Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          gdJLdW4fWSamRkxcGrBxZq6uGs8YWnzTpIFEe3HVJdI=
Subject key identifier:   3E:D9:25:B5:E6:9A:FC:73:A9:79:98:BA:C2:1F:CD:AF:34:66:80:B2
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       0197B63265D1433EA5B2E4B6173ED2694318
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          0219
Signing time:             Sat 28 Jun 2025 11:00:45 +0000
Manifest this update:     Sat 28 Jun 2025 11:00:45 +0000
Manifest next update:     Sun 29 Jun 2025 11:00:45 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: zHRZ5ISCzSBmjWjzgKIfZkTni0p+m/Tf5wtiuxtzt0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:32:65:d1:43:3e:a5:b2:e4:b6:17:3e:d2:69:43:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Jun 28 11:00:45 2025 GMT
            Not After : Jun 29 11:00:45 2025 GMT
        Subject: CN=3ed925b5e69afc73a97998bac21fcdaf346680b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e5:b2:81:d8:89:8e:d2:48:d1:27:6d:0a:32:
                    81:e4:02:a1:4c:51:39:26:ce:9a:24:14:b5:7c:a8:
                    b7:d4:5c:d5:0d:01:01:80:92:e1:c4:14:81:98:0e:
                    d7:9c:e6:05:d3:cf:fb:44:e0:e8:98:58:81:10:01:
                    15:1c:55:7f:18:b2:a1:ff:7a:73:c1:b5:4d:44:5d:
                    9f:71:53:c2:dd:0e:19:96:1f:a2:50:11:0e:d5:82:
                    62:23:c7:cb:74:1f:84:df:47:8d:58:00:2d:d7:15:
                    f6:11:96:7d:a4:eb:ae:2f:37:09:cb:07:2c:03:6d:
                    b1:3b:e4:9c:ea:96:13:67:80:7b:41:af:fe:8a:e6:
                    51:d4:af:fc:30:0e:67:ce:ec:6c:6e:11:21:d3:c4:
                    0a:c6:26:0b:4a:b0:c4:7d:70:1e:68:fd:d1:8d:62:
                    51:39:c4:85:58:35:2c:73:fa:b5:72:c9:82:8a:4f:
                    c0:11:44:d8:cc:3a:98:40:c5:8a:79:7b:26:64:ae:
                    e7:31:3f:5e:d0:37:b6:c0:ba:72:ac:f0:de:6c:95:
                    d7:63:46:99:22:c8:40:c8:61:90:7b:66:68:14:46:
                    ee:9e:cc:e1:b3:f6:56:0e:e7:e0:23:44:d9:e0:7e:
                    0f:04:ae:97:0c:7b:49:77:48:d9:30:d3:9c:c7:6f:
                    d7:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D9:25:B5:E6:9A:FC:73:A9:79:98:BA:C2:1F:CD:AF:34:66:80:B2
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:b6:06:fc:48:85:92:dd:e8:ae:b9:4e:21:d9:53:82:94:b5:
         16:93:c3:ce:f4:5d:f6:7f:8f:6a:21:cc:2f:86:99:db:2d:9d:
         c6:c1:14:35:22:04:bc:67:ca:ad:f9:1c:44:3b:9e:99:f4:64:
         ce:e9:30:00:70:fc:83:98:27:04:7b:2b:db:f6:6c:e6:7b:2a:
         aa:90:3a:61:ae:a3:6a:9f:b8:86:52:33:5a:62:65:9d:6d:24:
         25:6f:11:d0:82:e5:5d:a3:9d:d4:0b:05:b9:f7:e3:78:af:f4:
         12:c6:30:92:ab:34:ac:17:1a:41:70:1f:e2:06:56:88:4a:c6:
         c0:66:fc:7b:e7:d2:1c:b5:71:bb:94:fb:d8:9e:de:20:3f:2a:
         a1:d2:6c:3b:4b:3d:d2:9a:a4:bd:24:9b:dc:89:ec:0a:dd:90:
         d1:23:d8:68:cc:c9:26:e5:54:83:ac:bd:bd:0c:fb:4f:3b:e7:
         65:cb:38:24:f4:8c:65:51:b5:d0:7d:b3:43:dc:11:2a:6e:a3:
         4e:8e:bd:1f:c3:7f:db:95:8e:28:69:42:7c:06:92:2a:2a:d2:
         8f:93:64:ff:e3:81:b7:e2:9e:6b:54:03:99:a8:c9:09:ff:65:
         fd:58:c7:c4:cf:1c:07:d6:f1:ed:81:7b:f6:2a:a1:51:d1:3e:
         88:71:dc:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MmXRQz6lsuS2Fz7SaUMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwNjI4MTEwMDQ1WhcNMjUwNjI5MTEwMDQ1WjAzMTEwLwYDVQQD
EygzZWQ5MjViNWU2OWFmYzczYTk3OTk4YmFjMjFmY2RhZjM0NjY4MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOWygdiJjtJI0SdtCjKB5AKhTFE5
Js6aJBS1fKi31FzVDQEBgJLhxBSBmA7XnOYF08/7RODomFiBEAEVHFV/GLKh/3pz
wbVNRF2fcVPC3Q4Zlh+iUBEO1YJiI8fLdB+E30eNWAAt1xX2EZZ9pOuuLzcJywcs
A22xO+Sc6pYTZ4B7Qa/+iuZR1K/8MA5nzuxsbhEh08QKxiYLSrDEfXAeaP3RjWJR
OcSFWDUsc/q1csmCik/AEUTYzDqYQMWKeXsmZK7nMT9e0De2wLpyrPDebJXXY0aZ
IshAyGGQe2ZoFEbunszhs/ZWDufgI0TZ4H4PBK6XDHtJd0jZMNOcx2/XcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7ZJbXmmvxzqXmYusIfza80ZoCyMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLYG/EiF
kt3orrlOIdlTgpS1FpPDzvRd9n+PaiHML4aZ2y2dxsEUNSIEvGfKrfkcRDuemfRk
zukwAHD8g5gnBHsr2/Zs5nsqqpA6Ya6jap+4hlIzWmJlnW0kJW8R0ILlXaOd1AsF
uffjeK/0EsYwkqs0rBcaQXAf4gZWiErGwGb8e+fSHLVxu5T72J7eID8qodJsO0s9
0pqkvSSb3InsCt2Q0SPYaMzJJuVUg6y9vQz7TzvnZcs4JPSMZVG10H2zQ9wRKm6j
To69H8N/25WOKGlCfAaSKirSj5Nk/+OBt+Kea1QDmajJCf9l/VjHxM8cB9bx7YF7
9iqhUdE+iHHcdw==
-----END CERTIFICATE-----