Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft
File:                     BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft (raw, json)
Hash identifier:          OGodmZn6EIw5ood95vthqeXG3VJlDM2m7bvnHdw4GKA=
Subject key identifier:   9A:6F:34:E1:5A:14:C3:5E:97:A5:D3:47:2B:21:B1:9C:10:82:C1:8E
Authority key identifier: 04:BE:DB:61:54:A8:79:5D:C4:CE:EF:A6:7A:18:FE:DF:C6:52:15:94
Certificate issuer:       /CN=04bedb6154a8795dc4ceefa67a18fedfc6521594
Certificate serial:       0198D7A8D4B8CEB855519E2EEC74CDC6178F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft
Manifest number:          04DB
Signing time:             Sat 23 Aug 2025 16:00:22 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:22 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:22 +0000
Files and hashes:         1: BL7bYVSoeV3Ezu-mehj-38ZSFZQ.crl (hash: dgtM4BAaAaqgUsIdv2tREEt7bfjr4ShGyIfHOkgPa3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:d4:b8:ce:b8:55:51:9e:2e:ec:74:cd:c6:17:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04bedb6154a8795dc4ceefa67a18fedfc6521594
        Validity
            Not Before: Aug 23 16:00:22 2025 GMT
            Not After : Aug 24 16:00:22 2025 GMT
        Subject: CN=9a6f34e15a14c35e97a5d3472b21b19c1082c18e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c2:22:4a:22:cc:07:c0:30:87:7b:89:8d:18:
                    37:0d:4b:5b:e4:1c:ef:55:d0:41:49:7b:0c:b0:75:
                    ab:4e:5a:28:eb:02:1d:43:b7:22:ff:85:96:9b:cd:
                    ec:c4:6b:27:db:0b:7f:e8:b6:b7:67:c9:a9:cb:3b:
                    05:6f:7c:a5:fc:96:2b:41:ec:e2:c8:c5:52:9e:db:
                    5a:cb:9b:21:ba:f4:4f:ce:9c:bb:89:e0:e4:5d:d1:
                    ea:d3:54:65:87:1e:d5:a8:74:0a:70:a1:cd:a9:67:
                    4e:0d:90:42:c5:cd:8f:91:22:51:05:34:8c:f4:90:
                    70:04:4c:76:82:c0:2b:af:37:51:b9:76:b8:16:7a:
                    73:17:bf:aa:48:af:7e:f6:58:d3:ae:f4:0f:84:fb:
                    df:1b:e2:d1:15:3a:be:9b:4e:b9:79:fc:2f:7a:4a:
                    ca:7c:b0:fe:88:97:41:1e:55:23:f2:11:52:3b:e5:
                    8f:3f:a5:73:ff:0d:e5:49:93:ab:04:6f:6c:91:ac:
                    30:ac:4c:38:9d:43:e7:96:92:53:8e:1a:d6:9a:59:
                    7b:35:17:d4:62:f0:20:9b:4a:7f:0e:a0:de:07:8a:
                    d8:09:6c:86:68:c9:c6:17:d4:92:26:ef:84:7f:03:
                    ca:42:64:0c:95:3d:ae:d0:b1:23:e7:46:6f:01:26:
                    5d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:6F:34:E1:5A:14:C3:5E:97:A5:D3:47:2B:21:B1:9C:10:82:C1:8E
            X509v3 Authority Key Identifier:
