Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft
File:                     u-BbYYon9sEO-Zm8ltmqDL0UraU.mft (raw, json)
Hash identifier:          PELwi61PR6TxPnzucEerGXzSTurHQBcpsXV6H3jV0VI=
Subject key identifier:   67:15:A8:8A:AC:DA:50:76:51:30:EB:34:FA:4A:2B:E6:A1:28:1A:3F
Authority key identifier: BB:E0:5B:61:8A:27:F6:C1:0E:F9:99:BC:96:D9:AA:0C:BD:14:AD:A5
Certificate issuer:       /CN=bbe05b618a27f6c10ef999bc96d9aa0cbd14ada5
Certificate serial:       0196C427391A1E4AA7A8E3FBBD20C9FE8A68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-BbYYon9sEO-Zm8ltmqDL0UraU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft
Manifest number:          B9
Signing time:             Mon 12 May 2025 11:00:26 +0000
Manifest this update:     Mon 12 May 2025 11:00:26 +0000
Manifest next update:     Tue 13 May 2025 11:00:26 +0000
Files and hashes:         1: u-BbYYon9sEO-Zm8ltmqDL0UraU.crl (hash: 3/8+wWeFo2w4rt44P0jPHWddeSXHTN0pUMAtmWmegvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u-BbYYon9sEO-Zm8ltmqDL0UraU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 11:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c4:27:39:1a:1e:4a:a7:a8:e3:fb:bd:20:c9:fe:8a:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe05b618a27f6c10ef999bc96d9aa0cbd14ada5
        Validity
            Not Before: May 12 11:00:26 2025 GMT
            Not After : May 13 11:00:26 2025 GMT
        Subject: CN=6715a88aacda50765130eb34fa4a2be6a1281a3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:e9:4c:45:35:39:4d:fe:e5:1b:3b:d2:30:a6:
                    33:2b:df:db:dd:1c:99:f1:f6:cc:ac:5a:67:f5:65:
                    4d:94:41:85:a3:32:a5:e0:a2:09:98:71:95:5a:f5:
                    7c:ff:b2:12:2a:90:03:1b:85:86:13:64:15:6d:3e:
                    0f:fb:d7:5c:ef:d9:ef:f4:a2:44:9a:c3:b0:c0:25:
                    a0:45:aa:63:d1:fa:84:3c:33:a0:f6:fb:cf:7b:13:
                    64:7e:e0:38:fc:ff:2f:6d:7a:b0:d8:27:6c:cf:67:
                    c3:e1:d1:53:e9:fc:75:48:9a:15:a2:6f:fd:e4:c8:
                    36:4a:a3:08:b0:dc:d8:13:e0:b2:a2:e7:3b:80:10:
                    03:f4:47:4c:65:e2:a7:41:23:9d:31:59:25:a9:18:
                    db:e3:c7:ad:b0:df:bf:d6:a4:c8:b6:9e:2d:0c:11:
                    ba:56:14:61:08:a2:e9:76:fb:a8:35:38:c8:e3:f9:
                    78:9a:47:2c:fc:91:ff:6f:50:de:d9:92:cd:52:d1:
                    7a:b9:2c:a0:aa:99:ce:d9:28:a5:56:09:76:24:d5:
                    43:9f:22:8a:7b:39:ca:a4:b0:2c:cf:ee:b7:71:8a:
                    27:44:1c:a5:7c:18:14:72:c4:7e:14:14:ab:e1:34:
                    86:de:68:da:5d:b3:9d:f7:12:03:fe:88:3a:40:9c:
                    45:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:15:A8:8A:AC:DA:50:76:51:30:EB:34:FA:4A:2B:E6:A1:28:1A:3F
