Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          ++QvBP2MG4npYkVysK/zSU3BDgyOmNTWZiwLGMEiKs0=
Subject key identifier:   28:EB:54:F3:20:3C:75:C3:1F:4D:32:C7:1F:71:A5:4D:B9:13:57:98
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       0196B96C87A588C0CB07061569595D2A371F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          025C
Signing time:             Sat 10 May 2025 09:00:19 +0000
Manifest this update:     Sat 10 May 2025 09:00:19 +0000
Manifest next update:     Sun 11 May 2025 09:00:19 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: Zw3YSk8uuO+PJRGlmSCWiMZ5xcHlVmBkr5CKzHVwcb0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 09:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:6c:87:a5:88:c0:cb:07:06:15:69:59:5d:2a:37:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: May 10 09:00:19 2025 GMT
            Not After : May 11 09:00:19 2025 GMT
        Subject: CN=28eb54f3203c75c31f4d32c71f71a54db9135798
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:25:0e:df:59:4a:27:07:bb:aa:c4:ca:59:64:
                    42:b5:9c:35:fd:be:5d:ce:89:43:bb:6d:ab:5c:fd:
                    b0:3f:a9:f7:70:57:26:84:a2:ad:63:d2:37:8d:4a:
                    ae:38:f5:5d:77:06:4f:f2:4a:5e:1f:ed:86:bb:2d:
                    44:59:13:12:8a:5e:7b:da:d4:64:d3:ed:bb:07:28:
                    8b:c7:6e:c4:6c:7a:b0:0c:06:c3:54:65:fd:5d:38:
                    5b:b4:76:34:fc:d3:b8:ac:29:c0:c6:c8:d6:65:4b:
                    37:e7:d1:55:8e:46:9f:0f:8e:99:7d:b2:53:78:39:
                    d5:51:43:a7:81:6b:e0:e1:5d:01:42:78:c0:c0:28:
                    99:92:a0:77:df:47:75:ec:a1:d0:45:44:74:ec:19:
                    9c:75:14:b4:fb:be:60:d6:31:32:08:10:50:81:66:
                    0a:f8:38:ee:63:5f:0b:7e:dd:58:93:26:8c:3d:05:
                    08:82:6a:e7:fd:a6:db:82:9c:7c:0b:9f:3a:b2:12:
                    b8:82:61:9a:36:c9:9f:41:43:dd:a0:09:e4:2d:c7:
                    4d:c3:04:69:f8:e2:a7:cd:b9:b2:6a:35:75:41:d9:
                    c7:6a:5f:bd:49:ca:4c:1c:77:91:58:cd:55:2e:a6:
                    fe:6f:58:6a:14:2e:d2:a5:ce:c1:fa:d6:f9:36:44:
                    ce:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:EB:54:F3:20:3C:75:C3:1F:4D:32:C7:1F:71:A5:4D:B9:13:57:98
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:89:4a:ad:96:95:bf:92:46:b5:02:1b:ab:d4:25:6a:4c:7e:
         52:62:3e:ae:3c:c7:af:d2:98:49:eb:74:36:65:27:28:15:97:
         6c:d3:cd:6c:4b:60:57:db:92:89:67:d7:e2:42:cf:6a:db:b3:
         0a:98:48:c7:28:7a:ef:7c:c5:24:4f:1d:65:99:23:0c:4c:ac:
         c4:02:3c:63:59:3f:01:01:4b:68:d2:8d:04:b9:c7:11:0b:ba:
         5c:7c:d0:f7:a8:d3:57:c8:a2:5e:6c:c7:38:92:ac:34:a9:70:
         eb:ad:58:d8:32:17:f1:76:00:4f:02:3c:9a:b6:29:1d:ce:f5:
         cd:03:4e:38:fc:f6:4e:e1:fb:dc:29:9d:c8:51:8e:9a:03:12:
         d7:25:cc:4f:e3:f9:9f:79:b6:39:f6:87:11:03:d9:4e:b8:a0:
         ac:dc:f5:d6:ac:2d:27:7c:da:63:14:73:e4:63:d3:e3:76:06:
         9e:5f:b8:ad:1b:73:02:d6:e5:41:00:99:7a:49:f6:83:e3:63:
         82:74:d8:18:cc:cb:9b:a3:fe:5e:ae:19:69:29:40:b4:bb:41:
         1e:0c:46:0b:11:44:5a:98:87:4b:c6:f8:68:83:2a:bb:22:4d:
         0b:0a:74:63:cf:25:be:2f:7e:84:fb:7f:27:ef:a4:5f:e4:f6:
         c7:97:46:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5bIeliMDLBwYVaVldKjcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjUwNTEwMDkwMDE5WhcNMjUwNTExMDkwMDE5WjAzMTEwLwYDVQQD
EygyOGViNTRmMzIwM2M3NWMzMWY0ZDMyYzcxZjcxYTU0ZGI5MTM1Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSUO31lKJwe7qsTKWWRCtZw1/b5d
zolDu22rXP2wP6n3cFcmhKKtY9I3jUquOPVddwZP8kpeH+2Guy1EWRMSil572tRk
0+27ByiLx27EbHqwDAbDVGX9XThbtHY0/NO4rCnAxsjWZUs359FVjkafD46ZfbJT
eDnVUUOngWvg4V0BQnjAwCiZkqB330d17KHQRUR07BmcdRS0+75g1jEyCBBQgWYK
+DjuY18Lft1YkyaMPQUIgmrn/abbgpx8C586shK4gmGaNsmfQUPdoAnkLcdNwwRp
+OKnzbmyajV1QdnHal+9ScpMHHeRWM1VLqb+b1hqFC7Spc7B+tb5NkTO+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjrVPMgPHXDH00yxx9xpU25E1eYMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJIlKrZaV
v5JGtQIbq9Qlakx+UmI+rjzHr9KYSet0NmUnKBWXbNPNbEtgV9uSiWfX4kLPatuz
CphIxyh673zFJE8dZZkjDEysxAI8Y1k/AQFLaNKNBLnHEQu6XHzQ96jTV8iiXmzH
OJKsNKlw661Y2DIX8XYATwI8mrYpHc71zQNOOPz2TuH73CmdyFGOmgMS1yXMT+P5
n3m2OfaHEQPZTrigrNz11qwtJ3zaYxRz5GPT43YGnl+4rRtzAtblQQCZekn2g+Nj
gnTYGMzLm6P+Xq4ZaSlAtLtBHgxGCxFEWpiHS8b4aIMquyJNCwp0Y88lvi9+hPt/
J++kX+T2x5dG3w==
-----END CERTIFICATE-----