Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          9NDxnXQYCArYZDk46qJA9NzFF9WlE/upWRF7EqQqzos=
Subject key identifier:   13:7F:57:EC:40:E1:2C:74:F3:A7:22:70:5B:E2:43:28:42:9C:AE:DE
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       0196BC6DC46E445DCC836701FB6D23581597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0D0A
Signing time:             Sat 10 May 2025 23:00:32 +0000
Manifest this update:     Sat 10 May 2025 23:00:32 +0000
Manifest next update:     Sun 11 May 2025 23:00:32 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: veUhoJXFEGT0L4wz6/w6WLGmXBLU6wW0z5vYPVABkPs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:6d:c4:6e:44:5d:cc:83:67:01:fb:6d:23:58:15:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: May 10 23:00:32 2025 GMT
            Not After : May 11 23:00:32 2025 GMT
        Subject: CN=137f57ec40e12c74f3a722705be24328429caede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:57:af:44:aa:ff:22:aa:86:d4:56:f0:26:ed:
                    84:38:50:d8:6b:3d:4d:14:5f:39:40:a7:a6:7b:f0:
                    62:8c:7b:e6:d3:c7:fb:15:6f:8b:6d:d5:a1:93:f0:
                    95:78:6f:12:38:05:6e:a3:8f:e3:92:54:cb:e0:31:
                    31:75:83:c0:ce:08:76:7f:1e:d6:fe:7a:24:08:9f:
                    af:99:b4:a3:08:a9:54:ec:f1:f7:57:a7:70:76:60:
                    f7:18:53:43:11:8e:d5:78:44:06:2e:64:67:dd:0c:
                    2e:77:77:ef:e4:e9:51:21:1e:eb:61:4c:5f:88:19:
                    6b:87:67:fb:c8:07:f6:6a:60:47:46:15:58:f7:52:
                    00:dd:42:9f:05:ff:8d:c8:e7:9f:86:ac:b8:39:5a:
                    13:45:7e:d2:af:66:a5:f4:b8:53:0e:4c:ac:95:cf:
                    f7:22:51:29:2d:fa:f0:0b:59:35:33:11:bf:00:3a:
                    cf:d0:cf:6f:03:af:60:e9:06:c1:95:39:2f:5c:3f:
                    db:0b:f6:96:bd:69:e8:04:14:b9:ec:4a:16:91:b3:
                    cf:a2:43:58:04:22:a2:ca:b1:78:0f:e0:3b:c1:2b:
                    7a:1b:2f:52:90:7a:63:db:56:d1:6b:ec:bd:67:3b:
                    20:b8:5c:69:eb:a1:27:1b:04:f7:66:87:79:49:ef:
                    f9:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:7F:57:EC:40:E1:2C:74:F3:A7:22:70:5B:E2:43:28:42:9C:AE:DE
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:0d:dc:d1:a2:22:e5:cc:9a:d0:e2:e4:95:f2:4b:fa:09:5c:
         14:dc:bc:fc:4d:aa:99:ec:93:b1:f9:a1:99:37:09:74:0c:b6:
         b6:5b:93:5d:c2:67:04:62:f5:b9:e7:37:98:45:10:86:46:ca:
         7a:58:7f:2e:c6:76:54:15:04:5a:9c:ab:f7:27:8e:51:09:32:
         a1:59:d3:dd:26:8c:4a:d3:9f:18:b8:16:79:90:f5:66:41:ae:
         1e:47:ee:b6:66:e5:ff:67:b9:2f:d9:bd:12:b3:e9:d4:3e:d1:
         02:a5:65:f6:82:1c:d6:41:e9:9b:4c:20:6f:48:0b:3f:83:3f:
         0b:94:44:fc:d6:c9:8a:1e:ff:7e:f3:b2:68:ee:89:fe:32:df:
         12:d2:f5:ab:b8:43:07:be:a2:95:41:e1:30:96:1c:e5:9c:7c:
         fb:6f:ca:75:f4:20:12:0c:27:75:ff:e2:aa:86:70:ee:3a:f3:
         7c:ee:49:3d:ca:cb:27:79:7d:80:4a:46:a8:49:9c:d8:88:b0:
         25:7d:b4:06:e4:fe:cb:b2:92:62:73:1f:3d:1e:cf:f4:44:70:
         9b:41:c5:70:ba:49:6d:32:02:fc:92:73:11:cc:04:ca:df:d8:
         04:14:da:5c:36:56:98:6a:36:3a:5b:4f:e6:04:49:db:97:ad:
         e0:b9:4d:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8bcRuRF3Mg2cB+20jWBWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwNTEwMjMwMDMyWhcNMjUwNTExMjMwMDMyWjAzMTEwLwYDVQQD
EygxMzdmNTdlYzQwZTEyYzc0ZjNhNzIyNzA1YmUyNDMyODQyOWNhZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFevRKr/IqqG1FbwJu2EOFDYaz1N
FF85QKeme/BijHvm08f7FW+LbdWhk/CVeG8SOAVuo4/jklTL4DExdYPAzgh2fx7W
/nokCJ+vmbSjCKlU7PH3V6dwdmD3GFNDEY7VeEQGLmRn3Qwud3fv5OlRIR7rYUxf
iBlrh2f7yAf2amBHRhVY91IA3UKfBf+NyOefhqy4OVoTRX7Sr2al9LhTDkyslc/3
IlEpLfrwC1k1MxG/ADrP0M9vA69g6QbBlTkvXD/bC/aWvWnoBBS57EoWkbPPokNY
BCKiyrF4D+A7wSt6Gy9SkHpj21bRa+y9ZzsguFxp66EnGwT3Zod5Se/5uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBN/V+xA4Sx086cicFviQyhCnK7eMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANw3c0aIi
5cya0OLklfJL+glcFNy8/E2qmeyTsfmhmTcJdAy2tluTXcJnBGL1uec3mEUQhkbK
elh/LsZ2VBUEWpyr9yeOUQkyoVnT3SaMStOfGLgWeZD1ZkGuHkfutmbl/2e5L9m9
ErPp1D7RAqVl9oIc1kHpm0wgb0gLP4M/C5RE/NbJih7/fvOyaO6J/jLfEtL1q7hD
B76ilUHhMJYc5Zx8+2/KdfQgEgwndf/iqoZw7jrzfO5JPcrLJ3l9gEpGqEmc2Iiw
JX20BuT+y7KSYnMfPR7P9ERwm0HFcLpJbTIC/JJzEcwEyt/YBBTaXDZWmGo2OltP
5gRJ25et4LlNxQ==
-----END CERTIFICATE-----