Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
File:                     bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft (raw, json)
Hash identifier:          DdAquKjQnebdbZx1nfHX8jMIaioclG0mijn+DV6hxu8=
Subject key identifier:   09:7D:92:8D:10:43:8D:F9:78:08:B4:A5:D8:2D:27:7C:ED:33:36:02
Authority key identifier: 6E:99:CC:CD:6F:0F:F2:6D:E8:ED:39:36:F4:A6:4B:EE:98:D9:DC:66
Certificate issuer:       /CN=6e99cccd6f0ff26de8ed3936f4a64bee98d9dc66
Certificate serial:       0194C42C4E5BECB9FA269E9D61A6F554707C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
Manifest number:          13E0
Signing time:             Sun 02 Feb 2025 01:00:25 +0000
Manifest this update:     Sun 02 Feb 2025 01:00:25 +0000
Manifest next update:     Mon 03 Feb 2025 01:00:25 +0000
Files and hashes:         1: bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl (hash: Y+dsxBquPMGHNrkP3GaWvU1yaEGcVOpf0TDFLZr0cq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:2c:4e:5b:ec:b9:fa:26:9e:9d:61:a6:f5:54:70:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e99cccd6f0ff26de8ed3936f4a64bee98d9dc66
        Validity
            Not Before: Feb  2 01:00:25 2025 GMT
            Not After : Feb  3 01:00:25 2025 GMT
        Subject: CN=097d928d10438df97808b4a5d82d277ced333602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:9b:b2:bc:f3:63:be:a1:3d:39:b3:37:ff:55:
                    57:3d:a4:22:87:ca:2c:9f:04:e2:ee:e9:a1:0a:31:
                    1d:b5:b9:d9:71:7b:96:38:d9:ed:ca:c4:3e:26:24:
                    32:97:81:ae:a6:54:54:f2:a2:5b:5c:f3:ae:a0:e3:
                    bb:2f:21:3c:b4:1b:54:3d:f1:cb:4e:ec:79:1a:c4:
                    38:11:c4:b7:94:fa:c2:18:7b:9f:2a:94:97:cd:fb:
                    75:f9:be:c0:d0:63:6d:f0:24:b4:ee:6e:86:d9:39:
                    09:66:d5:55:17:12:2e:ee:4e:65:d4:cf:b7:4c:d8:
                    96:bb:53:5e:20:0c:d6:e4:10:e2:36:db:cf:6b:be:
                    85:c7:f4:c0:0b:19:9d:ae:92:ab:fc:09:f6:d6:fa:
                    b8:82:d6:7f:3d:56:27:af:8d:36:bf:e6:e1:f1:97:
                    44:55:ac:ac:75:81:a2:46:4e:4b:a0:ff:d4:c7:4a:
                    1d:42:dd:89:de:2b:7b:2f:a0:19:b6:02:1f:de:f2:
                    32:77:7d:0d:a5:4b:01:65:ba:c4:c5:22:2b:91:20:
                    2f:76:e5:da:00:62:d8:ed:d4:14:68:b5:83:6e:34:
                    f6:1a:01:8b:54:7f:24:da:17:89:6c:85:e0:78:db:
                    6b:7c:c9:d1:1c:e9:f5:ed:78:75:22:55:81:62:64:
                    12:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:7D:92:8D:10:43:8D:F9:78:08:B4:A5:D8:2D:27:7C:ED:33:36:02
            X509v3 Authority Key Identifier:
