Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
File:                     BkAThp4LzSd4EEBTjflc-mfhFy4.mft (raw, json)
Hash identifier:          9St4FgS+IMy+GHeb/FO1Qjt2R0CdIFtmlnqP/nbVm5Y=
Subject key identifier:   35:4E:5E:6B:3F:81:4B:FE:C2:72:93:29:27:F5:1E:DB:14:E2:94:B7
Authority key identifier: 06:40:13:86:9E:0B:CD:27:78:10:40:53:8D:F9:5C:FA:67:E1:17:2E
Certificate issuer:       /CN=064013869e0bcd27781040538df95cfa67e1172e
Certificate serial:       019777C1DC95F50667F2E4550E1DE3148465
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
Manifest number:          031C
Signing time:             Mon 16 Jun 2025 08:01:22 +0000
Manifest this update:     Mon 16 Jun 2025 08:01:22 +0000
Manifest next update:     Tue 17 Jun 2025 08:01:22 +0000
Files and hashes:         1: BkAThp4LzSd4EEBTjflc-mfhFy4.crl (hash: KPF62zZvLjebTaGsqIWxHHiDNYA+iumuOEOwXSTMWsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 08:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:77:c1:dc:95:f5:06:67:f2:e4:55:0e:1d:e3:14:84:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064013869e0bcd27781040538df95cfa67e1172e
        Validity
            Not Before: Jun 16 08:01:22 2025 GMT
            Not After : Jun 17 08:01:22 2025 GMT
        Subject: CN=354e5e6b3f814bfec272932927f51edb14e294b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:7c:bf:37:4f:36:0f:94:03:a1:b1:e3:d2:87:
                    46:e4:da:d5:07:ca:90:4e:33:be:8d:ad:c0:02:cf:
                    f9:00:24:6c:b3:06:65:dc:71:01:94:d2:0a:50:d5:
                    f0:b7:74:74:c1:b9:ab:f1:27:cb:b9:b6:da:13:0b:
                    b3:36:3d:ce:58:a1:b5:a8:0f:cb:3c:62:6b:5e:b5:
                    6b:bd:95:da:e6:8f:66:3d:b7:20:82:18:5e:c0:99:
                    b1:02:0d:29:c2:38:46:10:83:bb:67:f9:8e:b6:cd:
                    ee:e4:54:28:b0:14:55:fa:a5:ef:ec:51:af:65:be:
                    de:2d:b1:9c:bb:cd:cf:be:d5:c5:0d:fd:aa:d1:2a:
                    77:f4:ad:b9:9c:1f:d9:e3:a2:16:b3:94:a1:d7:9c:
                    1d:45:ba:a0:f8:65:ae:c4:de:f2:ed:2d:80:d1:97:
                    b9:6c:78:d6:fd:9a:5e:43:4a:f6:0d:b3:4d:b2:1a:
                    36:99:80:26:de:87:42:28:43:9d:89:dd:0d:55:12:
                    7c:4f:ec:08:7e:1a:f9:4c:e2:6c:f9:eb:d6:59:cb:
                    c0:40:a9:94:86:fd:99:57:73:71:1e:38:52:b9:e5:
                    48:88:80:2f:70:82:98:07:dd:89:99:d6:b5:88:34:
                    d3:e8:a2:42:81:78:34:af:8d:8f:fa:ab:21:7e:78:
                    20:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:4E:5E:6B:3F:81:4B:FE:C2:72:93:29:27:F5:1E:DB:14:E2:94:B7
            X509v3 Authority Key Identifier:
