Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4d89d6-4465-4321-9282-7bcfd64e0288/1/BXEVMhUM58l6fqSMDXekLm8NX8M.mft
File:                     BXEVMhUM58l6fqSMDXekLm8NX8M.mft (raw, json)
Hash identifier:          zbJHmFUj5FDCgAQFv5kgzwzkIF6OnA6PFPNg0ZTXb0k=
Subject key identifier:   DE:89:11:01:C8:A6:FB:11:08:5B:DF:80:6F:A0:BA:44:BD:33:EC:64
Authority key identifier: 05:71:15:32:15:0C:E7:C9:7A:7E:A4:8C:0D:77:A4:2E:6F:0D:5F:C3
Certificate issuer:       /CN=05711532150ce7c97a7ea48c0d77a42e6f0d5fc3
Certificate serial:       0196789FA19575EB35AF17650285FDFA31C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BXEVMhUM58l6fqSMDXekLm8NX8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/4d89d6-4465-4321-9282-7bcfd64e0288/1/BXEVMhUM58l6fqSMDXekLm8NX8M.mft
Manifest number:          0597
Signing time:             Sun 27 Apr 2025 19:00:49 +0000
Manifest this update:     Sun 27 Apr 2025 19:00:49 +0000
Manifest next update:     Mon 28 Apr 2025 19:00:49 +0000
Files and hashes:         1: BXEVMhUM58l6fqSMDXekLm8NX8M.crl (hash: NZ0g8wLkLr5KviDGvSoTjRWJClyndmNMM7j5/s2J54A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/4d89d6-4465-4321-9282-7bcfd64e0288/1/BXEVMhUM58l6fqSMDXekLm8NX8M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/4d89d6-4465-4321-9282-7bcfd64e0288/1/BXEVMhUM58l6fqSMDXekLm8NX8M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BXEVMhUM58l6fqSMDXekLm8NX8M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 19:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:9f:a1:95:75:eb:35:af:17:65:02:85:fd:fa:31:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05711532150ce7c97a7ea48c0d77a42e6f0d5fc3
        Validity
            Not Before: Apr 27 19:00:49 2025 GMT
            Not After : Apr 28 19:00:49 2025 GMT
        Subject: CN=de891101c8a6fb11085bdf806fa0ba44bd33ec64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:99:8c:94:b9:f5:38:ff:e4:3a:88:04:87:73:
                    1b:bc:8c:40:ee:cb:52:83:1f:a4:62:37:96:6e:62:
                    a1:20:b5:d9:56:c6:13:f4:a3:c0:39:40:e6:58:80:
                    92:4e:d2:75:85:c6:02:ca:98:31:ae:9f:0d:98:4e:
                    70:ae:0a:32:94:a6:00:0c:04:de:af:0e:15:96:9f:
                    7b:9d:7b:1e:bc:fe:55:9b:5d:17:f9:e7:c5:19:57:
                    88:07:ac:54:ba:a5:99:4e:2e:ef:96:29:ce:48:70:
                    e0:3a:81:d8:b6:f3:31:b9:6f:b1:4e:f1:f2:5f:81:
                    d1:eb:e4:ce:ee:0e:2e:29:29:54:d0:9c:0d:a6:c8:
                    73:5d:c7:34:6c:27:c4:27:24:1a:f7:a2:e7:d6:12:
                    4e:40:09:97:0a:72:d5:23:b4:40:c3:ae:f1:8d:e1:
                    31:48:65:1f:2d:1a:d2:aa:7a:de:b5:26:1b:86:95:
                    64:fe:4a:7b:f5:f7:f9:d0:c4:05:a9:83:64:75:a9:
                    31:17:a1:15:9f:f9:db:2b:ef:fa:69:f0:2a:ef:8e:
                    7b:34:91:00:85:ef:b6:72:db:db:0e:45:e8:69:42:
                    72:a0:43:55:a7:23:b8:69:e5:57:b2:a7:cc:52:c0:
                    51:9d:43:e1:5a:4c:e0:ae:f4:04:7c:3b:7c:be:bd:
                    aa:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:89:11:01:C8:A6:FB:11:08:5B:DF:80:6F:A0:BA:44:BD:33:EC:64
