Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
File:                     BkwamGxZM6O5EIToo_8IBm05jhk.mft (raw, json)
Hash identifier:          ihWKc/TYSY5uafNK4qS3Ve5SwoW500xH8U5zB0nGQG0=
Subject key identifier:   57:40:69:D0:73:F8:34:51:93:81:76:41:DC:3F:26:39:0E:D0:D5:98
Authority key identifier: 06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
Certificate issuer:       /CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Certificate serial:       01976D3D7C7B4B72C4287BFA52152F77C897
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
Manifest number:          099F
Signing time:             Sat 14 Jun 2025 07:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:35 +0000
Files and hashes:         1: BkwamGxZM6O5EIToo_8IBm05jhk.crl (hash: LoCVzjeHcw8MeISJeBHPJhSJOkm4YfKurhnT9upUVHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:7c:7b:4b:72:c4:28:7b:fa:52:15:2f:77:c8:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064c1a986c5933a3b91084e8a3ff08066d398e19
        Validity
            Not Before: Jun 14 07:00:35 2025 GMT
            Not After : Jun 15 07:00:35 2025 GMT
        Subject: CN=574069d073f8345193817641dc3f26390ed0d598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:74:e0:70:3a:91:87:e0:f5:5a:f4:65:2e:c0:
                    5e:7a:cd:b6:d0:84:f8:c9:d4:f7:13:8a:fa:2c:bb:
                    3d:f9:31:08:d1:fc:78:35:7b:d1:5e:9a:15:9b:0f:
                    0c:cb:a9:6d:9e:5f:0e:6c:91:79:a4:a9:55:fd:5a:
                    19:f4:01:c2:d5:dd:81:e1:3d:f5:93:bb:c6:81:70:
                    0d:64:ee:a3:8d:69:b4:d7:97:b0:d6:b4:11:f3:6b:
                    0b:d0:77:e5:46:eb:70:40:b8:c4:66:45:20:ba:f6:
                    59:a5:3e:99:d7:b4:ea:d4:40:7b:70:6d:96:fd:f2:
                    45:90:7f:c7:37:f3:6b:0e:87:2e:d0:64:7a:0c:4c:
                    d3:62:a6:c4:94:91:08:34:0c:ae:e1:b6:0f:92:8d:
                    66:53:f2:e9:9e:6a:3a:f6:4b:99:4f:10:ab:e5:18:
                    08:fb:6d:c0:b2:8d:3b:70:94:bd:78:53:2b:09:45:
                    8b:92:7d:04:44:48:a5:16:7c:ac:4e:b3:21:61:bb:
                    47:a4:45:54:bc:33:6a:e9:8f:d4:91:76:d3:47:90:
                    ae:87:81:b6:ee:a4:67:8e:9d:b7:84:6b:03:8f:d3:
                    53:44:c7:b2:8f:ff:f2:92:4c:a9:57:af:f2:04:1c:
                    bd:72:6a:f8:ec:cb:ea:3e:0f:69:00:ba:ad:5e:e1:
                    d5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:40:69:D0:73:F8:34:51:93:81:76:41:DC:3F:26:39:0E:D0:D5:98
            X509v3 Authority Key Identifier:
                keyid:06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:f5:75:35:a2:ea:87:f2:4a:f9:52:53:6a:61:98:49:cb:d2:
         b7:09:60:9c:9a:a4:8f:09:38:07:41:66:b9:24:3e:1b:ba:88:
         6a:87:7d:db:e2:1e:1f:82:42:dd:33:ed:66:d3:04:37:64:89:
         85:c7:14:c6:79:84:cc:6e:7b:8a:0e:80:f4:c8:59:68:c4:10:
         62:1a:c2:6d:aa:1f:3d:f1:2b:56:f6:61:bc:8f:ef:d1:22:8a:
         48:8c:14:26:86:f2:25:9c:66:2e:30:80:47:3b:cb:65:14:8c:
         e1:a2:7f:e8:91:4a:95:80:d6:7f:1e:9e:02:1c:30:8f:75:9d:
         7d:5d:8f:8b:51:0d:5b:67:ce:52:8c:6f:14:a4:44:f9:a4:37:
         5a:b0:7d:b9:ee:83:14:3a:a0:b0:06:98:3c:80:be:86:bc:0c:
         0a:9a:1c:06:fc:37:81:e0:99:2f:62:78:b3:84:ec:c2:fe:61:
         36:de:bc:69:c8:6f:ec:03:08:ef:fe:50:4d:45:08:5d:3f:4a:
         64:4f:1b:9a:c7:82:66:3a:09:1f:e2:7f:d6:ce:fb:5d:cd:53:
         35:fb:02:a1:89:54:61:b8:37:04:0e:cd:1b:5e:29:61:54:05:
         1a:56:6d:98:d7:69:7b:27:d7:5a:03:38:5f:30:c0:d0:4b:a5:
         e0:c5:aa:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPXx7S3LEKHv6UhUvd8iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGMxYTk4NmM1OTMzYTNiOTEwODRlOGEzZmYwODA2NmQz
OThlMTkwHhcNMjUwNjE0MDcwMDM1WhcNMjUwNjE1MDcwMDM1WjAzMTEwLwYDVQQD
Eyg1NzQwNjlkMDczZjgzNDUxOTM4MTc2NDFkYzNmMjYzOTBlZDBkNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXTgcDqRh+D1WvRlLsBees220IT4
ydT3E4r6LLs9+TEI0fx4NXvRXpoVmw8My6ltnl8ObJF5pKlV/VoZ9AHC1d2B4T31
k7vGgXANZO6jjWm015ew1rQR82sL0HflRutwQLjEZkUguvZZpT6Z17Tq1EB7cG2W
/fJFkH/HN/NrDocu0GR6DEzTYqbElJEINAyu4bYPko1mU/Lpnmo69kuZTxCr5RgI
+23Aso07cJS9eFMrCUWLkn0EREilFnysTrMhYbtHpEVUvDNq6Y/UkXbTR5Cuh4G2
7qRnjp23hGsDj9NTRMeyj//ykkypV6/yBBy9cmr47MvqPg9pALqtXuHVzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdAadBz+DRRk4F2Qdw/JjkO0NWYMB8GA1UdIwQY
MBaAFAZMGphsWTOjuRCE6KP/CAZtOY4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgt
N2Y2YTY1NWZkNzg4LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgtN2Y2YTY1NWZkNzg4
LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAavV1NaLq
h/JK+VJTamGYScvStwlgnJqkjwk4B0FmuSQ+G7qIaod92+IeH4JC3TPtZtMEN2SJ
hccUxnmEzG57ig6A9MhZaMQQYhrCbaofPfErVvZhvI/v0SKKSIwUJobyJZxmLjCA
RzvLZRSM4aJ/6JFKlYDWfx6eAhwwj3WdfV2Pi1ENW2fOUoxvFKRE+aQ3WrB9ue6D
FDqgsAaYPIC+hrwMCpocBvw3geCZL2J4s4Tswv5hNt68achv7AMI7/5QTUUIXT9K
ZE8bmseCZjoJH+J/1s77Xc1TNfsCoYlUYbg3BA7NG14pYVQFGlZtmNdpeyfXWgM4
XzDA0Eul4MWqdw==
-----END CERTIFICATE-----