Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          17VlYGfEXdmHQqeytfu9VIYmSYcFICvNCfEWQGGkgNU=
Subject key identifier:   5D:92:51:F4:4C:C2:3A:72:49:3D:13:C6:A6:74:49:6E:EB:0D:DF:F0
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       0194BB604B5F0CB7DEC4FA8753FD80791B13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          8E
Signing time:             Fri 31 Jan 2025 08:00:37 +0000
Manifest this update:     Fri 31 Jan 2025 08:00:37 +0000
Manifest next update:     Sat 01 Feb 2025 08:00:37 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: g534Wl2gp4FPuaMwucYeVfP/M6QgAVIQ6GYjRKq9qto=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 08:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:60:4b:5f:0c:b7:de:c4:fa:87:53:fd:80:79:1b:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Jan 31 08:00:37 2025 GMT
            Not After : Feb  1 08:00:37 2025 GMT
        Subject: CN=5d9251f44cc23a72493d13c6a674496eeb0ddff0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0c:64:1a:5e:8c:bf:32:e6:a2:51:67:85:94:
                    1f:94:c1:fd:09:88:26:02:43:48:7d:9f:7e:24:20:
                    5b:5d:07:59:8c:49:31:a6:d8:15:38:71:e0:1f:b3:
                    d7:92:f6:8f:39:49:09:44:6b:bf:0b:c2:7b:77:32:
                    57:ba:cb:d8:91:8e:ff:70:07:96:23:1a:1b:1c:46:
                    b3:89:a7:94:92:d8:87:d8:0a:75:d8:3b:65:0d:0f:
                    ab:54:6e:83:8a:61:e1:a2:95:90:db:56:89:c1:f7:
                    7f:74:fb:f9:f9:dc:dc:3a:79:b7:de:eb:af:1b:f4:
                    48:e9:00:2a:f2:a8:1b:11:f1:08:b2:1c:58:70:97:
                    45:9f:bc:71:a3:60:c4:92:96:66:44:a7:60:5a:ef:
                    73:ba:c8:c0:b5:5a:eb:b0:e2:05:e8:5e:81:3e:8d:
                    6b:73:10:35:83:84:71:06:52:fd:49:80:a5:fa:1e:
                    24:e6:68:c5:eb:17:be:00:ab:ed:c6:41:6e:a3:87:
                    c8:6f:8c:13:9c:3c:8a:35:9f:e7:54:13:ba:73:2f:
                    5f:c0:a4:a1:1a:de:0e:5d:28:f3:0f:1b:dc:be:1e:
                    74:04:d0:f7:8a:32:3c:31:5d:eb:e1:c3:fa:b8:b7:
                    b6:43:19:61:b9:e4:d3:46:c9:aa:67:29:69:85:39:
                    a8:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:92:51:F4:4C:C2:3A:72:49:3D:13:C6:A6:74:49:6E:EB:0D:DF:F0
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:14:a2:1b:83:46:b3:a3:23:db:b6:3d:dc:bc:09:fd:61:42:
         96:48:f6:5f:63:c4:bd:ff:00:94:cf:c0:5d:71:2f:de:ee:82:
         61:ea:d5:34:01:e3:75:5a:d7:93:36:72:69:24:28:b4:d0:26:
         34:54:48:3b:5d:65:8b:41:c1:aa:9c:5a:44:ae:75:81:db:90:
         5b:00:c7:21:6b:9b:ef:86:c2:ec:34:5b:42:b5:a2:27:02:f6:
         a2:0e:e1:ce:37:21:98:6f:43:4b:f6:d9:bb:fb:12:cc:bd:1b:
         2f:20:01:00:5d:3a:e3:ff:d6:f0:6f:3b:d5:ad:5b:a0:50:bb:
         73:05:84:70:f8:53:7a:77:65:66:59:4d:e7:18:fb:50:48:d6:
         13:90:eb:f4:1f:15:02:8d:c2:9d:11:e8:a0:68:d6:47:09:02:
         01:d5:22:ce:15:c1:c7:06:04:4b:f6:db:77:05:04:f8:b6:1b:
         ea:90:09:1d:52:57:b7:2a:40:21:6c:8b:cc:14:91:f8:ab:cc:
         bd:95:33:10:ef:c8:61:f4:86:18:0e:08:fa:92:55:4f:a0:5a:
         7b:35:79:14:99:02:6a:65:48:01:a0:2c:89:79:62:d2:9b:32:
         f3:c2:70:11:12:19:6a:b1:4d:ea:ab:31:99:f3:64:f2:4e:34:
         e1:3a:ba:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7YEtfDLfexPqHU/2AeRsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjUwMTMxMDgwMDM3WhcNMjUwMjAxMDgwMDM3WjAzMTEwLwYDVQQD
Eyg1ZDkyNTFmNDRjYzIzYTcyNDkzZDEzYzZhNjc0NDk2ZWViMGRkZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugxkGl6MvzLmolFnhZQflMH9CYgm
AkNIfZ9+JCBbXQdZjEkxptgVOHHgH7PXkvaPOUkJRGu/C8J7dzJXusvYkY7/cAeW
IxobHEaziaeUktiH2Ap12DtlDQ+rVG6DimHhopWQ21aJwfd/dPv5+dzcOnm33uuv
G/RI6QAq8qgbEfEIshxYcJdFn7xxo2DEkpZmRKdgWu9zusjAtVrrsOIF6F6BPo1r
cxA1g4RxBlL9SYCl+h4k5mjF6xe+AKvtxkFuo4fIb4wTnDyKNZ/nVBO6cy9fwKSh
Gt4OXSjzDxvcvh50BND3ijI8MV3r4cP6uLe2QxlhueTTRsmqZylphTmojwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2SUfRMwjpyST0TxqZ0SW7rDd/wMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFhSiG4NG
s6Mj27Y93LwJ/WFClkj2X2PEvf8AlM/AXXEv3u6CYerVNAHjdVrXkzZyaSQotNAm
NFRIO11li0HBqpxaRK51gduQWwDHIWub74bC7DRbQrWiJwL2og7hzjchmG9DS/bZ
u/sSzL0bLyABAF064//W8G871a1boFC7cwWEcPhTendlZllN5xj7UEjWE5Dr9B8V
Ao3CnRHooGjWRwkCAdUizhXBxwYES/bbdwUE+LYb6pAJHVJXtypAIWyLzBSR+KvM
vZUzEO/IYfSGGA4I+pJVT6BaezV5FJkCamVIAaAsiXli0psy88JwERIZarFN6qsx
mfNk8k404Tq6RQ==
-----END CERTIFICATE-----