                keyid:04:BE:DB:61:54:A8:79:5D:C4:CE:EF:A6:7A:18:FE:DF:C6:52:15:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:28:4f:5d:76:1f:87:82:74:d0:f2:ed:5e:f3:de:b7:0a:32:
         c0:e3:de:d3:b3:eb:13:de:be:ec:f6:8c:a7:2a:2e:4b:30:59:
         1e:67:ab:a0:98:47:c0:53:46:5a:ab:f1:62:5f:a1:1d:d7:e6:
         7d:66:4c:e0:a1:20:4a:f6:1a:38:b5:70:f0:f8:a3:cd:e0:83:
         c6:20:21:c9:9f:a5:32:55:56:a8:30:b1:1e:35:c2:83:66:8a:
         cb:a3:0e:b9:d7:0e:2b:32:f0:51:bb:b7:36:36:40:13:8b:f1:
         4e:59:5d:b8:bc:c5:6c:29:f1:37:cd:d1:c4:1e:87:48:3e:0a:
         21:ff:5b:75:87:b2:be:eb:20:8e:96:8e:af:ae:0f:5b:fb:7e:
         d8:c3:88:82:8b:55:ef:36:2d:a9:0d:cc:02:08:37:1a:51:d2:
         ec:65:73:5a:ab:42:50:10:6d:11:b6:01:0b:1e:9c:65:15:05:
         0e:83:1b:02:0e:83:e2:6c:23:07:fe:17:e7:5d:8e:1f:cb:f7:
         92:87:38:90:52:a7:ad:5e:35:c7:cf:09:d4:d6:92:20:bb:f7:
         fe:61:c8:f1:a9:6b:96:59:62:74:9a:f7:ab:69:61:dc:7f:40:
         33:1b:fc:fc:4e:f6:2c:16:04:b6:7d:40:5f:7f:16:5b:54:40:
         e1:4a:90:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqNS4zrhVUZ4u7HTNxhePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YmVkYjYxNTRhODc5NWRjNGNlZWZhNjdhMThmZWRmYzY1
MjE1OTQwHhcNMjUwODIzMTYwMDIyWhcNMjUwODI0MTYwMDIyWjAzMTEwLwYDVQQD
Eyg5YTZmMzRlMTVhMTRjMzVlOTdhNWQzNDcyYjIxYjE5YzEwODJjMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMIiSiLMB8Awh3uJjRg3DUtb5Bzv
VdBBSXsMsHWrTloo6wIdQ7ci/4WWm83sxGsn2wt/6La3Z8mpyzsFb3yl/JYrQezi
yMVSnttay5shuvRPzpy7ieDkXdHq01Rlhx7VqHQKcKHNqWdODZBCxc2PkSJRBTSM
9JBwBEx2gsArrzdRuXa4FnpzF7+qSK9+9ljTrvQPhPvfG+LRFTq+m065efwvekrK
fLD+iJdBHlUj8hFSO+WPP6Vz/w3lSZOrBG9skawwrEw4nUPnlpJTjhrWmll7NRfU
YvAgm0p/DqDeB4rYCWyGaMnGF9SSJu+EfwPKQmQMlT2u0LEj50ZvASZdBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpvNOFaFMNel6XTRyshsZwQgsGOMB8GA1UdIwQY
MBaAFAS+22FUqHldxM7vpnoY/t/GUhWUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkw3YllWU29lVjNFenUtbWVoai0zOFpTRlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMTczZTItNmM2ZS00MjdmLTljYWQt
M2M4NzA4ODczNGY2LzEvQkw3YllWU29lVjNFenUtbWVoai0zOFpTRlpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMTczZTItNmM2ZS00MjdmLTljYWQtM2M4NzA4ODczNGY2
LzEvQkw3YllWU29lVjNFenUtbWVoai0zOFpTRlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgChPXXYf
h4J00PLtXvPetwoywOPe07PrE96+7PaMpyouSzBZHmeroJhHwFNGWqvxYl+hHdfm
fWZM4KEgSvYaOLVw8PijzeCDxiAhyZ+lMlVWqDCxHjXCg2aKy6MOudcOKzLwUbu3
NjZAE4vxTllduLzFbCnxN83RxB6HSD4KIf9bdYeyvusgjpaOr64PW/t+2MOIgotV
7zYtqQ3MAgg3GlHS7GVzWqtCUBBtEbYBCx6cZRUFDoMbAg6D4mwjB/4X512OH8v3
koc4kFKnrV41x88J1NaSILv3/mHI8alrlllidJr3q2lh3H9AMxv8/E72LBYEtn1A
X38WW1RA4UqQOA==
-----END CERTIFICATE-----