Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          ONLv46EtTxmAgvCIOt9J2eGYgKqnWfqSxnJlhuDByZY=
Subject key identifier:   9F:22:3A:48:39:9D:B6:74:DE:CB:71:18:11:48:4D:BC:2C:C7:56:91
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       01976BBDB5B451B9D24CED767EFF925BF759
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          07D9
Signing time:             Sat 14 Jun 2025 00:01:24 +0000
Manifest this update:     Sat 14 Jun 2025 00:01:24 +0000
Manifest next update:     Sun 15 Jun 2025 00:01:24 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: Wzk4nWeGCaePWoOLzmC0JnIBPTkXXICSSVwo0hJv0Sk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:b5:b4:51:b9:d2:4c:ed:76:7e:ff:92:5b:f7:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Jun 14 00:01:24 2025 GMT
            Not After : Jun 15 00:01:24 2025 GMT
        Subject: CN=9f223a48399db674decb711811484dbc2cc75691
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:73:9a:74:ab:65:44:ac:33:7c:e9:9f:b3:97:
                    b0:b5:56:bf:71:75:e8:fd:30:77:a0:32:fa:b0:8d:
                    1e:45:d4:81:c3:b9:d6:4b:e9:2c:bb:59:a0:49:85:
                    2e:71:33:86:55:a5:11:08:ff:67:90:53:aa:5a:b5:
                    f7:01:45:c6:da:1f:c6:a4:5a:51:0b:89:64:e1:cc:
                    02:6c:cd:57:23:39:f0:3f:d0:9e:e7:24:50:36:05:
                    39:bd:9b:9c:49:72:c1:02:b0:39:22:8a:97:d0:44:
                    4c:57:af:f6:9c:a9:96:e5:41:36:77:e8:09:ed:4e:
                    8d:4f:ca:cf:49:36:f6:74:14:02:e0:45:3d:24:ac:
                    27:c0:75:bb:57:b1:0a:c4:2d:2e:6b:5a:e4:3d:b8:
                    38:cb:ca:97:c3:4e:6e:25:42:a4:fb:40:ce:8a:52:
                    7d:58:d4:7c:5a:43:65:fd:c4:be:40:12:f0:89:e7:
                    f8:de:2a:dd:da:c5:03:83:26:aa:76:47:1f:fa:d3:
                    1a:a5:f8:bc:a0:ce:a3:de:cc:c2:20:1c:0a:8d:d3:
                    43:20:89:36:ac:94:65:d4:d3:5f:ce:ea:9f:81:e1:
                    2c:da:70:31:52:6d:d7:2a:32:32:cd:4a:76:f0:51:
                    44:64:86:3a:8b:8a:e2:9a:59:a6:62:32:e0:8e:8d:
                    2d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:22:3A:48:39:9D:B6:74:DE:CB:71:18:11:48:4D:BC:2C:C7:56:91
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d5:ce:fa:dc:c9:9d:03:71:a5:36:a4:0b:00:f9:69:1b:ee:
         8d:4d:53:ee:c2:bb:5b:c4:54:ba:5d:5d:7e:b8:9c:b7:f8:b5:
         79:7d:2b:f5:60:2b:47:49:cd:ad:cb:1b:ac:99:a2:0b:31:74:
         3d:94:33:9e:ee:52:24:e5:27:12:1f:85:2b:26:ac:23:79:27:
         06:e7:23:9f:67:c5:55:a7:20:2d:d6:6a:90:15:86:38:f1:fa:
         33:ec:c8:fd:5b:59:b0:c6:f8:9c:2e:01:6f:8e:d4:23:a7:cd:
         d0:af:0d:0c:c7:df:42:ed:da:a5:89:d1:e4:96:dc:78:d8:f3:
         21:f0:10:9f:cc:f2:b0:4b:b4:bc:08:82:41:76:1c:93:08:76:
         d6:30:74:af:49:29:81:68:7e:7a:6e:4a:ae:29:b6:06:da:e5:
         43:cb:73:4b:33:c0:d0:ff:a6:d4:81:7b:f8:c0:17:4f:b0:48:
         bc:90:c8:c0:24:29:63:59:98:c9:ad:8e:2e:3e:69:87:98:4b:
         c0:50:be:66:68:56:40:2a:3e:e8:56:b6:6e:d0:7d:4b:e1:f4:
         c0:aa:1d:34:85:af:b4:b9:14:58:a5:e6:f5:bd:9a:bd:c0:6b:
         c6:2c:4f:d6:a7:13:3b:9d:7d:4d:79:69:63:d2:6c:86:54:d1:
         21:f8:6b:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvbW0UbnSTO12fv+SW/dZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjUwNjE0MDAwMTI0WhcNMjUwNjE1MDAwMTI0WjAzMTEwLwYDVQQD
Eyg5ZjIyM2E0ODM5OWRiNjc0ZGVjYjcxMTgxMTQ4NGRiYzJjYzc1NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnOadKtlRKwzfOmfs5ewtVa/cXXo
/TB3oDL6sI0eRdSBw7nWS+ksu1mgSYUucTOGVaURCP9nkFOqWrX3AUXG2h/GpFpR
C4lk4cwCbM1XIznwP9Ce5yRQNgU5vZucSXLBArA5IoqX0ERMV6/2nKmW5UE2d+gJ
7U6NT8rPSTb2dBQC4EU9JKwnwHW7V7EKxC0ua1rkPbg4y8qXw05uJUKk+0DOilJ9
WNR8WkNl/cS+QBLwief43ird2sUDgyaqdkcf+tMapfi8oM6j3szCIBwKjdNDIIk2
rJRl1NNfzuqfgeEs2nAxUm3XKjIyzUp28FFEZIY6i4rimlmmYjLgjo0tMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8iOkg5nbZ03stxGBFITbwsx1aRMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddXO+tzJ
nQNxpTakCwD5aRvujU1T7sK7W8RUul1dfrict/i1eX0r9WArR0nNrcsbrJmiCzF0
PZQznu5SJOUnEh+FKyasI3knBucjn2fFVacgLdZqkBWGOPH6M+zI/VtZsMb4nC4B
b47UI6fN0K8NDMffQu3apYnR5JbceNjzIfAQn8zysEu0vAiCQXYckwh21jB0r0kp
gWh+em5Krim2BtrlQ8tzSzPA0P+m1IF7+MAXT7BIvJDIwCQpY1mYya2OLj5ph5hL
wFC+ZmhWQCo+6Fa2btB9S+H0wKodNIWvtLkUWKXm9b2avcBrxixP1qcTO519TXlp
Y9JshlTRIfhr3Q==
-----END CERTIFICATE-----