Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
File:                     BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft (raw, json)
Hash identifier:          b81r3H1g0BNnKLUuxF2XQS4C7aSyfcckXebuyTvAZQQ=
Subject key identifier:   85:BE:D5:86:04:AB:67:2B:A0:9B:2A:FD:4B:46:45:E7:66:39:39:4E
Authority key identifier: 04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E
Certificate issuer:       /CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
Certificate serial:       0196C15DD6785B1748BC040ABB573002419F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
Manifest number:          0A27
Signing time:             Sun 11 May 2025 22:01:14 +0000
Manifest this update:     Sun 11 May 2025 22:01:14 +0000
Manifest next update:     Mon 12 May 2025 22:01:14 +0000
Files and hashes:         1: BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl (hash: 1uUtJSzHq/L2fCSke2TZHB8sc8M0lchML2KpUuLGux8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:d6:78:5b:17:48:bc:04:0a:bb:57:30:02:41:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
        Validity
            Not Before: May 11 22:01:14 2025 GMT
            Not After : May 12 22:01:14 2025 GMT
        Subject: CN=85bed58604ab672ba09b2afd4b4645e76639394e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:e1:39:28:a5:bc:57:39:e0:5a:9e:1a:e5:4b:
                    5b:57:97:75:76:88:1c:1c:30:aa:9d:2e:cd:1e:d5:
                    76:17:c7:43:c8:1d:b6:8c:b0:12:be:99:1c:d9:40:
                    f2:b3:2c:f0:46:2c:6e:e1:ff:d4:f0:79:06:58:aa:
                    2a:93:90:cc:bc:45:0f:81:37:bb:d9:bc:1e:bb:79:
                    05:5f:5a:fd:37:6c:46:91:f3:17:86:8a:d6:2a:d5:
                    1a:2d:c7:53:6a:f2:7e:b2:d3:2c:25:3e:15:60:9b:
                    fb:94:67:97:73:6c:88:b1:1d:c8:4d:b2:c9:84:a2:
                    e3:fa:c5:d7:40:57:22:a2:38:dc:18:f5:31:19:cd:
                    d6:31:f5:b7:6c:9b:c0:fa:68:30:e0:06:e3:f5:76:
                    a4:f4:0e:f4:08:ff:49:ba:82:3f:d4:de:c4:70:f8:
                    73:d3:d6:9b:32:e5:29:6f:a9:1b:b3:13:1f:66:ff:
                    71:53:ed:7e:1a:52:61:90:98:80:37:7a:2d:39:c4:
                    e4:22:78:48:95:36:e1:f2:b4:d2:eb:7b:ad:0e:a9:
                    09:54:00:a7:21:57:dc:ac:70:eb:20:1c:c0:6b:60:
                    95:c9:e0:7b:1b:1a:10:14:8c:af:ea:a5:a5:c2:05:
                    c5:57:4a:f2:59:56:19:1f:3d:30:54:d2:13:32:99:
                    0e:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:BE:D5:86:04:AB:67:2B:A0:9B:2A:FD:4B:46:45:E7:66:39:39:4E
            X509v3 Authority Key Identifier:
                keyid:04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:e9:c9:b9:4a:75:8c:39:a8:0e:62:d7:c4:32:d1:4b:94:a6:
         7d:62:f6:fe:a2:8c:93:fb:22:2e:a6:f7:27:69:50:23:3d:4b:
         3d:db:bf:70:c1:02:18:3d:db:e0:9a:95:ab:39:43:d0:b9:db:
         47:1f:7c:c9:14:75:7d:b9:a3:63:8d:2d:7e:60:24:36:18:b9:
         5c:4a:8e:25:3b:76:a9:45:05:7e:3d:19:8f:b0:f6:0d:69:42:
         26:8c:22:4a:19:c2:71:fa:5d:bc:71:8c:80:93:fa:11:36:a1:
         b0:84:5f:e6:62:8c:1d:c3:24:c5:5c:23:e5:35:92:b4:33:e8:
         fe:9d:ab:c5:42:8f:9d:f4:4e:2d:56:93:b7:d8:8d:ec:9b:3d:
         ae:13:ef:65:31:77:b1:7d:3a:24:ac:ec:0d:f5:12:3c:44:f9:
         67:f8:23:43:33:18:e3:ba:f0:31:2d:a9:ef:12:83:5e:00:de:
         7f:e3:bb:83:c7:85:7c:72:93:45:10:3a:f8:2c:0a:4c:54:42:
         22:c7:b1:e1:a0:a6:58:89:92:14:9f:42:26:f0:e7:43:2f:49:
         0d:c3:27:6c:28:eb:c0:1e:96:ae:f7:74:d7:a7:f2:4f:d9:06:
         bb:90:71:68:8b:9b:5f:32:29:ca:32:58:01:39:f2:52:5f:7d:
         9f:c8:8c:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXdZ4WxdIvAQKu1cwAkGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MzQ3ZmE1MTEwOWRkZWNkNmNkNTk0YzY3YmIwMmIyZDVl
NzIxMGUwHhcNMjUwNTExMjIwMTE0WhcNMjUwNTEyMjIwMTE0WjAzMTEwLwYDVQQD
Eyg4NWJlZDU4NjA0YWI2NzJiYTA5YjJhZmQ0YjQ2NDVlNzY2MzkzOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OE5KKW8VzngWp4a5UtbV5d1dogc
HDCqnS7NHtV2F8dDyB22jLASvpkc2UDysyzwRixu4f/U8HkGWKoqk5DMvEUPgTe7
2bweu3kFX1r9N2xGkfMXhorWKtUaLcdTavJ+stMsJT4VYJv7lGeXc2yIsR3ITbLJ
hKLj+sXXQFciojjcGPUxGc3WMfW3bJvA+mgw4Abj9Xak9A70CP9JuoI/1N7EcPhz
09abMuUpb6kbsxMfZv9xU+1+GlJhkJiAN3otOcTkInhIlTbh8rTS63utDqkJVACn
IVfcrHDrIBzAa2CVyeB7GxoQFIyv6qWlwgXFV0ryWVYZHz0wVNITMpkOZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIW+1YYEq2croJsq/UtGRedmOTlOMB8GA1UdIwQY
MBaAFAQ0f6URCd3s1s1ZTGe7ArLV5yEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYt
NzdlYjUzZTgyYzVlLzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYtNzdlYjUzZTgyYzVl
LzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkunJuUp1
jDmoDmLXxDLRS5SmfWL2/qKMk/siLqb3J2lQIz1LPdu/cMECGD3b4JqVqzlD0Lnb
Rx98yRR1fbmjY40tfmAkNhi5XEqOJTt2qUUFfj0Zj7D2DWlCJowiShnCcfpdvHGM
gJP6ETahsIRf5mKMHcMkxVwj5TWStDPo/p2rxUKPnfROLVaTt9iN7Js9rhPvZTF3
sX06JKzsDfUSPET5Z/gjQzMY47rwMS2p7xKDXgDef+O7g8eFfHKTRRA6+CwKTFRC
Isex4aCmWImSFJ9CJvDnQy9JDcMnbCjrwB6Wrvd016fyT9kGu5BxaIubXzIpyjJY
ATnyUl99n8iMuQ==
-----END CERTIFICATE-----