Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
File:                     BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft (raw, json)
Hash identifier:          NvZPmWlTjhixV1mmlBZ8mEj7tgXLoN0mQ1uSBbWRzb4=
Subject key identifier:   22:60:CE:3B:74:CD:B4:0A:AE:3F:8D:C6:37:AD:75:A6:AF:3C:D3:D9
Authority key identifier: 04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E
Certificate issuer:       /CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
Certificate serial:       0199FBEA8274689DA26FCB3D137D81F62B9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
Manifest number:          0BD3
Signing time:             Sun 19 Oct 2025 10:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:13 +0000
Files and hashes:         1: BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl (hash: 6q0ym6BNnojmZQusAiUevCQWtva+eWg0WKqmHhdP880=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:82:74:68:9d:a2:6f:cb:3d:13:7d:81:f6:2b:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
        Validity
            Not Before: Oct 19 10:01:13 2025 GMT
            Not After : Oct 20 10:01:13 2025 GMT
        Subject: CN=2260ce3b74cdb40aae3f8dc637ad75a6af3cd3d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e7:10:aa:ba:05:53:30:db:bf:3c:81:c5:15:
                    f0:7a:6a:75:7d:3e:fc:0e:54:96:64:44:03:f6:05:
                    56:71:ad:74:df:94:fe:b3:47:77:a3:20:d8:9a:e5:
                    43:8f:90:1b:fd:3e:36:9f:c2:2b:98:cc:9e:02:40:
                    81:f0:b7:55:b9:2c:fd:51:80:fc:b1:62:68:d2:b2:
                    95:68:2e:0e:02:8f:57:0b:71:7e:c8:d1:3b:07:08:
                    df:5b:a1:60:a9:03:9c:8b:78:3b:58:40:3e:af:c0:
                    2c:35:55:6c:d4:cc:07:1b:59:6f:b2:0d:1e:81:70:
                    d2:ff:66:09:f1:05:56:71:5d:32:dc:f8:c8:bc:5f:
                    6f:f7:a8:0d:6f:9f:3b:55:a8:82:2e:7c:a7:32:aa:
                    5d:a5:ac:e8:be:75:4b:de:1c:5e:30:a2:97:d8:20:
                    c7:3a:27:cb:79:b7:bf:b3:6d:92:45:a7:9c:67:92:
                    90:56:4a:8c:5c:4a:e5:f0:97:61:1a:9b:0c:d2:5f:
                    87:40:a5:c1:4f:fc:ac:ed:cf:be:60:41:03:b3:79:
                    1e:ca:f4:39:ad:48:1e:dd:e2:6e:46:53:2f:b4:94:
                    e9:f5:6b:d6:de:8b:b0:de:67:b7:8a:9f:81:42:92:
                    db:18:4a:38:2c:e9:cc:87:f7:25:5f:a2:8c:9d:f7:
                    63:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:60:CE:3B:74:CD:B4:0A:AE:3F:8D:C6:37:AD:75:A6:AF:3C:D3:D9
            X509v3 Authority Key Identifier:
                keyid:04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:52:32:79:93:d9:07:75:ae:fb:95:c6:e7:d9:fc:0d:48:f6:
         d2:10:7e:87:74:5e:e7:5c:31:0a:d1:7e:57:bc:17:86:00:31:
         cd:f1:6d:39:93:3a:1e:bf:a7:99:4a:51:0b:e1:34:f4:ea:16:
         2e:05:e6:20:eb:f0:e0:1b:01:ad:0f:ce:2a:cb:45:6b:cd:fa:
         4c:5c:ef:d1:70:be:3f:2d:cb:7f:d6:d3:c9:ee:2f:3f:c2:5b:
         e2:0c:74:dc:d7:4c:24:35:90:94:8b:8a:99:bb:80:2b:c8:6b:
         95:6b:fa:23:3d:71:c6:dc:e8:05:b0:62:1f:7b:4e:e2:bc:75:
         80:e5:e5:60:da:a5:45:7a:8b:9f:06:9f:d8:b3:7d:1f:df:75:
         bb:e7:66:c9:5b:aa:f2:56:7f:40:b3:28:52:08:ee:c7:97:4e:
         87:a4:7c:9b:af:68:20:e5:2e:bd:0e:df:74:87:ee:5a:98:11:
         39:90:82:00:10:c1:48:b8:9e:2d:d9:14:29:5b:ff:39:78:ae:
         f4:c6:62:88:51:97:cf:0d:2f:23:69:06:45:27:a5:4e:bd:be:
         3e:05:00:b9:68:14:23:1c:d0:ff:17:e8:09:a9:ac:28:62:69:
         fa:85:32:4a:6b:52:1d:42:f4:61:6f:cf:a1:83:da:cf:46:67:
         04:fd:47:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76oJ0aJ2ib8s9E32B9iucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MzQ3ZmE1MTEwOWRkZWNkNmNkNTk0YzY3YmIwMmIyZDVl
NzIxMGUwHhcNMjUxMDE5MTAwMTEzWhcNMjUxMDIwMTAwMTEzWjAzMTEwLwYDVQQD
EygyMjYwY2UzYjc0Y2RiNDBhYWUzZjhkYzYzN2FkNzVhNmFmM2NkM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOcQqroFUzDbvzyBxRXwemp1fT78
DlSWZEQD9gVWca1035T+s0d3oyDYmuVDj5Ab/T42n8IrmMyeAkCB8LdVuSz9UYD8
sWJo0rKVaC4OAo9XC3F+yNE7BwjfW6FgqQOci3g7WEA+r8AsNVVs1MwHG1lvsg0e
gXDS/2YJ8QVWcV0y3PjIvF9v96gNb587VaiCLnynMqpdpazovnVL3hxeMKKX2CDH
OifLebe/s22SRaecZ5KQVkqMXErl8JdhGpsM0l+HQKXBT/ys7c++YEEDs3keyvQ5
rUge3eJuRlMvtJTp9WvW3ouw3me3ip+BQpLbGEo4LOnMh/clX6KMnfdj5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJgzjt0zbQKrj+NxjetdaavPNPZMB8GA1UdIwQY
MBaAFAQ0f6URCd3s1s1ZTGe7ArLV5yEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYt
NzdlYjUzZTgyYzVlLzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYtNzdlYjUzZTgyYzVl
LzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFIyeZPZ
B3Wu+5XG59n8DUj20hB+h3Re51wxCtF+V7wXhgAxzfFtOZM6Hr+nmUpRC+E09OoW
LgXmIOvw4BsBrQ/OKstFa836TFzv0XC+Py3Lf9bTye4vP8Jb4gx03NdMJDWQlIuK
mbuAK8hrlWv6Iz1xxtzoBbBiH3tO4rx1gOXlYNqlRXqLnwaf2LN9H991u+dmyVuq
8lZ/QLMoUgjux5dOh6R8m69oIOUuvQ7fdIfuWpgROZCCABDBSLieLdkUKVv/OXiu
9MZiiFGXzw0vI2kGRSelTr2+PgUAuWgUIxzQ/xfoCamsKGJp+oUySmtSHUL0YW/P
oYPaz0ZnBP1HcQ==
-----END CERTIFICATE-----