Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
File:                     BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft (raw, json)
Hash identifier:          3C95yi+j2b/fIGpgD1rk7XN9MGP3oPBldr6PmqtFO8U=
Subject key identifier:   B4:D4:14:23:32:74:6A:5A:74:0E:37:DE:0D:F1:C1:DC:FD:BC:E8:76
Authority key identifier: 04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E
Certificate issuer:       /CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
Certificate serial:       0198D6605AE5C4241E329F3FA5B1E56C09B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
Manifest number:          0B3B
Signing time:             Sat 23 Aug 2025 10:01:35 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:35 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:35 +0000
Files and hashes:         1: BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl (hash: gCp8CXV7KhtAU+GHGE7lbPZyvXRpkUs4FyXa2oZj3og=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:5a:e5:c4:24:1e:32:9f:3f:a5:b1:e5:6c:09:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04347fa51109ddecd6cd594c67bb02b2d5e7210e
        Validity
            Not Before: Aug 23 10:01:35 2025 GMT
            Not After : Aug 24 10:01:35 2025 GMT
        Subject: CN=b4d4142332746a5a740e37de0df1c1dcfdbce876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:44:4d:eb:16:80:66:70:a8:71:db:a7:37:57:
                    62:57:5a:d7:09:35:47:6c:5b:37:c3:dd:0d:d5:23:
                    83:96:62:c2:32:7d:6a:59:85:ff:cb:c4:6c:5d:55:
                    a3:35:b4:50:d8:ac:5c:59:a9:28:7c:ef:6c:97:2a:
                    61:12:54:92:38:59:44:91:ab:19:c4:fd:d7:66:e1:
                    6c:e3:8d:79:68:da:16:84:e3:54:1b:d6:b3:e3:7e:
                    71:73:3c:b6:6d:a9:d1:1d:22:26:02:f7:db:a4:58:
                    94:f4:b2:3f:b9:6c:8f:8c:ac:a2:21:1a:d1:79:27:
                    e9:3b:e6:bd:e7:14:b8:27:71:13:bf:1a:6f:0b:23:
                    90:df:3b:26:48:fc:6f:8c:a5:d1:14:f6:de:9b:68:
                    46:67:86:f4:be:7f:7f:05:2f:e3:a0:ad:8a:c7:d9:
                    01:c8:5f:ba:fd:22:64:ed:af:16:fc:d8:36:69:ec:
                    a2:99:93:8c:c8:e5:d3:4a:7c:b3:cd:3d:bf:af:90:
                    c0:8d:75:9d:f1:d8:35:87:55:a2:4f:15:3f:5a:61:
                    ab:7a:22:07:ad:5b:76:39:48:5f:ec:03:75:ec:40:
                    5a:5c:6f:2c:43:a2:40:72:91:38:57:de:6a:7e:31:
                    97:4f:c7:ce:11:68:7f:ca:0d:38:ed:2e:4a:83:0c:
                    26:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D4:14:23:32:74:6A:5A:74:0E:37:DE:0D:F1:C1:DC:FD:BC:E8:76
            X509v3 Authority Key Identifier:
                keyid:04:34:7F:A5:11:09:DD:EC:D6:CD:59:4C:67:BB:02:B2:D5:E7:21:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/916186-5572-40fc-9e2f-77eb53e82c5e/1/BDR_pREJ3ezWzVlMZ7sCstXnIQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:28:e8:2b:e0:14:e2:71:cc:d4:86:a4:34:80:a8:4f:a3:97:
         36:33:e5:d5:51:a8:be:c5:43:29:ac:df:61:4b:35:de:38:2e:
         43:bd:3c:d7:61:44:05:47:00:78:18:30:6c:e7:fa:f2:77:84:
         fc:47:b1:a3:6f:3f:b0:b4:32:05:bd:11:9c:49:bd:ba:36:fe:
         09:bb:01:a8:da:e8:0f:26:62:33:46:eb:4d:bd:4b:c3:08:42:
         01:27:82:a3:ec:dd:09:77:7e:fd:c2:0b:8b:b2:06:ff:1e:d8:
         82:60:c7:50:4c:63:6f:bd:b2:a5:37:6e:13:31:3b:31:b9:75:
         01:71:6f:43:1a:16:3b:02:43:d5:75:95:bd:27:cf:e2:ed:36:
         41:34:b0:17:49:36:06:98:e3:dc:9b:e5:f1:a8:3a:80:ef:cf:
         b0:e9:e6:20:dd:ca:81:1a:5e:76:e1:eb:3e:41:17:31:f8:2c:
         73:de:58:24:26:56:9f:cb:cb:d7:d1:8a:13:62:de:24:55:bc:
         05:87:c9:0e:0e:8c:aa:76:2a:c4:0b:d9:df:7f:f9:b3:d2:36:
         90:bf:e0:9a:4d:6d:0e:cf:89:c5:60:4b:d8:e1:c4:79:42:f7:
         de:c3:9c:0b:e2:48:2d:1b:c0:df:57:c5:40:48:97:88:1e:e1:
         96:c2:6b:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYFrlxCQeMp8/pbHlbAm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MzQ3ZmE1MTEwOWRkZWNkNmNkNTk0YzY3YmIwMmIyZDVl
NzIxMGUwHhcNMjUwODIzMTAwMTM1WhcNMjUwODI0MTAwMTM1WjAzMTEwLwYDVQQD
EyhiNGQ0MTQyMzMyNzQ2YTVhNzQwZTM3ZGUwZGYxYzFkY2ZkYmNlODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjERN6xaAZnCocdunN1diV1rXCTVH
bFs3w90N1SODlmLCMn1qWYX/y8RsXVWjNbRQ2KxcWakofO9slyphElSSOFlEkasZ
xP3XZuFs4415aNoWhONUG9az435xczy2banRHSImAvfbpFiU9LI/uWyPjKyiIRrR
eSfpO+a95xS4J3ETvxpvCyOQ3zsmSPxvjKXRFPbem2hGZ4b0vn9/BS/joK2Kx9kB
yF+6/SJk7a8W/Ng2aeyimZOMyOXTSnyzzT2/r5DAjXWd8dg1h1WiTxU/WmGreiIH
rVt2OUhf7AN17EBaXG8sQ6JAcpE4V95qfjGXT8fOEWh/yg047S5KgwwmawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTUFCMydGpadA433g3xwdz9vOh2MB8GA1UdIwQY
MBaAFAQ0f6URCd3s1s1ZTGe7ArLV5yEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYt
NzdlYjUzZTgyYzVlLzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTYxODYtNTU3Mi00MGZjLTllMmYtNzdlYjUzZTgyYzVl
LzEvQkRSX3BSRUozZXpXelZsTVo3c0NzdFhuSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyjoK+AU
4nHM1IakNICoT6OXNjPl1VGovsVDKazfYUs13jguQ70812FEBUcAeBgwbOf68neE
/Eexo28/sLQyBb0RnEm9ujb+CbsBqNroDyZiM0brTb1LwwhCASeCo+zdCXd+/cIL
i7IG/x7YgmDHUExjb72ypTduEzE7Mbl1AXFvQxoWOwJD1XWVvSfP4u02QTSwF0k2
Bpjj3Jvl8ag6gO/PsOnmIN3KgRpeduHrPkEXMfgsc95YJCZWn8vL19GKE2LeJFW8
BYfJDg6MqnYqxAvZ33/5s9I2kL/gmk1tDs+JxWBL2OHEeUL33sOcC+JILRvA31fF
QEiXiB7hlsJrFQ==
-----END CERTIFICATE-----