Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/485fb4-3027-46cc-bd67-809a4b7ab4b5/1/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.mft
File:                     BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.mft (raw, json)
Hash identifier:          8rTEbkmxAokVcYd2nIJwTo9q9pKWYCCpw3Uw/Ey85BA=
Subject key identifier:   68:89:5A:3B:9E:05:50:AF:A3:7D:BB:D8:28:F5:76:83:E9:81:66:2B
Authority key identifier: 05:F2:74:8C:B4:38:62:A1:04:B5:6F:8C:62:04:B6:20:97:06:55:8C
Certificate issuer:       /CN=05f2748cb43862a104b56f8c6204b6209706558c
Certificate serial:       0196C26FB163F8A39C4B2959655DC11397CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/485fb4-3027-46cc-bd67-809a4b7ab4b5/1/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.mft
Manifest number:          0C21
Signing time:             Mon 12 May 2025 03:00:21 +0000
Manifest this update:     Mon 12 May 2025 03:00:21 +0000
Manifest next update:     Tue 13 May 2025 03:00:21 +0000
Files and hashes:         1: BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.crl (hash: kPOAnbd/IbhTOzB8Bbh/nppm4mPWK/oxZy51TjQgCD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/485fb4-3027-46cc-bd67-809a4b7ab4b5/1/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/485fb4-3027-46cc-bd67-809a4b7ab4b5/1/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:6f:b1:63:f8:a3:9c:4b:29:59:65:5d:c1:13:97:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05f2748cb43862a104b56f8c6204b6209706558c
        Validity
            Not Before: May 12 03:00:21 2025 GMT
            Not After : May 13 03:00:21 2025 GMT
        Subject: CN=68895a3b9e0550afa37dbbd828f57683e981662b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d6:58:41:b5:24:56:ef:0d:3d:87:40:40:e6:
                    a2:05:bc:d7:d6:26:94:ff:09:e5:c7:b1:48:b8:c3:
                    02:3d:4b:a9:a3:31:aa:cd:ae:8c:e6:76:3e:63:3c:
                    27:78:7f:22:e1:d4:e9:37:8c:e7:6c:4c:23:b8:82:
                    c8:ec:58:72:5d:08:3c:3e:b9:3d:c0:7a:5c:f7:2a:
                    27:1e:67:cc:47:15:19:30:e3:6f:68:d7:e7:86:a4:
                    f9:4e:46:ff:b7:36:c9:e6:00:f8:f8:56:ce:b6:ff:
                    4e:0c:db:f0:22:75:a5:10:21:38:79:2d:e1:b9:09:
                    64:2a:a6:70:71:79:b3:45:ff:d6:de:f5:ac:9e:4b:
                    84:42:cd:1a:ea:e3:6a:66:f1:9a:fc:18:23:6c:29:
                    09:2a:0a:4c:db:c3:a2:29:5b:1a:bf:16:e4:de:59:
                    e3:8f:6e:99:b7:b7:12:06:23:28:9e:67:6f:ee:85:
                    ca:71:a7:9e:11:8c:fd:4c:5e:0b:2a:99:da:30:2c:
                    09:d5:94:ca:a6:63:e9:35:72:70:01:6e:85:00:2e:
                    e7:f5:db:df:93:f2:a0:23:f3:38:74:3d:10:e8:73:
                    73:b7:17:35:53:65:89:34:9e:fd:64:23:d3:d0:1c:
                    7d:eb:76:f9:0d:fc:f3:44:dd:84:79:da:a8:70:ee:
                    01:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:89:5A:3B:9E:05:50:AF:A3:7D:BB:D8:28:F5:76:83:E9:81:66:2B
