Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
File:                     BjnEhGuIwtcOMc5MD8y0z03qVDY.mft (raw, json)
Hash identifier:          AmQPAw63LWn/Ajs7YrphDtgKMDEOufIkwVDV9/H1pL4=
Subject key identifier:   6F:DD:31:F1:DB:0B:FA:C7:25:83:04:3A:45:AE:7B:17:80:A9:71:B7
Authority key identifier: 06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36
Certificate issuer:       /CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
Certificate serial:       0197B77C902938097FE6B5C7160A3CA91A99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 17:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:23 +0000
Files and hashes:         1: BjnEhGuIwtcOMc5MD8y0z03qVDY.crl (hash: 5vIh3v5ZIdGQCiOrx8Eo7GmvrfRUtaRDLkQUTKe7XUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:90:29:38:09:7f:e6:b5:c7:16:0a:3c:a9:1a:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
        Validity
            Not Before: Jun 28 17:01:23 2025 GMT
            Not After : Jun 29 17:01:23 2025 GMT
        Subject: CN=6fdd31f1db0bfac72583043a45ae7b1780a971b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5c:b3:2e:6c:6f:50:c0:a5:4c:9e:85:0d:de:
                    c3:3b:f6:31:fe:0c:c5:26:ed:83:1b:f4:ea:a8:7c:
                    9f:13:9a:74:f7:95:6c:f6:a4:12:89:11:4f:f6:dc:
                    a1:f7:5d:53:43:55:38:5a:78:aa:40:c8:f9:5b:64:
                    53:c6:5f:db:fe:11:6a:a2:41:d0:cf:99:88:ee:42:
                    8b:f9:92:d9:03:d2:d2:00:9d:a6:b8:46:44:37:74:
                    fa:6e:4d:9c:d0:b3:ce:ee:25:f2:fa:19:48:ea:a4:
                    a3:f3:5c:96:c3:05:a7:50:90:b1:7f:1a:d8:3e:60:
                    94:38:d5:29:20:36:77:22:0a:a2:e1:92:0a:52:f2:
                    d1:96:35:63:b3:a1:0a:93:c6:22:b6:cf:c7:a4:19:
                    24:d0:ea:5a:9f:c3:70:91:cc:bb:dc:ca:aa:a4:73:
                    02:d5:70:96:f1:bb:a2:80:0d:c3:8d:8e:d5:33:bf:
                    6f:78:9a:34:ec:d1:ba:e6:0e:e9:0a:3b:fb:5f:ab:
                    d0:eb:ea:77:47:aa:9e:60:e6:fc:61:90:6b:01:ff:
                    f7:e9:16:a4:a3:4e:ed:c0:c2:1c:c1:cc:40:16:a3:
                    1c:e5:be:bb:4e:b3:2e:2f:c9:d4:7a:77:cd:86:7f:
                    e7:5c:71:3e:95:b9:1f:47:ed:02:60:3d:14:90:78:
                    92:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:DD:31:F1:DB:0B:FA:C7:25:83:04:3A:45:AE:7B:17:80:A9:71:B7
            X509v3 Authority Key Identifier:
                keyid:06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:f7:42:92:df:f2:bc:73:36:2b:80:85:8b:47:ac:ba:f2:20:
         ec:51:e3:5b:bf:e0:10:c7:4f:18:9f:20:c5:87:39:b7:ee:4f:
         2d:c9:02:62:8c:6c:42:e9:c9:c9:55:be:f7:f2:65:11:67:3f:
         ee:d7:58:5e:f7:e8:20:2d:cc:ec:8c:17:f2:25:46:69:da:29:
         b8:30:43:ec:f8:89:c5:71:e4:b7:65:15:a2:6c:1a:af:f4:b8:
         31:27:2c:ba:3b:52:75:19:d4:b4:0f:4b:08:95:2a:1b:48:43:
         05:e3:20:8e:05:a7:f3:cb:2c:05:26:32:20:92:bc:a3:3e:c0:
         15:86:d0:59:2f:93:e4:04:63:da:f2:bb:16:11:93:13:e3:3f:
         b9:cc:e6:62:02:0a:d3:f3:25:c1:0e:18:bf:21:71:f9:e3:57:
         78:76:0c:a6:84:25:dd:ce:a1:95:9d:31:53:09:80:fd:19:14:
         1a:d0:af:e1:6d:f0:b1:f6:d0:f5:a4:be:60:e9:0f:c1:f5:50:
         5d:b6:3b:84:f5:95:07:0a:6e:c4:cb:f0:ad:f0:57:18:ad:f9:
         59:4d:2e:79:86:3e:34:88:a9:03:c2:81:c9:12:d5:be:b4:f4:
         fb:f4:43:1a:51:12:70:4f:1a:b2:91:60:cc:62:2b:06:f6:69:
         46:e2:1a:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJApOAl/5rXHFgo8qRqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzljNDg0NmI4OGMyZDcwZTMxY2U0YzBmY2NiNGNmNGRl
YTU0MzYwHhcNMjUwNjI4MTcwMTIzWhcNMjUwNjI5MTcwMTIzWjAzMTEwLwYDVQQD
Eyg2ZmRkMzFmMWRiMGJmYWM3MjU4MzA0M2E0NWFlN2IxNzgwYTk3MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklyzLmxvUMClTJ6FDd7DO/Yx/gzF
Ju2DG/TqqHyfE5p095Vs9qQSiRFP9tyh911TQ1U4WniqQMj5W2RTxl/b/hFqokHQ
z5mI7kKL+ZLZA9LSAJ2muEZEN3T6bk2c0LPO7iXy+hlI6qSj81yWwwWnUJCxfxrY
PmCUONUpIDZ3Igqi4ZIKUvLRljVjs6EKk8Yits/HpBkk0Opan8Nwkcy73MqqpHMC
1XCW8buigA3DjY7VM79veJo07NG65g7pCjv7X6vQ6+p3R6qeYOb8YZBrAf/36Rak
o07twMIcwcxAFqMc5b67TrMuL8nUenfNhn/nXHE+lbkfR+0CYD0UkHiS0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/dMfHbC/rHJYMEOkWuexeAqXG3MB8GA1UdIwQY
MBaAFAY5xIRriMLXDjHOTA/MtM9N6lQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAt
MTk0OWQ2YjgwNDkxLzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAtMTk0OWQ2YjgwNDkx
LzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb/dCkt/y
vHM2K4CFi0esuvIg7FHjW7/gEMdPGJ8gxYc5t+5PLckCYoxsQunJyVW+9/JlEWc/
7tdYXvfoIC3M7IwX8iVGadopuDBD7PiJxXHkt2UVomwar/S4MScsujtSdRnUtA9L
CJUqG0hDBeMgjgWn88ssBSYyIJK8oz7AFYbQWS+T5ARj2vK7FhGTE+M/uczmYgIK
0/MlwQ4YvyFx+eNXeHYMpoQl3c6hlZ0xUwmA/RkUGtCv4W3wsfbQ9aS+YOkPwfVQ
XbY7hPWVBwpuxMvwrfBXGK35WU0ueYY+NIipA8KByRLVvrT0+/RDGlEScE8aspFg
zGIrBvZpRuIaxw==
-----END CERTIFICATE-----