Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
File:                     BkAThp4LzSd4EEBTjflc-mfhFy4.mft (raw, json)
Hash identifier:          PsT0lK6BQmFB/ofvoKiHEiinrkeFrkXORrlNO8FAAQU=
Subject key identifier:   76:F1:DF:03:AC:55:56:75:28:41:19:32:9B:3E:5E:FA:66:F3:4E:9D
Authority key identifier: 06:40:13:86:9E:0B:CD:27:78:10:40:53:8D:F9:5C:FA:67:E1:17:2E
Certificate issuer:       /CN=064013869e0bcd27781040538df95cfa67e1172e
Certificate serial:       019678D667326E5C3C145F9C44731EDC28A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
Manifest number:          0298
Signing time:             Sun 27 Apr 2025 20:00:39 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:39 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:39 +0000
Files and hashes:         1: BkAThp4LzSd4EEBTjflc-mfhFy4.crl (hash: B9L4gV12KNYxd6cUc/ZWxc3Mqi8BNNxi55WH1aYy5M4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:67:32:6e:5c:3c:14:5f:9c:44:73:1e:dc:28:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064013869e0bcd27781040538df95cfa67e1172e
        Validity
            Not Before: Apr 27 20:00:39 2025 GMT
            Not After : Apr 28 20:00:39 2025 GMT
        Subject: CN=76f1df03ac555675284119329b3e5efa66f34e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:35:83:29:e1:c9:f9:91:36:b3:1b:2b:7a:d9:
                    01:c3:5d:ba:27:fe:b6:c3:66:10:33:0f:46:a3:86:
                    4b:e7:40:84:8e:6f:7e:98:c6:bb:43:3e:37:43:b9:
                    77:5c:fa:96:57:66:5f:4d:4c:7b:ef:c8:d2:ff:12:
                    db:e1:06:9a:31:cc:f1:42:3e:90:d2:cd:d6:61:82:
                    29:70:20:b2:7d:6e:bd:3f:46:84:4a:b7:d7:0f:14:
                    9f:57:eb:59:55:b7:e0:a5:dd:79:2c:34:d5:a6:21:
                    50:f1:8a:40:a5:1b:62:f7:d8:4f:a8:40:2a:aa:88:
                    53:90:43:1f:7a:9e:a4:d4:ce:29:59:35:a0:84:9e:
                    01:a1:95:2a:d2:f7:3c:c4:6f:23:69:12:ce:ac:da:
                    45:20:25:c5:6e:ed:cf:7d:c9:43:6f:94:b6:5c:07:
                    b0:29:f6:bc:00:dc:64:99:3a:8f:31:60:a5:e7:1b:
                    89:99:88:76:5a:65:3a:a1:36:82:11:9b:a1:da:73:
                    39:b9:9b:86:7e:21:ec:44:1f:d7:93:11:39:bd:6f:
                    ee:6b:e5:bb:d7:8b:1a:07:01:d3:3d:42:72:01:a0:
                    d0:44:78:a4:82:c5:76:36:db:98:ae:65:77:da:52:
                    85:eb:01:74:05:7f:ad:35:79:34:65:62:35:7a:07:
                    89:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F1:DF:03:AC:55:56:75:28:41:19:32:9B:3E:5E:FA:66:F3:4E:9D
