Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          OS6WU0hB7CSFNOOSfyv5BVbknQ82fGDXaMr2thWv+es=
Subject key identifier:   74:3D:CD:E3:15:58:74:25:1D:06:EF:A2:B8:FE:7B:26:2D:CF:96:35
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       0196BF6FAF40F57DCD505E53666236E97326
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0BD4
Signing time:             Sun 11 May 2025 13:01:29 +0000
Manifest this update:     Sun 11 May 2025 13:01:29 +0000
Manifest next update:     Mon 12 May 2025 13:01:29 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: GWh1b9hb5q/XOlE9F1KN5qmZxZjpi4HdrE2D/nWVjiI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 13:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6f:af:40:f5:7d:cd:50:5e:53:66:62:36:e9:73:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: May 11 13:01:29 2025 GMT
            Not After : May 12 13:01:29 2025 GMT
        Subject: CN=743dcde3155874251d06efa2b8fe7b262dcf9635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:90:79:c3:da:64:9a:0e:92:88:12:99:06:ad:
                    11:de:81:ea:7a:65:f2:7c:13:1a:ef:77:d9:8a:d0:
                    dd:4b:5a:fc:f3:5d:bf:9c:bd:c6:48:11:3a:ed:e0:
                    e7:3e:18:56:fe:2a:3f:5a:b1:aa:8c:1d:d3:fc:42:
                    26:42:b2:30:71:a2:b9:28:84:42:ae:92:08:30:2a:
                    cf:3a:2f:c6:51:ca:e6:0c:a2:82:12:ed:a9:72:6c:
                    f0:a9:6e:4c:91:7b:36:ba:ad:35:13:8c:5d:da:36:
                    a0:03:90:f7:0d:b8:dd:9f:f4:40:4f:6d:8a:1e:dd:
                    42:ca:19:5d:cd:98:e8:8f:6c:db:56:4c:1d:45:86:
                    45:93:79:51:0f:89:22:8f:34:10:4c:01:4a:5a:1b:
                    12:0d:e0:42:00:e6:61:3b:50:49:e9:80:41:c0:58:
                    14:c1:33:ed:f8:80:0a:72:ef:cd:dc:84:ad:ee:5e:
                    40:23:83:4d:d2:52:5b:b7:ac:1b:10:12:9e:f4:95:
                    1e:b0:dd:8e:52:07:c0:8b:48:b3:e4:15:d3:eb:ac:
                    38:45:0b:aa:5c:df:af:3e:aa:f2:85:3d:bd:7d:d8:
                    3e:33:f2:f6:c2:54:54:14:20:48:f9:49:38:c4:49:
                    03:ca:0e:a3:d0:13:cd:b2:39:e5:45:d8:87:de:54:
                    c8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:3D:CD:E3:15:58:74:25:1D:06:EF:A2:B8:FE:7B:26:2D:CF:96:35
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:62:5e:cf:16:86:0f:a6:ba:be:5f:f6:10:fb:02:9b:38:a6:
         65:bc:c7:3e:b9:dd:d7:a8:ab:49:8c:8c:71:61:b6:c4:d6:44:
         c7:db:ab:b3:88:13:39:1f:67:ad:90:00:35:c3:76:31:fb:14:
         83:e5:2b:52:b5:79:da:1f:85:3c:b2:62:32:a3:d1:38:f4:de:
         ae:70:ff:fa:55:c6:e8:fa:04:62:27:53:c2:86:66:cd:77:eb:
         3e:56:67:cb:6a:23:6b:a4:fe:20:98:20:16:72:64:c8:ab:ad:
         ba:d5:ec:05:11:b2:2a:70:1f:f8:b1:25:43:22:e8:7f:38:38:
         f8:b0:65:b5:12:43:31:98:66:5a:40:ad:b9:34:7d:20:8e:77:
         88:9c:08:6d:58:b8:2b:62:1b:56:e5:c9:34:69:7c:18:aa:20:
         0b:8b:92:d9:0b:58:06:8d:96:cf:78:98:c7:27:31:28:ab:0c:
         3e:d7:2f:2e:cb:50:ec:02:fb:5e:03:47:9f:7a:f9:0c:1e:9b:
         05:65:2a:6b:f1:70:d9:b1:a2:02:49:24:ae:81:f5:c7:e5:48:
         cb:d9:4d:cb:a9:40:1f:bb:97:32:b4:b5:5a:de:2f:e5:ca:87:
         3e:82:d8:2a:11:5d:1c:54:95:9e:f0:40:ef:7b:b7:ff:95:e1:
         3c:1f:0f:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/b69A9X3NUF5TZmI26XMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjUwNTExMTMwMTI5WhcNMjUwNTEyMTMwMTI5WjAzMTEwLwYDVQQD
Eyg3NDNkY2RlMzE1NTg3NDI1MWQwNmVmYTJiOGZlN2IyNjJkY2Y5NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspB5w9pkmg6SiBKZBq0R3oHqemXy
fBMa73fZitDdS1r8812/nL3GSBE67eDnPhhW/io/WrGqjB3T/EImQrIwcaK5KIRC
rpIIMCrPOi/GUcrmDKKCEu2pcmzwqW5MkXs2uq01E4xd2jagA5D3Dbjdn/RAT22K
Ht1CyhldzZjoj2zbVkwdRYZFk3lRD4kijzQQTAFKWhsSDeBCAOZhO1BJ6YBBwFgU
wTPt+IAKcu/N3ISt7l5AI4NN0lJbt6wbEBKe9JUesN2OUgfAi0iz5BXT66w4RQuq
XN+vPqryhT29fdg+M/L2wlRUFCBI+Uk4xEkDyg6j0BPNsjnlRdiH3lTIdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQ9zeMVWHQlHQbvorj+eyYtz5Y1MB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPGJezxaG
D6a6vl/2EPsCmzimZbzHPrnd16irSYyMcWG2xNZEx9urs4gTOR9nrZAANcN2MfsU
g+UrUrV52h+FPLJiMqPROPTernD/+lXG6PoEYidTwoZmzXfrPlZny2oja6T+IJgg
FnJkyKututXsBRGyKnAf+LElQyLofzg4+LBltRJDMZhmWkCtuTR9II53iJwIbVi4
K2IbVuXJNGl8GKogC4uS2QtYBo2Wz3iYxycxKKsMPtcvLstQ7AL7XgNHn3r5DB6b
BWUqa/Fw2bGiAkkkroH1x+VIy9lNy6lAH7uXMrS1Wt4v5cqHPoLYKhFdHFSVnvBA
73u3/5XhPB8PIw==
-----END CERTIFICATE-----