Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          Pb9A930xpDWTUdyhRt0/jL5bV35w84tgDfbzsoNjxkE=
Subject key identifier:   8A:EA:9F:19:4C:D7:9F:7F:28:D2:F7:C8:F6:BC:63:8D:96:99:9F:CA
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       0196B935F3AB08D5E6A67384B2D360182B07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          0196
Signing time:             Sat 10 May 2025 08:00:42 +0000
Manifest this update:     Sat 10 May 2025 08:00:42 +0000
Manifest next update:     Sun 11 May 2025 08:00:42 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: sRlIEC06scuOtsmR85DSzz3h7qrs+QIAobKkcdqDZuw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:35:f3:ab:08:d5:e6:a6:73:84:b2:d3:60:18:2b:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: May 10 08:00:42 2025 GMT
            Not After : May 11 08:00:42 2025 GMT
        Subject: CN=8aea9f194cd79f7f28d2f7c8f6bc638d96999fca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e7:92:03:e2:1e:9e:25:42:5a:dc:11:9f:f3:
                    47:9f:18:4b:c2:8f:00:02:08:35:fd:f9:0c:a2:14:
                    68:5d:82:7a:43:a7:fb:78:48:86:74:09:80:70:62:
                    d5:e5:10:bf:70:65:4a:4a:94:d6:dd:e7:c5:af:82:
                    97:a2:b7:68:90:d3:28:e1:f3:aa:1c:fd:ee:06:da:
                    6f:d9:2a:e8:dc:15:b0:18:d2:30:59:10:ef:9b:2e:
                    20:44:76:dd:c5:ae:6b:89:5e:68:f6:b7:9c:77:86:
                    a5:e4:ef:9f:1b:dc:54:8b:9a:dc:67:e5:e6:19:50:
                    4a:bf:5a:e5:45:35:9f:68:ce:3a:1c:78:4d:8f:1d:
                    b5:c5:1b:6b:fd:78:02:84:c4:d1:de:15:e3:6a:7b:
                    78:cd:06:80:ed:0a:5b:47:43:63:a3:5f:e7:ea:b1:
                    4e:90:18:86:2b:c9:9c:dc:30:f1:0f:52:9e:a9:48:
                    9d:95:8f:30:d1:5e:2d:0c:93:42:ec:f3:d2:2f:b0:
                    fe:dc:95:78:73:7e:5c:a5:58:a2:ec:f1:9e:19:45:
                    d8:7f:36:a8:0c:ea:aa:8d:39:20:e9:aa:69:be:9d:
                    87:d1:d4:27:dd:8a:6b:4d:92:c3:29:7b:35:1b:58:
                    88:90:4c:8e:52:81:69:e2:35:02:43:cb:f3:61:23:
                    a1:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:EA:9F:19:4C:D7:9F:7F:28:D2:F7:C8:F6:BC:63:8D:96:99:9F:CA
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:83:66:75:08:af:af:de:9b:3a:a3:3a:6e:f8:8d:76:40:7e:
         87:2b:ab:e6:de:e0:e8:7a:cb:b8:48:fd:16:ea:77:9c:37:28:
         3b:7f:a9:57:a1:da:08:e5:ea:52:4b:42:30:0a:d4:62:a1:d9:
         e5:4e:76:76:85:5a:1e:2a:9c:10:0e:4d:3f:66:67:17:fa:c3:
         dd:16:28:74:63:cc:99:58:22:1b:d0:a8:57:6c:ae:88:bb:31:
         9b:87:eb:47:20:4b:90:13:60:b6:9c:94:d8:eb:14:f2:6c:f8:
         72:21:a9:1b:39:40:e0:fe:3b:ad:dc:73:fb:ed:0e:fe:c7:57:
         58:f5:ea:27:e6:64:70:e4:93:ee:62:6a:4e:64:7c:a0:21:b6:
         e2:db:ee:b8:0a:4c:bf:e5:8a:57:e6:46:3a:5d:dc:e5:7b:27:
         e4:78:d2:26:e3:a7:ac:a8:b0:18:52:ab:cc:5b:f3:e6:2f:af:
         d9:2f:2f:00:9f:18:39:e2:cd:6a:43:98:0f:bc:64:e8:77:12:
         7f:f2:6e:ed:d6:3d:46:93:12:62:3b:fc:fa:81:8f:32:c2:5e:
         19:ad:b0:d6:75:58:aa:f9:64:51:38:a8:11:1f:9f:74:36:7d:
         3c:cd:e8:3d:14:28:d3:9e:57:ac:7a:6e:2a:7b:70:da:0e:cb:
         34:19:77:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5NfOrCNXmpnOEstNgGCsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwNTEwMDgwMDQyWhcNMjUwNTExMDgwMDQyWjAzMTEwLwYDVQQD
Eyg4YWVhOWYxOTRjZDc5ZjdmMjhkMmY3YzhmNmJjNjM4ZDk2OTk5ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOeSA+IeniVCWtwRn/NHnxhLwo8A
Agg1/fkMohRoXYJ6Q6f7eEiGdAmAcGLV5RC/cGVKSpTW3efFr4KXordokNMo4fOq
HP3uBtpv2Sro3BWwGNIwWRDvmy4gRHbdxa5riV5o9recd4al5O+fG9xUi5rcZ+Xm
GVBKv1rlRTWfaM46HHhNjx21xRtr/XgChMTR3hXjant4zQaA7QpbR0Njo1/n6rFO
kBiGK8mc3DDxD1KeqUidlY8w0V4tDJNC7PPSL7D+3JV4c35cpVii7PGeGUXYfzao
DOqqjTkg6appvp2H0dQn3YprTZLDKXs1G1iIkEyOUoFp4jUCQ8vzYSOhcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrqnxlM159/KNL3yPa8Y42WmZ/KMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKINmdQiv
r96bOqM6bviNdkB+hyur5t7g6HrLuEj9Fup3nDcoO3+pV6HaCOXqUktCMArUYqHZ
5U52doVaHiqcEA5NP2ZnF/rD3RYodGPMmVgiG9CoV2yuiLsxm4frRyBLkBNgtpyU
2OsU8mz4ciGpGzlA4P47rdxz++0O/sdXWPXqJ+ZkcOST7mJqTmR8oCG24tvuuApM
v+WKV+ZGOl3c5Xsn5HjSJuOnrKiwGFKrzFvz5i+v2S8vAJ8YOeLNakOYD7xk6HcS
f/Ju7dY9RpMSYjv8+oGPMsJeGa2w1nVYqvlkUTioER+fdDZ9PM3oPRQo055XrHpu
Kntw2g7LNBl3kg==
-----END CERTIFICATE-----