            X509v3 Authority Key Identifier:
                keyid:05:F2:74:8C:B4:38:62:A1:04:B5:6F:8C:62:04:B6:20:97:06:55:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/485fb4-3027-46cc-bd67-809a4b7ab4b5/1/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/485fb4-3027-46cc-bd67-809a4b7ab4b5/1/BfJ0jLQ4YqEEtW-MYgS2IJcGVYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d3:9d:bf:af:85:65:f1:33:91:ba:e1:b5:05:05:64:db:3e:
         1b:e0:2a:95:29:7b:44:22:6b:ec:a0:bd:c5:74:05:da:72:58:
         56:95:d9:06:63:90:03:15:7b:bd:cc:de:50:17:9f:08:b2:42:
         f6:5a:5e:54:cb:05:14:e6:04:0d:9b:58:39:2f:4b:92:37:b2:
         74:42:01:dd:fe:09:46:ab:7e:69:33:5b:c3:ed:71:ed:8d:83:
         ac:a4:dc:5c:26:47:70:21:19:cb:24:79:b2:cb:b3:77:9c:c2:
         1b:ad:6c:cc:32:9f:60:c5:e1:06:d1:f1:a8:cd:da:32:3b:b3:
         fa:88:d1:2f:05:5a:84:fe:c3:e2:6f:fa:ce:d6:ef:7a:f2:64:
         ac:76:11:a3:ca:5d:ed:5c:da:19:39:44:79:8e:77:23:88:68:
         fd:2e:06:bb:6e:59:87:23:83:6e:f3:7e:7f:67:ee:2f:bf:26:
         c7:63:50:0e:3a:63:fa:42:34:f2:9d:0f:cf:95:b8:da:b5:93:
         79:6d:fe:7e:ea:62:e4:17:45:04:c7:18:0b:f8:8e:2d:30:6f:
         0b:f5:93:dd:57:30:6e:d1:a7:95:37:ce:c9:19:9d:03:55:9e:
         eb:e7:0b:db:39:6a:81:31:32:8e:7d:3d:40:f6:0e:36:97:ce:
         fb:1b:b1:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCb7Fj+KOcSylZZV3BE5fOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjI3NDhjYjQzODYyYTEwNGI1NmY4YzYyMDRiNjIwOTcw
NjU1OGMwHhcNMjUwNTEyMDMwMDIxWhcNMjUwNTEzMDMwMDIxWjAzMTEwLwYDVQQD
Eyg2ODg5NWEzYjllMDU1MGFmYTM3ZGJiZDgyOGY1NzY4M2U5ODE2NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9ZYQbUkVu8NPYdAQOaiBbzX1iaU
/wnlx7FIuMMCPUupozGqza6M5nY+YzwneH8i4dTpN4znbEwjuILI7FhyXQg8Prk9
wHpc9yonHmfMRxUZMONvaNfnhqT5Tkb/tzbJ5gD4+FbOtv9ODNvwInWlECE4eS3h
uQlkKqZwcXmzRf/W3vWsnkuEQs0a6uNqZvGa/BgjbCkJKgpM28OiKVsavxbk3lnj
j26Zt7cSBiMonmdv7oXKcaeeEYz9TF4LKpnaMCwJ1ZTKpmPpNXJwAW6FAC7n9dvf
k/KgI/M4dD0Q6HNztxc1U2WJNJ79ZCPT0Bx963b5DfzzRN2EedqocO4B1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiJWjueBVCvo3272Cj1doPpgWYrMB8GA1UdIwQY
MBaAFAXydIy0OGKhBLVvjGIEtiCXBlWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZKMGpMUTRZcUVFdFctTVlnUzJJSmNHVll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ODVmYjQtMzAyNy00NmNjLWJkNjct
ODA5YTRiN2FiNGI1LzEvQmZKMGpMUTRZcUVFdFctTVlnUzJJSmNHVll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ODVmYjQtMzAyNy00NmNjLWJkNjctODA5YTRiN2FiNGI1
LzEvQmZKMGpMUTRZcUVFdFctTVlnUzJJSmNHVll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNOdv6+F
ZfEzkbrhtQUFZNs+G+AqlSl7RCJr7KC9xXQF2nJYVpXZBmOQAxV7vczeUBefCLJC
9lpeVMsFFOYEDZtYOS9LkjeydEIB3f4JRqt+aTNbw+1x7Y2DrKTcXCZHcCEZyyR5
ssuzd5zCG61szDKfYMXhBtHxqM3aMjuz+ojRLwVahP7D4m/6ztbvevJkrHYRo8pd
7VzaGTlEeY53I4ho/S4Gu25ZhyODbvN+f2fuL78mx2NQDjpj+kI08p0Pz5W42rWT
eW3+fupi5BdFBMcYC/iOLTBvC/WT3VcwbtGnlTfOyRmdA1We6+cL2zlqgTEyjn09
QPYONpfO+xuxkw==
-----END CERTIFICATE-----