            X509v3 Authority Key Identifier:
                keyid:06:40:13:86:9E:0B:CD:27:78:10:40:53:8D:F9:5C:FA:67:E1:17:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:44:c8:a9:d2:a6:87:9e:bb:1c:bc:0b:f1:fa:d4:ec:be:5f:
         a2:7e:72:be:7a:21:d9:a1:dd:77:89:b6:09:98:95:ca:42:6a:
         39:2e:e5:02:c0:bb:aa:95:fa:ab:f1:0b:b8:c0:22:b2:0c:8a:
         63:66:e6:4d:99:c9:dc:b7:bd:13:ae:70:6a:37:53:ca:f4:21:
         8a:f2:15:df:5a:e2:93:a3:f8:bf:18:56:12:cb:68:54:8c:e6:
         3f:62:94:e4:c4:dc:42:79:3d:ef:1f:0c:16:ef:a7:dc:28:96:
         d9:a6:70:94:b5:45:d7:78:c1:9f:cf:6f:d3:40:f5:f5:21:dd:
         f8:20:45:ab:22:5c:cb:ab:a1:4c:6d:51:da:9a:51:00:a3:6e:
         3d:e0:39:5d:80:84:ce:63:47:eb:aa:d9:79:f4:1d:e9:19:02:
         e2:cc:82:b8:cc:28:3e:bd:6b:93:30:da:7b:31:4f:ae:31:2f:
         4b:e7:9c:9b:f6:6d:2b:63:b5:f9:2d:41:88:2c:53:34:e9:91:
         50:31:75:33:98:79:50:88:23:82:06:c4:eb:2a:37:16:33:48:
         84:37:38:18:db:4c:8d:c8:7c:8e:d5:62:df:84:d9:a0:f0:43:
         da:9c:21:60:24:22:dd:6b:63:18:55:ac:09:66:31:29:95:07:
         cc:71:99:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41mcyblw8FF+cRHMe3CimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDAxMzg2OWUwYmNkMjc3ODEwNDA1MzhkZjk1Y2ZhNjdl
MTE3MmUwHhcNMjUwNDI3MjAwMDM5WhcNMjUwNDI4MjAwMDM5WjAzMTEwLwYDVQQD
Eyg3NmYxZGYwM2FjNTU1Njc1Mjg0MTE5MzI5YjNlNWVmYTY2ZjM0ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zWDKeHJ+ZE2sxsretkBw126J/62
w2YQMw9Go4ZL50CEjm9+mMa7Qz43Q7l3XPqWV2ZfTUx778jS/xLb4QaaMczxQj6Q
0s3WYYIpcCCyfW69P0aESrfXDxSfV+tZVbfgpd15LDTVpiFQ8YpApRti99hPqEAq
qohTkEMfep6k1M4pWTWghJ4BoZUq0vc8xG8jaRLOrNpFICXFbu3PfclDb5S2XAew
Kfa8ANxkmTqPMWCl5xuJmYh2WmU6oTaCEZuh2nM5uZuGfiHsRB/XkxE5vW/ua+W7
14saBwHTPUJyAaDQRHikgsV2NtuYrmV32lKF6wF0BX+tNXk0ZWI1egeJEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbx3wOsVVZ1KEEZMps+Xvpm806dMB8GA1UdIwQY
MBaAFAZAE4aeC80neBBAU435XPpn4RcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81MGY2NGQtMmJlOS00Mjg5LWE0OGUt
NDA5YmQ0YWExNjJiLzEvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81MGY2NGQtMmJlOS00Mjg5LWE0OGUtNDA5YmQ0YWExNjJi
LzEvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABETIqdKm
h567HLwL8frU7L5fon5yvnoh2aHdd4m2CZiVykJqOS7lAsC7qpX6q/ELuMAisgyK
Y2bmTZnJ3Le9E65wajdTyvQhivIV31rik6P4vxhWEstoVIzmP2KU5MTcQnk97x8M
Fu+n3CiW2aZwlLVF13jBn89v00D19SHd+CBFqyJcy6uhTG1R2ppRAKNuPeA5XYCE
zmNH66rZefQd6RkC4syCuMwoPr1rkzDaezFPrjEvS+ecm/ZtK2O1+S1BiCxTNOmR
UDF1M5h5UIgjggbE6yo3FjNIhDc4GNtMjch8jtVi34TZoPBD2pwhYCQi3WtjGFWs
CWYxKZUHzHGZDw==
-----END CERTIFICATE-----