Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
File:                     bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft (raw, json)
Hash identifier:          7vttL/vDhaDkwLmbb4XlNSePZhRvfnc8cA4V1jWETDw=
Subject key identifier:   CD:00:55:B5:2E:DA:6D:04:7E:FC:F5:36:EE:E1:2D:DE:FD:ED:10:36
Authority key identifier: 6E:68:C1:B9:0E:45:F9:1B:AB:8D:60:78:8E:ED:25:CB:4A:01:0F:E8
Certificate issuer:       /CN=6e68c1b90e45f91bab8d60788eed25cb4a010fe8
Certificate serial:       0196AE4445C99744D86F7BB11D8989364B1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
Manifest number:          0478
Signing time:             Thu 08 May 2025 05:00:31 +0000
Manifest this update:     Thu 08 May 2025 05:00:31 +0000
Manifest next update:     Fri 09 May 2025 05:00:31 +0000
Files and hashes:         1: bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl (hash: LM444oXygwBzLbHT4m7pWurgSQV0p9rtk0behHVTugM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ae:44:45:c9:97:44:d8:6f:7b:b1:1d:89:89:36:4b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e68c1b90e45f91bab8d60788eed25cb4a010fe8
        Validity
            Not Before: May  8 05:00:31 2025 GMT
            Not After : May  9 05:00:31 2025 GMT
        Subject: CN=cd0055b52eda6d047efcf536eee12ddefded1036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2c:a5:22:8f:f9:cd:45:a6:61:bd:96:1c:b3:
                    7a:a1:b2:68:3f:cb:8b:19:7b:f3:e4:44:c1:b0:ef:
                    68:a3:eb:5f:59:25:33:09:30:ea:37:df:4b:88:70:
                    c8:ba:e5:83:8e:ff:f4:47:44:1b:db:9a:62:95:1f:
                    3b:89:ac:fa:6b:a6:c9:01:f9:58:9f:2a:65:d4:ca:
                    33:e0:c1:5e:c9:94:b0:6a:2f:c0:a1:c7:3c:9f:96:
                    7e:33:91:65:e5:08:cb:69:a2:bf:5b:9a:35:69:8a:
                    6e:0e:bc:3f:23:a2:7d:dd:ce:3e:d6:d0:ca:41:4b:
                    fe:21:d9:28:96:43:07:d1:d1:72:d2:e6:c6:14:77:
                    4a:e9:a3:bd:5c:a9:0e:03:07:93:2d:b6:4f:40:24:
                    d3:f2:62:36:0c:c6:16:6b:ae:fa:5c:42:13:6c:10:
                    d7:98:7e:4b:f9:c1:7c:e6:5c:dd:cc:b4:95:81:85:
                    de:02:12:9b:c5:50:1c:2c:8c:c7:54:20:6b:9a:5c:
                    91:f9:12:42:f4:2a:a2:1e:1b:f6:de:9c:5c:12:62:
                    f4:2d:5a:56:e9:7d:05:e0:81:fc:3f:51:a1:f2:c2:
                    4c:d4:f9:d8:d4:10:f4:ad:f1:9b:3f:db:cc:93:60:
                    5a:ee:df:74:05:c4:70:94:da:0e:4a:94:f5:1a:49:
                    05:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:00:55:B5:2E:DA:6D:04:7E:FC:F5:36:EE:E1:2D:DE:FD:ED:10:36
