b5:e6:53:20:b9:db:da:71:0d:2a:
         a5:76:21:29:b1:0e:99:f6:d4:5c:b0:8f:a2:b2:f1:4d:ad:66:
         c8:c2:f2:af:95:d4:72:f4:54:1b:e5:4f:87:0b:dd:2a:c5:1e:
         23:70:ff:35:82:b3:43:e3:5d:18:c3:f6:c7:39:73:0a:29:8b:
         33:4b:2c:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZAnkT/CL0xEMlcH/DGwVshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOTljY2NkNmYwZmYyNmRlOGVkMzkzNmY0YTY0YmVlOThk
OWRjNjYwHhcNMjUwNDE2MjIwMDM2WhcNMjUwNDE3MjIwMDM2WjAzMTEwLwYDVQQD
Eyg2Yzc1YjYxYjZiNzc5Mzc5NzZkNzkwZmFiZDYzYjIzOTJhMmMxZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgjHPFfV7zM0XrnO8Ho/4wqCL1tZ
nJcRszf60zzEq5CuiPF/Jak0qxKj0sS2upKGldlJR+vgKJlQVltXegWIU3p7zjec
wtNfJ/hhZU7KatUTZC6i+q++likwJQtsVKhrpO1GaEv3pZZURDmoRLLgTyD4oXpx
kFhso/WChT/HiozsfRQ0p+IUhxbW7ODbw418Vac9382t36SXHGqgruQyC0pJ6Ua8
08rvZ1xZjPRVMqJA+AsKQd+IPQZQP+OXwS7V7gERVm6LrnLAY20sgYmNNsQ7CYaj
//JwtBRzdFUgftD+QzFFNGlP0YCoKKmRtfGUXyqkdWWYw4PSeyf6PzwKAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGx1thtrd5N5dteQ+r1jsjkqLB4mMB8GA1UdIwQY
MBaAFG6ZzM1vD/Jt6O05NvSmS+6Y2dxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYmU4MWEtYTQ5YS00NjgyLTgwZWUt
ZTdmMGI3ODliYzczLzEvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYmU4MWEtYTQ5YS00NjgyLTgwZWUtZTdmMGI3ODliYzcz
LzEvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvGpUgnd
en4J714WF3fl1GIcX9gG43U9dwsFXQMMdZ07GBu92HQ7+HEdS+QkuJRPn+IQ8jbJ
JZy+R//1sa8aWHOPettdXBO1fAjDB7j/5WZyzQaI8ow7myp0l6LThs2ACWT9/u3R
u9aLyw9uU3kN76bXLOpXVY/H9ms3ZiS6DoONW6nFKiTXu1f5yGzYH0KxyMS60W+k
Q3FcOimyf3iFx0I2SrBKWvZOC8zexEl1Wgkf/aiQlJHDxJHBd2K15lMgudvacQ0q
pXYhKbEOmfbUXLCPorLxTa1myMLyr5XUcvRUG+VPhwvdKsUeI3D/NYKzQ+NdGMP2
xzlzCimLM0ssOA==
-----END CERTIFICATE-----