Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
File:                     BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft (raw, json)
Hash identifier:          7NYFrVJmz6ziU8thXfMzOIwUUzuGXZAjgHtxW9y3+Vg=
Subject key identifier:   8F:50:DE:92:36:36:9F:4F:3F:79:CB:16:B7:6F:22:EA:7A:D5:CC:6F
Authority key identifier: 04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E
Certificate issuer:       /CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
Certificate serial:       0197B88F91F6CB0E969A2E4D678932DCE06C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
Manifest number:          0AA7
Signing time:             Sat 28 Jun 2025 22:01:46 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:46 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:46 +0000
Files and hashes:         1: BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl (hash: RM9EAuzZA2VIWFtaksai3EdPhhoIP4YLbTEuncqauXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:91:f6:cb:0e:96:9a:2e:4d:67:89:32:dc:e0:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
        Validity
            Not Before: Jun 28 22:01:46 2025 GMT
            Not After : Jun 29 22:01:46 2025 GMT
        Subject: CN=8f50de9236369f4f3f79cb16b76f22ea7ad5cc6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b7:fa:ab:ed:42:6c:89:de:e2:1a:69:a6:02:
                    aa:dc:7e:f4:b8:ad:f1:43:4b:70:ec:59:f4:52:e8:
                    c1:21:c2:da:0a:53:59:d3:4d:dc:a4:a5:82:ed:12:
                    ce:50:4d:85:25:74:6c:2b:39:97:4c:b2:71:4f:d1:
                    76:f2:80:33:4b:87:34:ad:2a:a1:15:15:30:dc:f8:
                    95:e7:4a:48:2b:9a:89:ac:a6:ef:1e:31:d9:26:18:
                    50:4f:66:d5:c2:b2:00:fb:49:3a:a0:54:51:5c:70:
                    ed:8a:c1:0a:ae:b3:ba:d2:2e:b3:07:f7:ba:de:27:
                    59:a3:5f:47:64:df:fb:65:fc:94:41:eb:bf:ce:33:
                    22:16:58:e6:e4:6f:75:91:aa:a5:7c:cc:36:76:f6:
                    9d:df:4f:61:9b:ad:2c:6f:f9:62:90:76:bf:d8:5c:
                    35:a1:9e:69:67:4d:51:c2:36:14:9b:e0:06:99:02:
                    6d:3f:17:c0:88:79:89:d8:7f:3f:b1:99:71:f5:6f:
                    21:0b:ef:e9:47:f9:6c:5b:93:19:24:75:ae:e9:8a:
                    f0:08:3b:08:28:64:e1:62:18:fd:8a:b3:f6:d7:2d:
                    55:8c:79:a4:7c:6a:c9:7e:37:df:eb:d0:b0:a2:0e:
                    5b:9b:44:f1:18:d0:97:02:42:c0:ef:ba:ed:ae:0c:
                    8a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:50:DE:92:36:36:9F:4F:3F:79:CB:16:B7:6F:22:EA:7A:D5:CC:6F
            X509v3 Authority Key Identifier:
                keyid:04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:5a:bc:3f:ab:bd:24:89:11:3b:33:e9:3f:92:1d:2f:80:ed:
         00:54:76:a7:3e:00:12:ad:71:c7:37:ce:88:95:b1:c2:22:cb:
         62:c8:42:54:16:be:45:48:e4:0e:92:33:48:15:f1:d5:e6:2f:
         1c:b4:f5:de:ea:23:a2:99:b1:8b:eb:77:b1:8a:44:ca:08:0f:
         c1:a2:c2:b4:60:ef:3c:0c:34:9b:b7:70:a2:92:1a:f2:eb:3c:
         95:e4:92:e3:fa:f0:9b:e8:08:50:f1:15:e5:f1:c9:8a:52:8b:
         44:ac:7f:a2:8a:a1:f2:76:42:dd:6c:aa:8a:e3:3e:58:b8:2e:
         e9:fa:1e:e2:1e:aa:7a:b9:9b:95:b1:75:16:70:8b:bd:12:3d:
         be:65:db:3a:ea:62:c1:f2:10:ae:2b:06:b1:8a:91:a3:05:8e:
         ba:ae:bc:cc:a9:4a:b8:a6:39:4c:b3:85:a7:cb:17:dd:58:49:
         e3:d5:2c:3f:2c:e8:64:8a:e2:05:bc:a5:1b:87:05:af:5a:02:
         ee:83:1c:f7:34:c7:ec:82:97:2e:28:ff:e7:d9:0c:15:2a:7a:
         23:92:3e:1c:fb:04:30:c8:99:6d:23:7a:19:83:e6:24:1a:4a:
         d1:49:72:b4:71:f9:b0:64:ec:64:e5:9e:ed:28:76:01:04:60:
         02:84:c4:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j5H2yw6Wmi5NZ4ky3OBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MzQ3ZmE1MTEwOWRkZWNkNmNkNTk0YzY3YmIwMmIyZDVl
NzIxMGUwHhcNMjUwNjI4MjIwMTQ2WhcNMjUwNjI5MjIwMTQ2WjAzMTEwLwYDVQQD
Eyg4ZjUwZGU5MjM2MzY5ZjRmM2Y3OWNiMTZiNzZmMjJlYTdhZDVjYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLf6q+1CbIne4hpppgKq3H70uK3x
Q0tw7Fn0UujBIcLaClNZ003cpKWC7RLOUE2FJXRsKzmXTLJxT9F28oAzS4c0rSqh
FRUw3PiV50pIK5qJrKbvHjHZJhhQT2bVwrIA+0k6oFRRXHDtisEKrrO60i6zB/e6
3idZo19HZN/7ZfyUQeu/zjMiFljm5G91kaqlfMw2dvad309hm60sb/likHa/2Fw1
oZ5pZ01RwjYUm+AGmQJtPxfAiHmJ2H8/sZlx9W8hC+/pR/lsW5MZJHWu6YrwCDsI
KGThYhj9irP21y1VjHmkfGrJfjff69Cwog5bm0TxGNCXAkLA77rtrgyKaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9Q3pI2Np9PP3nLFrdvIup61cxvMB8GA1UdIwQY
MBaAFAQ0f6URCd3s1s1ZTGe7ArLV5yEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYt
NzdlYjUzZTgyYzVlLzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYtNzdlYjUzZTgyYzVl
LzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN1q8P6u9
JIkROzPpP5IdL4DtAFR2pz4AEq1xxzfOiJWxwiLLYshCVBa+RUjkDpIzSBXx1eYv
HLT13uojopmxi+t3sYpEyggPwaLCtGDvPAw0m7dwopIa8us8leSS4/rwm+gIUPEV
5fHJilKLRKx/ooqh8nZC3WyqiuM+WLgu6foe4h6qermblbF1FnCLvRI9vmXbOupi
wfIQrisGsYqRowWOuq68zKlKuKY5TLOFp8sX3VhJ49UsPyzoZIriBbylG4cFr1oC
7oMc9zTH7IKXLij/59kMFSp6I5I+HPsEMMiZbSN6GYPmJBpK0UlytHH5sGTsZOWe
7Sh2AQRgAoTE2w==
-----END CERTIFICATE-----