Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
File:                     bnnOupU7B9qiKvPIqrKxzU4iSNA.mft (raw, json)
Hash identifier:          NTnvSGL7I8UNDRwJpiKFpUNZiAdFuruAjq/PBUK2KYc=
Subject key identifier:   DF:9E:9D:03:71:94:0A:B4:FE:31:03:0B:E9:17:D0:B9:B6:5E:D2:6A
Authority key identifier: 6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0
Certificate issuer:       /CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
Certificate serial:       01968390D01A8567F9A9E220ABA84925C895
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
Manifest number:          0598
Signing time:             Tue 29 Apr 2025 22:00:27 +0000
Manifest this update:     Tue 29 Apr 2025 22:00:27 +0000
Manifest next update:     Wed 30 Apr 2025 22:00:27 +0000
Files and hashes:         1: bnnOupU7B9qiKvPIqrKxzU4iSNA.crl (hash: flqwQ1cJjEtu0pCUG7otph9O1tUwxNkw2Q/MrInfuXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:90:d0:1a:85:67:f9:a9:e2:20:ab:a8:49:25:c8:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
        Validity
            Not Before: Apr 29 22:00:27 2025 GMT
            Not After : Apr 30 22:00:27 2025 GMT
        Subject: CN=df9e9d0371940ab4fe31030be917d0b9b65ed26a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:63:42:27:f2:82:63:95:d9:2b:cc:9e:8c:c5:
                    5a:ea:4b:64:72:ae:61:6f:3b:01:0c:c2:3c:f5:f2:
                    25:a5:3b:53:ef:e2:83:1e:8a:fa:92:a6:1a:64:b4:
                    c6:ae:63:46:33:9e:96:d1:6d:df:9b:c9:61:0f:fe:
                    d0:63:e0:60:79:bc:9f:3f:31:c9:18:49:e3:a9:8a:
                    44:60:d1:79:b2:89:b6:77:88:27:b1:02:2b:47:4b:
                    04:f8:af:fd:4d:d4:d9:91:21:83:78:70:ed:e9:33:
                    cf:d4:e7:0a:2e:cf:7c:5c:02:e5:8e:76:98:54:59:
                    e9:7a:87:b3:14:9d:21:34:ce:92:f9:dc:be:fb:39:
                    b2:fc:66:10:a4:04:97:c2:93:e1:20:b6:d3:6a:ad:
                    27:f9:3d:00:f3:e9:3f:27:1c:da:81:f0:86:ac:a3:
                    47:29:d7:cc:b2:c7:8a:d8:4d:26:95:62:40:e1:bd:
                    f5:4f:b9:18:5d:f4:fb:2b:04:e7:19:2b:ac:31:3e:
                    a9:fc:35:e3:07:eb:1e:8c:ba:51:c1:90:1f:c1:89:
                    99:36:ea:f4:05:11:33:6e:f1:3d:82:f6:67:ab:df:
                    1f:b0:2d:cf:fc:c6:82:72:f9:b9:cd:1d:81:9a:d6:
                    b0:c4:4b:06:27:dc:aa:e2:fd:d4:7a:aa:62:5c:ed:
                    6d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:9E:9D:03:71:94:0A:B4:FE:31:03:0B:E9:17:D0:B9:B6:5E:D2:6A
            X509v3 Authority Key Identifier:
                keyid:6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:e5:8f:12:3a:88:4f:91:9f:98:c2:72:35:99:33:ba:bb:1c:
         71:3f:7f:22:92:50:d4:de:df:8a:98:4c:ef:68:0e:c5:d9:5c:
         4f:16:67:b5:cb:ca:4a:76:7f:1c:ed:34:9c:39:87:1e:9c:09:
         d7:5c:d9:e5:ad:f4:bb:a7:12:34:80:ed:a6:d7:66:d6:5e:52:
         f9:d0:a5:c7:d3:1c:a6:6c:b8:83:91:7b:1a:8d:9c:cf:80:68:
         29:61:2b:6d:49:7e:b4:27:64:4d:88:cf:20:cb:75:97:52:38:
         3e:e0:7b:41:8f:ac:2f:9c:51:a5:29:83:c9:73:e2:1c:9c:dd:
         56:e9:b7:fc:ff:e5:6a:31:db:1f:f5:2c:87:07:7d:d5:7b:6d:
         b8:72:5f:92:7d:92:fa:7c:57:da:42:a5:7e:03:2f:b8:91:0a:
         96:e2:44:65:67:f4:64:34:50:ee:a9:89:a3:b1:df:7b:0c:e5:
         97:cf:2d:11:bf:5f:44:19:03:2a:9d:56:9d:03:7e:af:4b:41:
         b0:b0:b2:2e:b3:1d:c4:b7:b2:b9:30:76:1e:21:2e:44:ca:a7:
         83:90:a5:3f:b3:2a:b4:32:96:f3:59:49:40:26:c6:5b:f6:29:
         0b:2d:fb:70:26:68:09:bc:48:df:62:8b:81:20:f2:b6:f9:dc:
         01:24:ac:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkNAahWf5qeIgq6hJJciVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNzljZWJhOTUzYjA3ZGFhMjJhZjNjOGFhYjJiMWNkNGUy
MjQ4ZDAwHhcNMjUwNDI5MjIwMDI3WhcNMjUwNDMwMjIwMDI3WjAzMTEwLwYDVQQD
EyhkZjllOWQwMzcxOTQwYWI0ZmUzMTAzMGJlOTE3ZDBiOWI2NWVkMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmNCJ/KCY5XZK8yejMVa6ktkcq5h
bzsBDMI89fIlpTtT7+KDHor6kqYaZLTGrmNGM56W0W3fm8lhD/7QY+BgebyfPzHJ
GEnjqYpEYNF5som2d4gnsQIrR0sE+K/9TdTZkSGDeHDt6TPP1OcKLs98XALljnaY
VFnpeoezFJ0hNM6S+dy++zmy/GYQpASXwpPhILbTaq0n+T0A8+k/JxzagfCGrKNH
KdfMsseK2E0mlWJA4b31T7kYXfT7KwTnGSusMT6p/DXjB+sejLpRwZAfwYmZNur0
BREzbvE9gvZnq98fsC3P/MaCcvm5zR2BmtawxEsGJ9yq4v3UeqpiXO1t6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+enQNxlAq0/jEDC+kX0Lm2XtJqMB8GA1UdIwQY
MBaAFG55zrqVOwfaoirzyKqysc1OIkjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUt
MDdmZmI2NmM1NGRmLzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUtMDdmZmI2NmM1NGRm
LzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALOWPEjqI
T5GfmMJyNZkzursccT9/IpJQ1N7fiphM72gOxdlcTxZntcvKSnZ/HO00nDmHHpwJ
11zZ5a30u6cSNIDtptdm1l5S+dClx9Mcpmy4g5F7Go2cz4BoKWErbUl+tCdkTYjP
IMt1l1I4PuB7QY+sL5xRpSmDyXPiHJzdVum3/P/lajHbH/Ushwd91XttuHJfkn2S
+nxX2kKlfgMvuJEKluJEZWf0ZDRQ7qmJo7Hfewzll88tEb9fRBkDKp1WnQN+r0tB
sLCyLrMdxLeyuTB2HiEuRMqng5ClP7MqtDKW81lJQCbGW/YpCy37cCZoCbxI32KL
gSDytvncASSsVA==
-----END CERTIFICATE-----