Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          47o5I/lMPSVXGb8yCn0ma4kwdnL6qlDQKfOUU1YxVFw=
Subject key identifier:   2B:6C:D0:0B:12:2F:EC:90:1C:03:93:6E:A3:63:C1:A3:7F:D8:BF:EA
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019679E93C622AB32A5C15AE8E9DA86ED451
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          14F7
Signing time:             Mon 28 Apr 2025 01:00:50 +0000
Manifest this update:     Mon 28 Apr 2025 01:00:50 +0000
Manifest next update:     Tue 29 Apr 2025 01:00:50 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: BZzud7qMNQ+tgCja6+1oYpkCCk8Kzn5YLxbAVaYIvHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:3c:62:2a:b3:2a:5c:15:ae:8e:9d:a8:6e:d4:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Apr 28 01:00:50 2025 GMT
            Not After : Apr 29 01:00:50 2025 GMT
        Subject: CN=2b6cd00b122fec901c03936ea363c1a37fd8bfea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1b:aa:77:ff:5e:35:d6:fe:eb:7f:b3:52:6d:
                    70:32:2c:03:59:c4:34:8c:59:65:c0:98:a7:b4:6a:
                    1d:29:8b:0e:aa:7a:d2:ff:36:2f:ce:ce:4f:07:3a:
                    66:39:47:59:c6:61:20:a1:d9:d4:6d:84:d8:86:24:
                    a2:54:c2:b9:23:a2:b2:92:1d:67:fd:c9:47:00:b6:
                    1e:b0:c6:29:39:e9:83:cc:9b:25:a8:d6:72:22:49:
                    c8:83:18:bb:57:f6:62:dc:7c:5e:f7:d7:15:a3:5e:
                    6b:c8:7d:3a:f4:47:9b:13:de:35:cc:b0:d3:f2:a0:
                    9e:41:1c:bb:d0:ce:65:45:d6:60:b8:dd:79:03:2a:
                    62:66:02:f7:e0:b1:cf:0a:f2:71:07:27:6a:57:ed:
                    43:b1:2e:14:0b:7d:cf:18:41:b4:a6:34:48:4d:e6:
                    30:9e:6e:08:8b:5d:50:43:47:22:e8:13:af:16:e6:
                    ac:80:0b:ca:21:62:6e:47:f9:b4:a6:f6:8b:5b:a4:
                    26:50:e0:13:07:d5:27:e6:58:b5:1e:04:61:92:bc:
                    e4:78:6d:c4:a1:f9:8d:b2:8c:22:b2:92:c5:e5:d5:
                    96:d4:ee:3d:08:69:c1:48:bd:0f:e9:1e:58:32:4e:
                    c5:d4:2e:6c:b5:ff:d5:32:1a:86:b7:4e:c4:8a:5b:
                    17:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:6C:D0:0B:12:2F:EC:90:1C:03:93:6E:A3:63:C1:A3:7F:D8:BF:EA
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:9b:b1:2e:91:1e:16:f8:51:2a:86:c5:50:6b:e3:b6:ea:75:
         f5:c3:b9:a1:d2:e5:5c:0b:b6:f6:27:31:f4:02:4e:f8:07:16:
         c1:a3:59:70:ee:ab:31:09:5a:00:a5:71:be:a0:6e:0b:bf:f3:
         fd:5e:60:35:6a:67:13:cf:be:d6:bb:0d:cd:1f:f0:3a:8b:84:
         1b:cc:8a:0f:0a:34:9c:a0:13:4f:57:72:c5:a5:e8:3d:84:75:
         3c:dc:78:2c:86:08:72:41:9c:3f:d0:68:ed:74:23:f9:39:8a:
         a1:b3:ff:b3:ae:49:85:a4:86:a1:b3:5a:21:88:5d:18:97:93:
         b2:7e:5a:61:f8:86:73:72:66:72:2d:b7:fd:07:d8:8a:d2:c2:
         10:fa:6d:c8:4f:61:b8:b1:9e:3c:77:ef:bd:29:ee:57:db:49:
         b8:72:0d:31:a3:c3:ed:0d:56:66:2a:4e:e1:17:fe:eb:78:97:
         8c:bd:b3:05:a9:3e:92:2c:1b:88:67:87:0b:3c:76:90:28:a0:
         b0:9d:e5:cd:18:34:89:93:9a:16:19:4c:23:bb:85:16:de:f6:
         aa:b5:65:26:ba:21:72:ef:f2:e5:62:30:e5:90:5a:c1:ca:a4:
         4f:42:e1:76:4e:82:dd:4a:31:8b:41:f4:e6:8f:e2:7f:a0:2c:
         0c:8e:ce:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56TxiKrMqXBWujp2obtRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjUwNDI4MDEwMDUwWhcNMjUwNDI5MDEwMDUwWjAzMTEwLwYDVQQD
EygyYjZjZDAwYjEyMmZlYzkwMWMwMzkzNmVhMzYzYzFhMzdmZDhiZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxuqd/9eNdb+63+zUm1wMiwDWcQ0
jFllwJintGodKYsOqnrS/zYvzs5PBzpmOUdZxmEgodnUbYTYhiSiVMK5I6Kykh1n
/clHALYesMYpOemDzJslqNZyIknIgxi7V/Zi3Hxe99cVo15ryH069EebE941zLDT
8qCeQRy70M5lRdZguN15AypiZgL34LHPCvJxBydqV+1DsS4UC33PGEG0pjRITeYw
nm4Ii11QQ0ci6BOvFuasgAvKIWJuR/m0pvaLW6QmUOATB9Un5li1HgRhkrzkeG3E
ofmNsowispLF5dWW1O49CGnBSL0P6R5YMk7F1C5stf/VMhqGt07EilsXkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCts0AsSL+yQHAOTbqNjwaN/2L/qMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk5uxLpEe
FvhRKobFUGvjtup19cO5odLlXAu29icx9AJO+AcWwaNZcO6rMQlaAKVxvqBuC7/z
/V5gNWpnE8++1rsNzR/wOouEG8yKDwo0nKATT1dyxaXoPYR1PNx4LIYIckGcP9Bo
7XQj+TmKobP/s65JhaSGobNaIYhdGJeTsn5aYfiGc3Jmci23/QfYitLCEPptyE9h
uLGePHfvvSnuV9tJuHINMaPD7Q1WZipO4Rf+63iXjL2zBak+kiwbiGeHCzx2kCig
sJ3lzRg0iZOaFhlMI7uFFt72qrVlJrohcu/y5WIw5ZBawcqkT0Lhdk6C3Uoxi0H0
5o/if6AsDI7Ojw==
-----END CERTIFICATE-----