Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
File:                     BjnEhGuIwtcOMc5MD8y0z03qVDY.mft (raw, json)
Hash identifier:          Z08uT/9LOCxbEQgQKLRtTZNpgLqU/cWKEsZF+tbbERI=
Subject key identifier:   4E:3C:E4:CB:54:3E:45:3C:45:2C:B5:FA:79:67:4B:7F:0C:07:CB:F7
Authority key identifier: 06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36
Certificate issuer:       /CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
Certificate serial:       0196C80438FB00443EFAE97B0F0CAF682B95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
Manifest number:          1537
Signing time:             Tue 13 May 2025 05:00:41 +0000
Manifest this update:     Tue 13 May 2025 05:00:41 +0000
Manifest next update:     Wed 14 May 2025 05:00:41 +0000
Files and hashes:         1: BjnEhGuIwtcOMc5MD8y0z03qVDY.crl (hash: yTs1ctpEGLGW12QDXgvlaXaov12aB5QLdGfASQnbV4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:04:38:fb:00:44:3e:fa:e9:7b:0f:0c:af:68:2b:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
        Validity
            Not Before: May 13 05:00:41 2025 GMT
            Not After : May 14 05:00:41 2025 GMT
        Subject: CN=4e3ce4cb543e453c452cb5fa79674b7f0c07cbf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c8:3b:49:be:b1:81:3c:89:2e:62:34:49:98:
                    7e:60:10:10:40:df:68:62:09:4d:fc:14:a5:44:91:
                    25:fe:4e:de:41:2e:3c:10:ae:64:ab:5c:d4:b1:ce:
                    14:bf:44:6d:2c:ac:62:d4:ca:61:8e:73:f2:fe:a4:
                    38:e3:3a:02:0c:df:9c:e5:d2:6c:d1:57:8d:0f:c5:
                    8f:07:04:30:be:c2:95:33:b8:1a:46:bb:01:f5:bf:
                    52:26:2f:8c:58:9e:d2:b6:01:d4:d1:b4:70:f2:13:
                    1e:1b:4b:f7:a7:f1:29:43:fc:32:a5:1e:8d:0b:c9:
                    12:93:55:66:79:33:0b:03:40:45:6a:8b:b8:d7:c8:
                    7a:e3:de:92:7f:0e:b2:ba:dc:dc:7f:c5:d6:6d:01:
                    8d:26:51:39:9c:71:7d:cc:5e:92:02:e1:f8:4d:c2:
                    81:09:b7:6e:67:eb:17:eb:20:0c:c1:8c:07:b8:f7:
                    a5:a2:b9:07:76:a6:e1:73:cc:ec:36:fc:cb:85:ec:
                    68:a7:fe:b8:e8:3f:73:a6:6a:4f:e7:53:0e:3f:a3:
                    e2:ee:20:90:17:e2:83:38:ee:84:2a:ae:76:f5:eb:
                    35:76:b7:47:cd:26:4c:6e:13:90:c9:23:5f:97:a8:
                    5a:a0:aa:8f:f2:f8:a0:f1:48:9f:b0:70:54:dc:17:
                    22:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3C:E4:CB:54:3E:45:3C:45:2C:B5:FA:79:67:4B:7F:0C:07:CB:F7
            X509v3 Authority Key Identifier:
                keyid:06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:b7:fa:74:ce:63:24:3e:2c:5c:de:aa:ec:e0:a1:1e:5b:55:
         df:c0:03:19:ac:cb:f7:4a:b1:e5:7d:84:32:b1:d0:3d:e5:83:
         5b:d6:5e:23:67:7d:36:c5:35:60:50:c6:fa:3d:b2:ac:50:5f:
         9a:84:65:72:f3:78:1b:5a:20:dc:bd:c7:cc:09:2c:7d:26:6e:
         dd:88:3a:40:0c:38:c8:26:55:c5:41:55:d2:94:e6:5f:c3:20:
         ce:b7:ae:cb:f6:88:cb:4d:f8:d4:72:18:a8:96:18:70:d1:f8:
         7b:c4:2a:e3:21:6b:e9:e2:70:7b:2b:2c:a2:bf:7e:af:35:45:
         6c:e7:6a:24:be:2e:f3:ca:38:02:03:29:e8:c8:5d:a8:18:64:
         65:9f:3d:f7:d8:10:9f:56:53:24:e8:c1:60:85:71:aa:7d:30:
         0e:22:db:c5:48:54:b7:3f:9f:15:74:35:b7:c4:58:1f:49:29:
         6a:df:cd:3d:80:55:ff:f8:bd:1d:12:65:7f:84:6d:7c:da:3d:
         69:79:15:7d:13:00:fb:37:9a:52:36:9d:48:23:a5:2c:4c:47:
         8c:a4:6e:f9:27:61:a6:e9:79:8d:3b:f1:2b:fa:ed:65:cb:54:
         70:95:e6:60:fd:88:02:e2:ae:4e:f6:33:bf:a8:47:bf:1e:82:
         e8:a0:e7:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIBDj7AEQ++ul7DwyvaCuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzljNDg0NmI4OGMyZDcwZTMxY2U0YzBmY2NiNGNmNGRl
YTU0MzYwHhcNMjUwNTEzMDUwMDQxWhcNMjUwNTE0MDUwMDQxWjAzMTEwLwYDVQQD
Eyg0ZTNjZTRjYjU0M2U0NTNjNDUyY2I1ZmE3OTY3NGI3ZjBjMDdjYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMg7Sb6xgTyJLmI0SZh+YBAQQN9o
YglN/BSlRJEl/k7eQS48EK5kq1zUsc4Uv0RtLKxi1MphjnPy/qQ44zoCDN+c5dJs
0VeND8WPBwQwvsKVM7gaRrsB9b9SJi+MWJ7StgHU0bRw8hMeG0v3p/EpQ/wypR6N
C8kSk1VmeTMLA0BFaou418h6496Sfw6yutzcf8XWbQGNJlE5nHF9zF6SAuH4TcKB
CbduZ+sX6yAMwYwHuPelorkHdqbhc8zsNvzLhexop/646D9zpmpP51MOP6Pi7iCQ
F+KDOO6EKq529es1drdHzSZMbhOQySNfl6haoKqP8vig8UifsHBU3BciNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE485MtUPkU8RSy1+nlnS38MB8v3MB8GA1UdIwQY
MBaAFAY5xIRriMLXDjHOTA/MtM9N6lQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAt
MTk0OWQ2YjgwNDkxLzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAtMTk0OWQ2YjgwNDkx
LzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7f6dM5j
JD4sXN6q7OChHltV38ADGazL90qx5X2EMrHQPeWDW9ZeI2d9NsU1YFDG+j2yrFBf
moRlcvN4G1og3L3HzAksfSZu3Yg6QAw4yCZVxUFV0pTmX8Mgzreuy/aIy0341HIY
qJYYcNH4e8Qq4yFr6eJweyssor9+rzVFbOdqJL4u88o4AgMp6MhdqBhkZZ8999gQ
n1ZTJOjBYIVxqn0wDiLbxUhUtz+fFXQ1t8RYH0kpat/NPYBV//i9HRJlf4RtfNo9
aXkVfRMA+zeaUjadSCOlLExHjKRu+Sdhpul5jTvxK/rtZctUcJXmYP2IAuKuTvYz
v6hHvx6C6KDnaQ==
-----END CERTIFICATE-----