                keyid:6E:99:CC:CD:6F:0F:F2:6D:E8:ED:39:36:F4:A6:4B:EE:98:D9:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0be81a-a49a-4682-80ee-e7f0b789bc73/1/bpnMzW8P8m3o7Tk29KZL7pjZ3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:48:41:a0:52:11:48:6a:47:ba:2d:9a:3e:80:77:97:2c:4d:
         72:69:77:24:d1:c5:af:99:db:fb:e7:85:c2:4f:6c:b2:7a:62:
         a3:a3:cf:8d:4a:83:c9:81:07:a6:a5:7e:e7:09:f8:b0:bf:a2:
         fe:1f:ca:14:df:3a:5f:10:96:3b:96:17:42:c2:6d:ca:c5:db:
         31:50:7f:c1:23:4b:04:94:0c:98:25:d5:23:67:15:18:79:a3:
         5d:98:9b:3b:e5:28:56:88:3c:14:23:ee:14:fb:86:14:6e:52:
         80:26:ac:62:a7:c8:28:5c:7d:1c:52:c0:8b:85:42:f7:cb:52:
         44:0a:d1:c6:bb:56:f4:e8:50:e1:75:4a:a0:21:ab:03:7d:8f:
         de:f3:79:03:34:e1:d2:48:8b:d6:a3:2e:3f:83:05:13:80:59:
         a7:55:42:6d:ea:88:38:66:1a:0d:78:ef:1a:c2:3a:17:68:7a:
         5f:91:ec:35:6b:f8:61:ce:8e:b3:c3:26:d0:c2:7c:ed:21:5c:
         85:ff:02:0f:47:ad:70:ed:76:a9:b8:ee:a2:c3:18:1b:e2:e3:
         71:b1:83:7e:4b:c7:4a:cc:fe:e6:e5:7b:94:98:55:5b:be:79:
         d5:0d:9f:44:18:5c:5d:e6:9c:06:b3:46:3d:27:c8:c9:1c:6d:
         3e:98:d5:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELE5b7Ln6Jp6dYab1VHB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOTljY2NkNmYwZmYyNmRlOGVkMzkzNmY0YTY0YmVlOThk
OWRjNjYwHhcNMjUwMjAyMDEwMDI1WhcNMjUwMjAzMDEwMDI1WjAzMTEwLwYDVQQD
EygwOTdkOTI4ZDEwNDM4ZGY5NzgwOGI0YTVkODJkMjc3Y2VkMzMzNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZuyvPNjvqE9ObM3/1VXPaQih8os
nwTi7umhCjEdtbnZcXuWONntysQ+JiQyl4GuplRU8qJbXPOuoOO7LyE8tBtUPfHL
Tux5GsQ4EcS3lPrCGHufKpSXzft1+b7A0GNt8CS07m6G2TkJZtVVFxIu7k5l1M+3
TNiWu1NeIAzW5BDiNtvPa76Fx/TACxmdrpKr/An21vq4gtZ/PVYnr402v+bh8ZdE
VaysdYGiRk5LoP/Ux0odQt2J3it7L6AZtgIf3vIyd30NpUsBZbrExSIrkSAvduXa
AGLY7dQUaLWDbjT2GgGLVH8k2heJbIXgeNtrfMnRHOn17Xh1IlWBYmQS3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAl9ko0QQ435eAi0pdgtJ3ztMzYCMB8GA1UdIwQY
MBaAFG6ZzM1vD/Jt6O05NvSmS+6Y2dxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYmU4MWEtYTQ5YS00NjgyLTgwZWUt
ZTdmMGI3ODliYzczLzEvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYmU4MWEtYTQ5YS00NjgyLTgwZWUtZTdmMGI3ODliYzcz
LzEvYnBuTXpXOFA4bTNvN1RrMjlLWkw3cGpaM0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlkhBoFIR
SGpHui2aPoB3lyxNcml3JNHFr5nb++eFwk9ssnpio6PPjUqDyYEHpqV+5wn4sL+i
/h/KFN86XxCWO5YXQsJtysXbMVB/wSNLBJQMmCXVI2cVGHmjXZibO+UoVog8FCPu
FPuGFG5SgCasYqfIKFx9HFLAi4VC98tSRArRxrtW9OhQ4XVKoCGrA32P3vN5AzTh
0kiL1qMuP4MFE4BZp1VCbeqIOGYaDXjvGsI6F2h6X5HsNWv4Yc6Os8Mm0MJ87SFc
hf8CD0etcO12qbjuosMYG+LjcbGDfkvHSsz+5uV7lJhVW7551Q2fRBhcXeacBrNG
PSfIyRxtPpjVxw==
-----END CERTIFICATE-----