Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          5q2YYQqGzIwA8QeYkmhyybb+fE9IdRc+knPT667Jmao=
Subject key identifier:   0B:C9:F8:B0:FC:C6:41:55:B0:C6:58:C0:C9:A4:06:AF:B2:E7:90:66
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       0196827E9E615C621B9A87BCE89A4F028C70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0CEC
Signing time:             Tue 29 Apr 2025 17:00:58 +0000
Manifest this update:     Tue 29 Apr 2025 17:00:58 +0000
Manifest next update:     Wed 30 Apr 2025 17:00:58 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: JVI3tvbZrHjmoS/VaYHhWWuUkRksFWIKbtNND0Eaml0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:7e:9e:61:5c:62:1b:9a:87:bc:e8:9a:4f:02:8c:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Apr 29 17:00:58 2025 GMT
            Not After : Apr 30 17:00:58 2025 GMT
        Subject: CN=0bc9f8b0fcc64155b0c658c0c9a406afb2e79066
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:df:86:e7:34:eb:e8:d2:2d:3c:de:9b:c4:72:
                    d1:15:62:75:84:d7:d3:7a:5e:a8:41:de:94:cf:4f:
                    59:01:f6:8f:e2:d1:98:e9:e9:84:99:fa:28:99:51:
                    43:cf:b1:bd:4f:69:42:8d:e7:c7:ff:6e:f1:64:62:
                    f1:de:15:f0:3c:2e:62:87:b6:22:ec:73:40:f9:38:
                    d9:5f:92:c9:03:d6:f0:54:af:3c:f0:42:a2:4f:38:
                    b2:ed:ae:30:18:1b:25:27:9a:62:7c:9e:ad:7e:ab:
                    9d:2a:cc:5a:a0:92:8f:1a:e0:46:67:78:4a:3e:1e:
                    33:3d:4b:58:cb:34:3d:fc:b9:7d:15:6e:51:3c:c6:
                    a5:20:e9:35:80:3c:c5:47:42:80:83:9a:a0:e9:68:
                    cb:64:a9:7a:cc:de:c2:7d:1e:72:b8:6e:a3:16:df:
                    30:a6:a5:22:cc:8d:26:b1:80:49:df:66:ee:67:54:
                    4a:3e:f5:79:73:6a:5a:4d:20:91:f4:8c:52:64:5a:
                    38:e3:f6:02:c7:86:0d:bf:fc:64:2f:4d:89:d9:de:
                    80:c5:f7:9a:c3:4c:52:6a:eb:5d:3e:96:7b:7c:39:
                    cc:02:f3:71:12:00:84:4d:ef:16:2f:ba:87:0a:c5:
                    cb:5d:c3:2d:12:8a:a2:82:a6:7c:ef:d5:44:41:6b:
                    9e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:C9:F8:B0:FC:C6:41:55:B0:C6:58:C0:C9:A4:06:AF:B2:E7:90:66
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:97:c0:37:ff:2b:9a:57:83:8e:af:20:e2:89:b0:82:43:31:
         d2:41:34:5a:ff:0e:52:7e:82:8b:70:c1:6f:c8:13:d2:e9:b0:
         02:87:bf:1d:92:2e:13:b4:83:e8:6d:d5:56:69:fb:b1:04:25:
         99:9a:db:44:86:33:4b:75:83:04:42:dd:b0:9d:9c:c8:b7:f3:
         a0:aa:4e:b3:c0:ad:c8:a3:0f:0c:dc:c3:61:bc:2e:fd:d8:37:
         32:dc:34:42:fd:18:13:f1:9c:47:9d:77:11:3d:47:02:2e:71:
         41:67:a5:d2:b4:3f:15:16:e0:67:ea:62:c7:d6:ec:c7:3a:e7:
         b4:fc:57:a3:9d:3a:30:35:37:ce:7b:7c:62:0f:18:67:ef:2e:
         f9:a4:ee:a4:de:b7:61:72:30:61:4d:10:4c:e3:44:a7:1c:24:
         db:a8:cd:bc:0c:20:84:d1:39:f0:4f:57:ac:a3:ee:3e:0c:e5:
         d7:1c:ab:19:ba:89:94:0b:6c:1c:2d:ab:e5:6e:25:81:cb:13:
         53:06:f9:84:46:52:66:ac:3a:f1:3b:e1:b9:ee:af:69:48:af:
         90:12:6e:4e:df:3b:a3:5e:90:ac:e6:a8:7a:d9:85:16:78:92:
         2c:af:22:ba:fc:7e:d8:1d:ed:15:02:ef:fc:18:6d:57:f2:c8:
         0f:26:7c:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCfp5hXGIbmoe86JpPAoxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUwNDI5MTcwMDU4WhcNMjUwNDMwMTcwMDU4WjAzMTEwLwYDVQQD
EygwYmM5ZjhiMGZjYzY0MTU1YjBjNjU4YzBjOWE0MDZhZmIyZTc5MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t+G5zTr6NItPN6bxHLRFWJ1hNfT
el6oQd6Uz09ZAfaP4tGY6emEmfoomVFDz7G9T2lCjefH/27xZGLx3hXwPC5ih7Yi
7HNA+TjZX5LJA9bwVK888EKiTziy7a4wGBslJ5pifJ6tfqudKsxaoJKPGuBGZ3hK
Ph4zPUtYyzQ9/Ll9FW5RPMalIOk1gDzFR0KAg5qg6WjLZKl6zN7CfR5yuG6jFt8w
pqUizI0msYBJ32buZ1RKPvV5c2paTSCR9IxSZFo44/YCx4YNv/xkL02J2d6Axfea
w0xSautdPpZ7fDnMAvNxEgCETe8WL7qHCsXLXcMtEoqigqZ879VEQWuehwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvJ+LD8xkFVsMZYwMmkBq+y55BmMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5fAN/8r
mleDjq8g4omwgkMx0kE0Wv8OUn6Ci3DBb8gT0umwAoe/HZIuE7SD6G3VVmn7sQQl
mZrbRIYzS3WDBELdsJ2cyLfzoKpOs8CtyKMPDNzDYbwu/dg3Mtw0Qv0YE/GcR513
ET1HAi5xQWel0rQ/FRbgZ+pix9bsxzrntPxXo506MDU3znt8Yg8YZ+8u+aTupN63
YXIwYU0QTONEpxwk26jNvAwghNE58E9XrKPuPgzl1xyrGbqJlAtsHC2r5W4lgcsT
Uwb5hEZSZqw68Tvhue6vaUivkBJuTt87o16QrOaoetmFFniSLK8iuvx+2B3tFQLv
/BhtV/LIDyZ8qQ==
-----END CERTIFICATE-----