            X509v3 Authority Key Identifier:
                keyid:6E:68:C1:B9:0E:45:F9:1B:AB:8D:60:78:8E:ED:25:CB:4A:01:0F:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:14:1c:a2:a8:d7:e9:77:38:6b:f6:9a:90:9a:b1:3f:86:d8:
         e3:ff:1c:f7:b5:bf:cb:04:16:91:a8:4b:fa:db:c0:c8:bc:a1:
         f5:ab:66:a7:89:75:32:61:2e:68:b1:c6:9c:ce:61:f5:2d:02:
         2f:e1:04:9c:9c:ef:32:92:af:0b:7e:9d:82:20:9a:b5:66:86:
         1c:71:f7:87:ef:0a:5c:2d:13:65:e2:16:c3:98:cd:b7:2a:23:
         84:5c:ea:46:7b:34:0b:56:f2:4f:ad:82:75:45:e6:c1:3f:a0:
         43:c0:dc:1b:a5:58:c7:e9:cf:4d:20:5e:8e:94:73:95:9b:63:
         92:be:05:c1:9e:48:e4:7d:9e:79:ac:ec:da:36:e2:99:61:ad:
         26:e1:59:82:f9:59:69:d1:fa:02:23:da:2a:67:c5:ff:6b:f5:
         bc:05:5d:fd:bb:3c:23:d4:5d:15:8f:b7:9a:a2:28:e5:22:dd:
         30:00:b8:aa:0e:5b:31:4f:55:46:0f:77:d7:d1:dd:2e:f4:97:
         97:90:a1:e9:83:4e:7a:2f:dd:4e:7d:93:52:23:2a:e7:03:6b:
         45:f7:55:d7:9e:9a:3d:f8:f6:7d:77:a8:a5:80:54:22:a9:2d:
         6c:29:b2:f1:df:1c:88:47:19:0b:42:9e:9c:47:79:de:36:df:
         97:d0:94:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZauREXJl0TYb3uxHYmJNksdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjhjMWI5MGU0NWY5MWJhYjhkNjA3ODhlZWQyNWNiNGEw
MTBmZTgwHhcNMjUwNTA4MDUwMDMxWhcNMjUwNTA5MDUwMDMxWjAzMTEwLwYDVQQD
EyhjZDAwNTViNTJlZGE2ZDA0N2VmY2Y1MzZlZWUxMmRkZWZkZWQxMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyylIo/5zUWmYb2WHLN6obJoP8uL
GXvz5ETBsO9oo+tfWSUzCTDqN99LiHDIuuWDjv/0R0Qb25pilR87iaz6a6bJAflY
nypl1Moz4MFeyZSwai/Aocc8n5Z+M5Fl5QjLaaK/W5o1aYpuDrw/I6J93c4+1tDK
QUv+IdkolkMH0dFy0ubGFHdK6aO9XKkOAweTLbZPQCTT8mI2DMYWa676XEITbBDX
mH5L+cF85lzdzLSVgYXeAhKbxVAcLIzHVCBrmlyR+RJC9CqiHhv23pxcEmL0LVpW
6X0F4IH8P1Gh8sJM1PnY1BD0rfGbP9vMk2Ba7t90BcRwlNoOSpT1GkkFlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0AVbUu2m0Efvz1Nu7hLd797RA2MB8GA1UdIwQY
MBaAFG5owbkORfkbq41geI7tJctKAQ/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmFjYTEtZjU1Ny00MTA0LWI1ZmEt
MTc0MDYzMGZjYzQ1LzEvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmFjYTEtZjU1Ny00MTA0LWI1ZmEtMTc0MDYzMGZjYzQ1
LzEvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnBQcoqjX
6Xc4a/aakJqxP4bY4/8c97W/ywQWkahL+tvAyLyh9atmp4l1MmEuaLHGnM5h9S0C
L+EEnJzvMpKvC36dgiCatWaGHHH3h+8KXC0TZeIWw5jNtyojhFzqRns0C1byT62C
dUXmwT+gQ8DcG6VYx+nPTSBejpRzlZtjkr4FwZ5I5H2eeazs2jbimWGtJuFZgvlZ
adH6AiPaKmfF/2v1vAVd/bs8I9RdFY+3mqIo5SLdMAC4qg5bMU9VRg9319HdLvSX
l5Ch6YNOei/dTn2TUiMq5wNrRfdV156aPfj2fXeopYBUIqktbCmy8d8ciEcZC0Ke
nEd53jbfl9CUjg==
-----END CERTIFICATE-----