            X509v3 Authority Key Identifier:
                keyid:05:71:15:32:15:0C:E7:C9:7A:7E:A4:8C:0D:77:A4:2E:6F:0D:5F:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BXEVMhUM58l6fqSMDXekLm8NX8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d89d6-4465-4321-9282-7bcfd64e0288/1/BXEVMhUM58l6fqSMDXekLm8NX8M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d89d6-4465-4321-9282-7bcfd64e0288/1/BXEVMhUM58l6fqSMDXekLm8NX8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:5f:0e:67:6e:7a:a0:ca:e5:e1:be:9b:25:2e:af:59:1a:84:
         8e:e5:91:e6:7b:e5:23:15:ed:91:81:ab:3d:fd:35:d9:2f:52:
         4e:13:9d:8f:8b:ca:35:2a:8b:fc:d3:19:6a:8b:74:5b:4e:14:
         fe:c9:be:d6:27:3e:6a:1c:01:50:fe:f6:ce:a9:f0:16:f7:77:
         57:32:cf:b1:35:1f:ae:e9:55:43:55:8b:19:bd:10:33:78:90:
         55:47:5d:82:a7:2b:bb:ab:b4:b3:66:3d:21:ed:2b:24:89:e2:
         5c:d4:23:26:66:0a:42:a8:73:75:7a:d1:b0:50:ad:a6:6c:2c:
         f7:f3:e3:77:3d:94:5a:c1:11:18:db:03:13:2f:85:ec:4c:c6:
         e3:50:f4:25:e0:0a:d5:29:9b:03:2e:13:a6:b4:0d:06:70:63:
         b9:3e:a6:79:98:5f:53:bc:e6:ca:34:4e:1f:69:d2:31:e7:6d:
         97:fe:92:ae:1e:69:49:af:6f:a6:bc:a2:b0:ee:43:d2:15:b6:
         d4:d1:5e:ff:5e:d7:72:f1:45:b2:80:bd:59:c9:9f:f1:cb:c2:
         d3:39:58:5b:f4:10:68:2e:d2:a4:05:70:ee:50:77:6c:c4:81:
         bd:37:fa:d2:8d:52:8b:1d:67:76:9a:29:77:fa:d4:4c:4e:b5:
         d5:c3:85:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4n6GVdes1rxdlAoX9+jHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NzExNTMyMTUwY2U3Yzk3YTdlYTQ4YzBkNzdhNDJlNmYw
ZDVmYzMwHhcNMjUwNDI3MTkwMDQ5WhcNMjUwNDI4MTkwMDQ5WjAzMTEwLwYDVQQD
EyhkZTg5MTEwMWM4YTZmYjExMDg1YmRmODA2ZmEwYmE0NGJkMzNlYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZmMlLn1OP/kOogEh3MbvIxA7stS
gx+kYjeWbmKhILXZVsYT9KPAOUDmWICSTtJ1hcYCypgxrp8NmE5wrgoylKYADATe
rw4Vlp97nXsevP5Vm10X+efFGVeIB6xUuqWZTi7vlinOSHDgOoHYtvMxuW+xTvHy
X4HR6+TO7g4uKSlU0JwNpshzXcc0bCfEJyQa96Ln1hJOQAmXCnLVI7RAw67xjeEx
SGUfLRrSqnretSYbhpVk/kp79ff50MQFqYNkdakxF6EVn/nbK+/6afAq7457NJEA
he+2ctvbDkXoaUJyoENVpyO4aeVXsqfMUsBRnUPhWkzgrvQEfDt8vr2qCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6JEQHIpvsRCFvfgG+gukS9M+xkMB8GA1UdIwQY
MBaAFAVxFTIVDOfJen6kjA13pC5vDV/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlhFVk1oVU01OGw2ZnFTTURYZWtMbThOWDhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80ZDg5ZDYtNDQ2NS00MzIxLTkyODIt
N2JjZmQ2NGUwMjg4LzEvQlhFVk1oVU01OGw2ZnFTTURYZWtMbThOWDhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80ZDg5ZDYtNDQ2NS00MzIxLTkyODItN2JjZmQ2NGUwMjg4
LzEvQlhFVk1oVU01OGw2ZnFTTURYZWtMbThOWDhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGl8OZ256
oMrl4b6bJS6vWRqEjuWR5nvlIxXtkYGrPf012S9SThOdj4vKNSqL/NMZaot0W04U
/sm+1ic+ahwBUP72zqnwFvd3VzLPsTUfrulVQ1WLGb0QM3iQVUddgqcru6u0s2Y9
Ie0rJIniXNQjJmYKQqhzdXrRsFCtpmws9/Pjdz2UWsERGNsDEy+F7EzG41D0JeAK
1SmbAy4TprQNBnBjuT6meZhfU7zmyjROH2nSMedtl/6Srh5pSa9vpryisO5D0hW2
1NFe/17XcvFFsoC9Wcmf8cvC0zlYW/QQaC7SpAVw7lB3bMSBvTf60o1Six1ndpop
d/rUTE611cOFeg==
-----END CERTIFICATE-----