                keyid:06:40:13:86:9E:0B:CD:27:78:10:40:53:8D:F9:5C:FA:67:E1:17:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkAThp4LzSd4EEBTjflc-mfhFy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/50f64d-2be9-4289-a48e-409bd4aa162b/1/BkAThp4LzSd4EEBTjflc-mfhFy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:c2:4d:5e:8f:99:17:93:e0:7b:0f:d9:5c:fc:d7:d3:d3:07:
         70:c8:5b:0d:06:47:a5:4f:93:4d:ef:a8:e8:53:12:72:a7:d5:
         be:d4:63:d9:bc:ae:91:f5:05:c6:ad:f7:c3:91:79:96:10:f4:
         80:59:04:6f:e9:e2:f6:d5:74:dd:da:33:c7:be:cc:64:55:cb:
         80:00:6f:64:ac:da:b7:95:72:ad:54:29:cc:f0:b7:49:06:e7:
         06:0c:8d:2a:38:5a:d0:56:47:4a:1c:df:4e:8c:89:fe:df:92:
         3a:9b:b4:8c:aa:84:fa:3a:96:43:52:2e:9f:9a:ea:2c:f3:dc:
         7a:a7:e3:85:9a:1e:f0:47:48:c0:c1:d1:17:a7:14:81:5b:1b:
         cc:0e:5d:74:a8:a8:50:e8:00:3b:c7:f4:98:16:e0:bb:be:84:
         20:da:f5:b2:56:2e:81:4c:dd:9e:e3:53:72:ed:62:08:64:f7:
         3f:b4:33:9c:21:a1:ca:a9:2f:07:f8:ff:30:8f:b4:26:58:e4:
         f0:9c:c5:8d:26:96:e0:3a:4c:17:a4:2d:0d:bc:9b:7f:9d:27:
         16:bf:f5:21:89:d1:60:1c:b3:ac:22:b5:85:f9:00:c1:9a:30:
         e9:9c:bb:02:9a:96:e5:b2:a5:cb:8f:18:cb:4f:55:d0:c6:d5:
         b7:2a:d1:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd3wdyV9QZn8uRVDh3jFIRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDAxMzg2OWUwYmNkMjc3ODEwNDA1MzhkZjk1Y2ZhNjdl
MTE3MmUwHhcNMjUwNjE2MDgwMTIyWhcNMjUwNjE3MDgwMTIyWjAzMTEwLwYDVQQD
EygzNTRlNWU2YjNmODE0YmZlYzI3MjkzMjkyN2Y1MWVkYjE0ZTI5NGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Xy/N082D5QDobHj0odG5NrVB8qQ
TjO+ja3AAs/5ACRsswZl3HEBlNIKUNXwt3R0wbmr8SfLubbaEwuzNj3OWKG1qA/L
PGJrXrVrvZXa5o9mPbcgghhewJmxAg0pwjhGEIO7Z/mOts3u5FQosBRV+qXv7FGv
Zb7eLbGcu83PvtXFDf2q0Sp39K25nB/Z46IWs5Sh15wdRbqg+GWuxN7y7S2A0Ze5
bHjW/ZpeQ0r2DbNNsho2mYAm3odCKEOdid0NVRJ8T+wIfhr5TOJs+evWWcvAQKmU
hv2ZV3NxHjhSueVIiIAvcIKYB92Jmda1iDTT6KJCgXg0r42P+qshfnggAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVOXms/gUv+wnKTKSf1HtsU4pS3MB8GA1UdIwQY
MBaAFAZAE4aeC80neBBAU435XPpn4RcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81MGY2NGQtMmJlOS00Mjg5LWE0OGUt
NDA5YmQ0YWExNjJiLzEvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81MGY2NGQtMmJlOS00Mjg5LWE0OGUtNDA5YmQ0YWExNjJi
LzEvQmtBVGhwNEx6U2Q0RUVCVGpmbGMtbWZoRnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMJNXo+Z
F5Pgew/ZXPzX09MHcMhbDQZHpU+TTe+o6FMScqfVvtRj2byukfUFxq33w5F5lhD0
gFkEb+ni9tV03dozx77MZFXLgABvZKzat5VyrVQpzPC3SQbnBgyNKjha0FZHShzf
ToyJ/t+SOpu0jKqE+jqWQ1Iun5rqLPPceqfjhZoe8EdIwMHRF6cUgVsbzA5ddKio
UOgAO8f0mBbgu76EINr1slYugUzdnuNTcu1iCGT3P7QznCGhyqkvB/j/MI+0Jljk
8JzFjSaW4DpMF6QtDbybf50nFr/1IYnRYByzrCK1hfkAwZow6Zy7ApqW5bKly48Y
y09V0MbVtyrR7g==
-----END CERTIFICATE-----