Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          Ph1rnv1axcUtLkVYJUjvjMCdyO9S/dnw8GEQvrP1w2E=
Subject key identifier:   79:0D:58:42:30:6A:C9:A8:B4:A4:98:6E:40:38:A3:CE:5A:4C:58:FA
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       0197B77C9D585844BC741DA5952CDD64B435
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0D8C
Signing time:             Sat 28 Jun 2025 17:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:26 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: F9pa0eG8qOhSfstPeJtbamp+VIRddlo2tj0ZbDoOeKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:9d:58:58:44:bc:74:1d:a5:95:2c:dd:64:b4:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Jun 28 17:01:26 2025 GMT
            Not After : Jun 29 17:01:26 2025 GMT
        Subject: CN=790d5842306ac9a8b4a4986e4038a3ce5a4c58fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:dc:17:c5:5b:65:03:69:f4:46:bf:e9:5b:91:
                    c3:63:25:aa:1d:19:1e:84:18:a2:f9:e7:c8:1a:56:
                    52:66:b9:2e:a8:6b:29:15:02:4c:77:97:98:5a:52:
                    50:3e:38:ba:b6:6b:b1:7f:a6:7d:42:c3:c6:34:49:
                    81:ff:0a:d4:24:80:7b:dd:2c:a6:8f:18:1a:27:25:
                    4a:ae:37:a6:da:bd:d6:80:cd:97:5b:c5:65:92:ea:
                    b8:d5:22:0a:6f:36:14:a3:dc:94:ca:6f:b8:1a:0e:
                    2c:5a:b8:b1:a4:20:40:5c:79:53:f2:78:fb:c6:b8:
                    48:a8:e8:91:f4:9a:fb:da:8c:9b:ef:4a:dc:92:b0:
                    7a:99:ec:c1:64:5f:c9:28:39:cb:07:ed:9e:5f:c7:
                    d0:15:e4:60:f0:aa:89:de:af:19:37:cd:c0:fa:31:
                    72:32:27:5d:f7:9f:19:30:e5:30:16:a8:4c:a7:01:
                    f2:18:ba:ae:11:5e:75:ab:1a:58:67:b7:c8:69:fd:
                    b8:f0:26:1d:55:00:96:ed:12:76:90:c2:4f:55:3c:
                    8f:8f:73:37:e7:4b:00:a4:ed:2d:56:7a:6e:24:87:
                    7f:ca:f7:3f:cf:85:32:8b:32:80:e7:ee:e5:29:b9:
                    89:35:cf:2a:87:57:b4:34:a7:2b:9a:da:88:ae:f9:
                    7c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0D:58:42:30:6A:C9:A8:B4:A4:98:6E:40:38:A3:CE:5A:4C:58:FA
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:dc:6a:50:90:fc:33:c5:33:cb:7d:f7:66:b4:3c:cb:42:c2:
         0a:49:f4:1a:0a:66:58:ba:82:87:bd:41:51:2a:7a:be:12:35:
         9c:07:59:17:58:25:77:ae:13:36:7b:28:4b:82:6b:16:7c:cc:
         ed:95:91:b3:14:d5:5e:53:53:f4:17:c5:6e:a5:b0:a6:71:a5:
         85:4e:e2:af:e9:28:2e:05:ae:ac:d6:0e:fa:c9:cf:61:1c:71:
         c4:11:2a:43:f9:14:72:52:03:3c:d4:33:96:92:0b:6d:ff:3d:
         51:31:1c:d1:d5:ae:13:8c:35:c9:8a:97:34:29:68:d3:9e:46:
         a8:20:90:93:26:91:17:2d:5b:8a:87:c1:b0:3e:54:35:c3:d2:
         8a:34:0c:92:a5:c0:cb:46:8b:99:e7:0e:56:e7:db:eb:fd:ab:
         89:7d:89:8f:58:43:43:c1:0e:52:0f:2f:26:b4:1c:6d:ed:3a:
         ef:d2:5c:e3:05:87:cb:6b:92:92:f9:27:bc:19:15:4b:3e:ca:
         ba:44:10:a9:fa:fa:6f:3e:c2:7e:97:7c:ae:1b:72:80:d1:05:
         19:86:23:a9:66:30:aa:d4:46:f6:45:c6:f9:d6:25:c5:1c:4f:
         14:b9:73:f4:bf:06:4a:17:aa:e7:f2:6e:9e:33:b5:0d:dc:a2:
         c8:8a:8b:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJ1YWES8dB2llSzdZLQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwNjI4MTcwMTI2WhcNMjUwNjI5MTcwMTI2WjAzMTEwLwYDVQQD
Eyg3OTBkNTg0MjMwNmFjOWE4YjRhNDk4NmU0MDM4YTNjZTVhNGM1OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NwXxVtlA2n0Rr/pW5HDYyWqHRke
hBii+efIGlZSZrkuqGspFQJMd5eYWlJQPji6tmuxf6Z9QsPGNEmB/wrUJIB73Sym
jxgaJyVKrjem2r3WgM2XW8Vlkuq41SIKbzYUo9yUym+4Gg4sWrixpCBAXHlT8nj7
xrhIqOiR9Jr72oyb70rckrB6mezBZF/JKDnLB+2eX8fQFeRg8KqJ3q8ZN83A+jFy
Midd958ZMOUwFqhMpwHyGLquEV51qxpYZ7fIaf248CYdVQCW7RJ2kMJPVTyPj3M3
50sApO0tVnpuJId/yvc/z4UyizKA5+7lKbmJNc8qh1e0NKcrmtqIrvl8rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkNWEIwasmotKSYbkA4o85aTFj6MB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApdxqUJD8
M8Uzy333ZrQ8y0LCCkn0GgpmWLqCh71BUSp6vhI1nAdZF1gld64TNnsoS4JrFnzM
7ZWRsxTVXlNT9BfFbqWwpnGlhU7ir+koLgWurNYO+snPYRxxxBEqQ/kUclIDPNQz
lpILbf89UTEc0dWuE4w1yYqXNClo055GqCCQkyaRFy1biofBsD5UNcPSijQMkqXA
y0aLmecOVufb6/2riX2Jj1hDQ8EOUg8vJrQcbe0679Jc4wWHy2uSkvknvBkVSz7K
ukQQqfr6bz7Cfpd8rhtygNEFGYYjqWYwqtRG9kXG+dYlxRxPFLlz9L8GSheq5/Ju
njO1DdyiyIqLzg==
-----END CERTIFICATE-----