Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          QlazGElziPk2W83Pjp0KPUk/j/QSlzOb+EyaMU2DU8E=
Subject key identifier:   79:85:FE:6A:1B:75:9C:70:3B:29:C5:29:56:42:48:6E:F5:5B:89:5C
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       0198D5F17F150244ED33888976AA4B59617F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          02AE
Signing time:             Sat 23 Aug 2025 08:00:30 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:30 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:30 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: H22cnGHIUx2Z0k584nHnxAx/CZOjgyga4o2o+8lrex4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:7f:15:02:44:ed:33:88:89:76:aa:4b:59:61:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Aug 23 08:00:30 2025 GMT
            Not After : Aug 24 08:00:30 2025 GMT
        Subject: CN=7985fe6a1b759c703b29c5295642486ef55b895c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:1a:aa:2f:99:93:4c:48:11:1c:a7:78:93:f4:
                    d6:6f:c5:ea:1d:ce:be:cc:2f:c6:eb:0d:ad:2b:7e:
                    a4:c8:4d:e5:b4:83:42:2b:19:f5:ce:16:d2:a8:ff:
                    fb:a4:25:84:af:1d:c7:fb:b2:86:b6:2b:7a:be:5c:
                    75:ef:c8:da:50:57:4d:b0:9a:76:69:d1:ab:a6:cf:
                    23:73:88:95:62:bd:88:87:6c:66:c2:c5:7a:b5:7c:
                    0a:d9:f9:91:1a:a1:8d:ab:43:7b:f7:42:31:13:a4:
                    9e:a7:8d:80:37:b7:43:ee:fc:3d:19:7b:f0:5c:bb:
                    b0:3b:d5:2b:af:fc:25:9d:a1:9a:a5:a5:d1:06:ea:
                    ed:a0:e1:7a:e7:c0:34:1f:1c:f4:e4:ea:94:65:0c:
                    4e:a3:fd:db:ba:a5:f6:eb:d8:50:59:1f:3d:71:9f:
                    19:7b:57:22:0b:2d:c0:3e:5e:72:2b:d8:4d:f8:5e:
                    cb:77:cd:11:8f:a8:28:dd:2c:d5:d2:ed:8d:66:1d:
                    04:72:01:99:d9:88:c7:94:25:01:0d:02:60:09:55:
                    23:a5:cd:e2:b7:68:89:1d:69:1f:9d:44:86:0b:6c:
                    9a:5c:c3:dc:a8:a2:f0:e2:f9:b8:ad:63:32:34:e8:
                    4f:b2:24:0c:16:dd:f9:bd:e9:33:a4:fd:51:12:eb:
                    f3:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:85:FE:6A:1B:75:9C:70:3B:29:C5:29:56:42:48:6E:F5:5B:89:5C
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:76:36:2d:86:c4:97:10:3b:8a:9b:27:a7:63:82:ae:16:bd:
         e0:cf:a0:c2:55:a8:0b:df:2b:ce:d6:f5:87:35:46:20:ac:90:
         6d:c5:0e:9b:f7:86:7d:a5:90:11:81:e4:61:9d:56:9f:f8:02:
         06:51:24:e7:37:93:35:8b:ef:7c:27:18:f4:f0:c0:54:b3:21:
         54:69:04:39:56:f0:cb:85:fa:a6:0b:59:25:8d:49:dc:8d:ed:
         0b:1b:51:1a:83:ab:b5:54:98:14:1e:b1:9a:2f:06:a5:b1:b7:
         cd:0c:a1:a1:37:4b:96:8a:dc:2a:02:d3:dc:51:d7:cc:6f:df:
         a2:7d:41:68:79:a9:18:9c:53:ff:b0:c1:6f:be:d9:e5:98:0f:
         85:8e:5d:77:a4:8c:32:d1:bd:89:62:61:b5:ad:2d:7e:75:65:
         df:f8:35:91:6a:04:33:98:35:31:58:5c:92:13:1c:e6:48:05:
         c2:80:ea:e4:ce:d2:75:35:62:ea:c4:df:b3:b5:eb:ae:01:12:
         cf:dd:04:4c:94:45:4f:26:f3:60:80:2c:a1:eb:e6:d8:bf:f3:
         60:b9:96:0a:ce:23:86:ad:7b:aa:a6:0c:09:57:a9:7d:f0:ee:
         d8:98:64:d5:b4:d1:e1:de:0a:96:9c:31:81:85:14:b3:16:5d:
         e4:04:23:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8X8VAkTtM4iJdqpLWWF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwODIzMDgwMDMwWhcNMjUwODI0MDgwMDMwWjAzMTEwLwYDVQQD
Eyg3OTg1ZmU2YTFiNzU5YzcwM2IyOWM1Mjk1NjQyNDg2ZWY1NWI4OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BqqL5mTTEgRHKd4k/TWb8XqHc6+
zC/G6w2tK36kyE3ltINCKxn1zhbSqP/7pCWErx3H+7KGtit6vlx178jaUFdNsJp2
adGrps8jc4iVYr2Ih2xmwsV6tXwK2fmRGqGNq0N790IxE6Sep42AN7dD7vw9GXvw
XLuwO9Urr/wlnaGapaXRBurtoOF658A0Hxz05OqUZQxOo/3buqX269hQWR89cZ8Z
e1ciCy3APl5yK9hN+F7Ld80Rj6go3SzV0u2NZh0EcgGZ2YjHlCUBDQJgCVUjpc3i
t2iJHWkfnUSGC2yaXMPcqKLw4vm4rWMyNOhPsiQMFt35vekzpP1REuvzdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmF/mobdZxwOynFKVZCSG71W4lcMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3Y2LYbE
lxA7ipsnp2OCrha94M+gwlWoC98rztb1hzVGIKyQbcUOm/eGfaWQEYHkYZ1Wn/gC
BlEk5zeTNYvvfCcY9PDAVLMhVGkEOVbwy4X6pgtZJY1J3I3tCxtRGoOrtVSYFB6x
mi8GpbG3zQyhoTdLlorcKgLT3FHXzG/fon1BaHmpGJxT/7DBb77Z5ZgPhY5dd6SM
MtG9iWJhta0tfnVl3/g1kWoEM5g1MVhckhMc5kgFwoDq5M7SdTVi6sTfs7XrrgES
z90ETJRFTybzYIAsoevm2L/zYLmWCs4jhq17qqYMCVepffDu2Jhk1bTR4d4Klpwx
gYUUsxZd5AQjCQ==
-----END CERTIFICATE-----