Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          p8rABQ79ZZ76k0F1oI0uCaucPXtdzyrUucvOAJX58fs=
Subject key identifier:   09:91:B4:9D:8E:85:1C:7C:1D:C3:9E:35:09:78:57:10:04:82:EB:4A
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       01968322FD143DBCFDC2F6B5EED12FDC26D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          017A
Signing time:             Tue 29 Apr 2025 20:00:30 +0000
Manifest this update:     Tue 29 Apr 2025 20:00:30 +0000
Manifest next update:     Wed 30 Apr 2025 20:00:30 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: gGu9/gpKfh3YEB5ioNWiAbDpM9mjjr43yT1GzaOzugU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:22:fd:14:3d:bc:fd:c2:f6:b5:ee:d1:2f:dc:26:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Apr 29 20:00:30 2025 GMT
            Not After : Apr 30 20:00:30 2025 GMT
        Subject: CN=0991b49d8e851c7c1dc39e35097857100482eb4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3f:24:3d:30:63:b5:08:32:e4:44:2b:0f:52:
                    85:f8:2c:c5:36:4d:0c:bb:a6:5a:e7:78:c6:5d:8b:
                    9c:fe:2b:ec:03:ee:f8:7e:50:4c:81:95:0e:6f:e5:
                    b7:dc:f9:f6:b5:d5:44:ef:42:62:9d:51:da:bc:b0:
                    25:2c:f8:a4:2c:52:c1:75:1a:07:f3:db:d2:ac:a0:
                    c7:0d:67:a8:35:e1:1c:3e:40:a1:11:52:16:98:38:
                    3f:a7:d0:4c:7d:c8:1a:dd:f8:f6:8e:8e:1d:48:16:
                    04:61:d1:2d:e5:f7:f0:3c:86:30:0a:ce:2b:58:5b:
                    a6:76:24:16:ad:ed:4c:ba:4d:c3:94:3e:ab:9e:dd:
                    12:b0:35:bf:e2:69:48:8c:99:58:ae:14:f2:5b:7e:
                    e9:3f:87:aa:2e:b7:7e:d0:8a:8e:83:f5:39:31:0b:
                    6c:3e:75:16:3f:68:fd:21:2a:bf:ad:fc:a0:e4:a3:
                    db:75:b9:50:c1:4b:5e:6b:c4:70:ff:45:63:dc:c1:
                    d7:e8:30:2e:59:85:8e:dd:bd:38:68:84:e3:44:f1:
                    89:b1:03:ed:73:51:8d:9f:e0:90:dd:e4:2b:f3:da:
                    8a:94:52:a2:21:40:88:47:42:55:cd:91:7a:6f:99:
                    a0:1c:90:de:9f:87:bc:f5:77:47:d1:45:46:d9:e6:
                    dc:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:91:B4:9D:8E:85:1C:7C:1D:C3:9E:35:09:78:57:10:04:82:EB:4A
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:7b:2a:28:fc:6a:09:14:36:f2:29:dd:d7:9a:98:af:95:85:
         f0:2c:68:6b:48:3e:ca:58:e7:0f:61:e9:c8:9e:d7:98:06:03:
         65:5c:2f:41:75:58:3b:54:37:d7:ab:79:70:35:24:33:8d:2c:
         43:c1:b3:51:05:16:c5:6c:5c:af:7d:b1:04:be:85:ab:ac:80:
         d2:9f:89:b2:c1:00:c3:aa:48:5e:c0:79:a4:eb:92:a6:7b:fd:
         03:20:42:fa:56:2d:64:d6:52:6a:4c:ca:fd:5c:df:9b:fe:a6:
         fc:06:c1:20:c3:05:29:fb:c4:97:f0:59:7d:fc:11:a9:0b:f7:
         6e:69:f1:eb:c9:ec:9c:0a:f2:7d:d3:bc:5d:55:2d:50:53:7a:
         4c:dc:c3:6e:70:92:38:db:ea:08:df:c0:19:84:c5:2f:d4:e5:
         64:0a:fe:ef:d1:ce:55:72:87:52:56:77:55:ff:26:de:97:be:
         18:23:8f:11:d3:bb:22:84:dd:ec:da:26:75:e0:37:3a:b8:e0:
         26:15:69:81:33:88:fa:73:6e:24:7f:6d:06:2d:96:9a:a3:e5:
         f9:44:22:28:2b:41:80:ad:ab:ca:f5:b2:b4:36:f6:ca:eb:87:
         db:5b:cf:5a:54:85:af:63:f3:ec:04:c5:f3:0a:e8:ab:39:51:
         c0:45:3a:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDIv0UPbz9wva17tEv3CbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwNDI5MjAwMDMwWhcNMjUwNDMwMjAwMDMwWjAzMTEwLwYDVQQD
EygwOTkxYjQ5ZDhlODUxYzdjMWRjMzllMzUwOTc4NTcxMDA0ODJlYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD8kPTBjtQgy5EQrD1KF+CzFNk0M
u6Za53jGXYuc/ivsA+74flBMgZUOb+W33Pn2tdVE70JinVHavLAlLPikLFLBdRoH
89vSrKDHDWeoNeEcPkChEVIWmDg/p9BMfcga3fj2jo4dSBYEYdEt5ffwPIYwCs4r
WFumdiQWre1Muk3DlD6rnt0SsDW/4mlIjJlYrhTyW37pP4eqLrd+0IqOg/U5MQts
PnUWP2j9ISq/rfyg5KPbdblQwUtea8Rw/0Vj3MHX6DAuWYWO3b04aITjRPGJsQPt
c1GNn+CQ3eQr89qKlFKiIUCIR0JVzZF6b5mgHJDen4e89XdH0UVG2ebcowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmRtJ2OhRx8HcOeNQl4VxAEgutKMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB3sqKPxq
CRQ28ind15qYr5WF8Cxoa0g+yljnD2HpyJ7XmAYDZVwvQXVYO1Q316t5cDUkM40s
Q8GzUQUWxWxcr32xBL6Fq6yA0p+JssEAw6pIXsB5pOuSpnv9AyBC+lYtZNZSakzK
/Vzfm/6m/AbBIMMFKfvEl/BZffwRqQv3bmnx68nsnAryfdO8XVUtUFN6TNzDbnCS
ONvqCN/AGYTFL9TlZAr+79HOVXKHUlZ3Vf8m3pe+GCOPEdO7IoTd7NomdeA3Orjg
JhVpgTOI+nNuJH9tBi2WmqPl+UQiKCtBgK2ryvWytDb2yuuH21vPWlSFr2Pz7ATF
8wroqzlRwEU6tA==
-----END CERTIFICATE-----