Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          rnOzQIrrlKQnpf7oy4qCryJZFPl9vinnvSRPRBJtc4c=
Subject key identifier:   21:E1:3E:C7:70:E0:F4:95:BF:32:C5:94:01:C8:E1:7D:FF:6D:84:F5
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       0196C5A7C98D2763C49CF548399961C716DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          09C6
Signing time:             Mon 12 May 2025 18:00:29 +0000
Manifest this update:     Mon 12 May 2025 18:00:29 +0000
Manifest next update:     Tue 13 May 2025 18:00:29 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: dp2ChbKCtEFuC43k3+8JFtwEtOIpghIY82+Quk0yIms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:a7:c9:8d:27:63:c4:9c:f5:48:39:99:61:c7:16:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: May 12 18:00:29 2025 GMT
            Not After : May 13 18:00:29 2025 GMT
        Subject: CN=21e13ec770e0f495bf32c59401c8e17dff6d84f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:04:fc:27:10:96:c3:c0:17:d8:57:6d:f8:f3:
                    a4:5c:d7:19:b2:67:6b:fd:52:e3:9e:92:07:8f:a0:
                    fc:2d:24:b8:11:32:4f:51:d9:9c:7e:d0:35:6d:e4:
                    27:93:38:82:33:4e:32:db:ff:dc:ed:be:c8:37:64:
                    ea:9b:8e:1d:c6:92:59:e8:68:87:b9:3a:a0:ec:8e:
                    d5:52:b0:77:9f:ac:b3:cd:88:20:15:d6:38:73:d4:
                    65:02:66:01:6a:a8:07:b9:bc:c2:93:a6:bf:e4:52:
                    3b:3e:6b:4e:2a:b5:a0:58:23:2b:36:0f:88:c3:60:
                    58:ac:9f:ae:b1:83:85:98:f6:ae:d7:7e:92:f3:9d:
                    cd:4b:c7:9b:f7:e8:03:08:92:7e:fd:dc:ee:67:85:
                    4f:fc:64:95:35:f6:5a:97:6d:c8:63:92:d9:17:b0:
                    3d:c8:cf:19:75:e8:62:20:da:1d:ff:cf:80:5c:c6:
                    70:08:71:96:3c:3f:2b:be:e6:ce:d1:0f:45:56:e1:
                    98:1e:23:09:92:fc:56:2a:12:9a:20:7a:86:d9:b0:
                    05:a7:1e:bd:67:69:f1:e6:8a:50:19:94:c6:57:f5:
                    01:b1:d0:6e:09:18:cc:91:cd:97:cb:e6:dc:9d:f9:
                    80:98:6a:c2:53:ce:ed:ef:e4:58:85:ef:06:2d:5d:
                    c4:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:E1:3E:C7:70:E0:F4:95:BF:32:C5:94:01:C8:E1:7D:FF:6D:84:F5
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:71:d8:a9:3b:d7:d4:96:a9:7d:9d:b4:8a:f9:5e:df:f3:cd:
         28:95:84:1b:57:d9:33:09:44:5f:21:fb:3d:a1:e4:b9:68:77:
         b9:3a:6f:ff:58:b6:77:84:41:c4:1d:03:95:c2:65:a9:b7:69:
         47:45:56:81:a9:a1:4d:f0:f0:6e:c8:02:fd:f3:a6:a6:3b:b9:
         e3:62:a0:a2:dc:10:e0:b5:71:57:ed:2c:84:cd:30:df:e9:fe:
         58:15:4f:06:b4:c7:01:c2:be:96:9d:0b:c2:e6:de:91:4d:68:
         a4:80:b4:30:a9:39:26:63:57:10:17:b2:fb:54:57:93:1e:f5:
         60:48:e8:8f:3b:01:c2:2f:70:8b:17:67:fd:93:1a:84:17:ef:
         22:2d:8e:e4:f7:a3:b0:31:12:2e:98:f6:97:f0:d6:99:99:b3:
         69:f2:a8:af:e9:34:0d:59:f0:0c:dc:f3:42:cc:22:cb:84:6d:
         a6:c4:2b:38:92:b4:d8:99:b5:b3:15:8d:14:17:7a:9f:e4:af:
         e2:83:b1:d1:fd:4a:9a:b0:c3:d1:1f:f4:db:2a:d8:5c:58:c2:
         9c:75:c7:be:e7:17:ba:3d:eb:48:d3:53:4f:39:e9:f8:10:6a:
         03:86:12:4f:4f:10:92:7e:05:30:f0:fa:ef:f7:c1:1a:38:c8:
         c0:0d:18:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFp8mNJ2PEnPVIOZlhxxbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjUwNTEyMTgwMDI5WhcNMjUwNTEzMTgwMDI5WjAzMTEwLwYDVQQD
EygyMWUxM2VjNzcwZTBmNDk1YmYzMmM1OTQwMWM4ZTE3ZGZmNmQ4NGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngT8JxCWw8AX2Fdt+POkXNcZsmdr
/VLjnpIHj6D8LSS4ETJPUdmcftA1beQnkziCM04y2//c7b7IN2Tqm44dxpJZ6GiH
uTqg7I7VUrB3n6yzzYggFdY4c9RlAmYBaqgHubzCk6a/5FI7PmtOKrWgWCMrNg+I
w2BYrJ+usYOFmPau136S853NS8eb9+gDCJJ+/dzuZ4VP/GSVNfZal23IY5LZF7A9
yM8ZdehiINod/8+AXMZwCHGWPD8rvubO0Q9FVuGYHiMJkvxWKhKaIHqG2bAFpx69
Z2nx5opQGZTGV/UBsdBuCRjMkc2Xy+bcnfmAmGrCU87t7+RYhe8GLV3EMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHhPsdw4PSVvzLFlAHI4X3/bYT1MB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARXHYqTvX
1JapfZ20ivle3/PNKJWEG1fZMwlEXyH7PaHkuWh3uTpv/1i2d4RBxB0DlcJlqbdp
R0VWgamhTfDwbsgC/fOmpju542KgotwQ4LVxV+0shM0w3+n+WBVPBrTHAcK+lp0L
wubekU1opIC0MKk5JmNXEBey+1RXkx71YEjojzsBwi9wixdn/ZMahBfvIi2O5Pej
sDESLpj2l/DWmZmzafKor+k0DVnwDNzzQswiy4RtpsQrOJK02Jm1sxWNFBd6n+Sv
4oOx0f1KmrDD0R/02yrYXFjCnHXHvucXuj3rSNNTTznp+BBqA4YST08Qkn4FMPD6
7/fBGjjIwA0YMw==
-----END CERTIFICATE-----