            X509v3 Authority Key Identifier:
                keyid:BB:E0:5B:61:8A:27:F6:C1:0E:F9:99:BC:96:D9:AA:0C:BD:14:AD:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-BbYYon9sEO-Zm8ltmqDL0UraU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:e8:a3:49:56:6a:c7:4c:a4:e0:ad:dc:d6:60:1f:f4:19:4f:
         d8:93:aa:ee:3a:b9:2a:94:b2:bb:25:9a:0b:9c:d0:ca:f6:a3:
         c0:e0:52:a0:f3:03:bb:f5:2f:93:39:af:32:60:cb:8e:c0:5b:
         ef:ff:09:4b:50:33:5c:9e:52:53:72:b5:05:39:c2:06:1b:a7:
         06:5e:09:79:1c:fd:e3:5e:cf:2c:c5:8c:be:d7:b6:44:ba:57:
         f0:ca:07:29:e3:5a:39:70:ea:50:04:83:c6:9c:38:24:57:6d:
         3b:7c:44:3c:f6:8a:96:6e:0e:69:ed:65:9b:46:25:71:5d:28:
         f2:a8:ff:7d:21:bc:a6:c9:12:07:e1:0f:b1:cc:2c:8f:c9:3b:
         e1:7f:28:cf:98:48:f9:f4:99:dc:7d:fa:eb:f0:88:eb:1d:59:
         22:51:60:79:a9:f2:6a:ec:60:69:26:b3:3b:49:65:39:48:3d:
         f3:15:38:fb:f6:10:25:1b:e8:d5:6a:1b:b6:5a:7f:be:94:9f:
         18:1d:61:24:8e:d3:f0:f2:16:a2:7b:71:b6:2b:39:11:57:41:
         8b:4b:6d:84:c4:aa:01:98:c9:85:97:c9:fa:9e:20:85:1f:53:
         1e:bb:69:0f:1d:00:5c:eb:f7:0e:02:c7:78:55:92:3c:ff:fc:
         7c:b6:11:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJzkaHkqnqOP7vSDJ/opoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTA1YjYxOGEyN2Y2YzEwZWY5OTliYzk2ZDlhYTBjYmQx
NGFkYTUwHhcNMjUwNTEyMTEwMDI2WhcNMjUwNTEzMTEwMDI2WjAzMTEwLwYDVQQD
Eyg2NzE1YTg4YWFjZGE1MDc2NTEzMGViMzRmYTRhMmJlNmExMjgxYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ulMRTU5Tf7lGzvSMKYzK9/b3RyZ
8fbMrFpn9WVNlEGFozKl4KIJmHGVWvV8/7ISKpADG4WGE2QVbT4P+9dc79nv9KJE
msOwwCWgRapj0fqEPDOg9vvPexNkfuA4/P8vbXqw2Cdsz2fD4dFT6fx1SJoVom/9
5Mg2SqMIsNzYE+Cyouc7gBAD9EdMZeKnQSOdMVklqRjb48etsN+/1qTItp4tDBG6
VhRhCKLpdvuoNTjI4/l4mkcs/JH/b1De2ZLNUtF6uSygqpnO2SilVgl2JNVDnyKK
eznKpLAsz+63cYonRBylfBgUcsR+FBSr4TSG3mjaXbOd9xID/og6QJxFrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcVqIqs2lB2UTDrNPpKK+ahKBo/MB8GA1UdIwQY
MBaAFLvgW2GKJ/bBDvmZvJbZqgy9FK2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1CYllZb245c0VPLVptOGx0bXFETDBVcmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82ZTAyYTktMDhhZC00NzQzLWI1Mzgt
ZjMwMjljMzliNjZlLzEvdS1CYllZb245c0VPLVptOGx0bXFETDBVcmFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82ZTAyYTktMDhhZC00NzQzLWI1MzgtZjMwMjljMzliNjZl
LzEvdS1CYllZb245c0VPLVptOGx0bXFETDBVcmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFuijSVZq
x0yk4K3c1mAf9BlP2JOq7jq5KpSyuyWaC5zQyvajwOBSoPMDu/UvkzmvMmDLjsBb
7/8JS1AzXJ5SU3K1BTnCBhunBl4JeRz9417PLMWMvte2RLpX8MoHKeNaOXDqUASD
xpw4JFdtO3xEPPaKlm4Oae1lm0YlcV0o8qj/fSG8pskSB+EPscwsj8k74X8oz5hI
+fSZ3H366/CI6x1ZIlFgeanyauxgaSazO0llOUg98xU4+/YQJRvo1Wobtlp/vpSf
GB1hJI7T8PIWontxtis5EVdBi0tthMSqAZjJhZfJ+p4ghR9THrtpDx0AXOv3DgLH
eFWSPP/8fLYRSA==
-----END CERTIFICATE-----