Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
File:                     BcW97HMY-HHVPoZkgvQXM97wlCg.mft (raw, json)
Hash identifier:          w/sFDdLPU1Y2z+uhlgX98kEQdIBDczstFY4Pot4txEU=
Subject key identifier:   64:22:A6:0D:EE:FE:9D:42:15:05:31:C5:8B:9F:48:9B:88:93:AC:4A
Authority key identifier: 05:C5:BD:EC:73:18:F8:71:D5:3E:86:64:82:F4:17:33:DE:F0:94:28
Certificate issuer:       /CN=05c5bdec7318f871d53e866482f41733def09428
Certificate serial:       019681A26D176155D74A689FAC94C271B608
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcW97HMY-HHVPoZkgvQXM97wlCg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
Manifest number:          0C75
Signing time:             Tue 29 Apr 2025 13:00:27 +0000
Manifest this update:     Tue 29 Apr 2025 13:00:27 +0000
Manifest next update:     Wed 30 Apr 2025 13:00:27 +0000
Files and hashes:         1: BcW97HMY-HHVPoZkgvQXM97wlCg.crl (hash: LIfKciwS2Ag10wa/fKCCMU8ljKKKvIRN/PW9qzQHN5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcW97HMY-HHVPoZkgvQXM97wlCg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a2:6d:17:61:55:d7:4a:68:9f:ac:94:c2:71:b6:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05c5bdec7318f871d53e866482f41733def09428
        Validity
            Not Before: Apr 29 13:00:27 2025 GMT
            Not After : Apr 30 13:00:27 2025 GMT
        Subject: CN=6422a60deefe9d42150531c58b9f489b8893ac4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:6c:38:75:cc:f4:28:bc:37:0d:d2:e5:da:45:
                    33:6b:ba:f7:06:74:62:e2:e4:73:e0:87:83:57:06:
                    96:bd:cc:e6:9c:69:be:04:21:d2:6b:a7:d6:1e:84:
                    91:fa:1b:72:b7:2f:39:4b:e4:ab:09:b3:00:96:ac:
                    11:ec:3d:57:fe:57:c2:26:d8:97:c3:df:ab:9c:24:
                    cc:6e:56:82:7c:b1:79:d7:bd:bb:b2:03:e6:fe:92:
                    fc:05:81:71:a0:eb:2e:86:fe:36:42:d7:b8:d4:33:
                    d3:a3:bc:f8:7a:3a:ed:02:be:0a:31:4b:5b:0d:b6:
                    be:6e:b2:48:75:da:d7:e0:82:a6:30:94:60:e1:03:
                    8e:2b:79:ed:e2:b7:67:0f:1c:d7:8a:24:b1:1f:4c:
                    a4:8c:61:11:db:4c:92:a0:45:4a:b2:d9:0a:8d:b3:
                    11:93:8c:25:96:0b:f5:77:46:79:69:41:78:ac:e2:
                    e8:12:26:b1:64:c4:fd:04:3d:d6:c8:5d:70:e0:53:
                    57:2d:56:d8:08:51:7c:11:5f:1e:7d:f3:b4:64:fc:
                    08:14:d1:90:18:da:c2:45:5f:c6:dc:d2:4a:8d:a0:
                    17:3f:43:c2:81:32:54:d2:92:2e:ba:84:4d:ed:9e:
                    bf:4b:34:f8:41:e3:f4:5e:e6:b4:47:32:29:e5:76:
                    13:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:22:A6:0D:EE:FE:9D:42:15:05:31:C5:8B:9F:48:9B:88:93:AC:4A
            X509v3 Authority Key Identifier:
                keyid:05:C5:BD:EC:73:18:F8:71:D5:3E:86:64:82:F4:17:33:DE:F0:94:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcW97HMY-HHVPoZkgvQXM97wlCg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebd0c-2991-4583-bfec-7122feafc8c7/1/BcW97HMY-HHVPoZkgvQXM97wlCg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e2:67:61:22:44:22:47:a2:af:af:03:7e:b9:85:76:95:79:ed:
         47:a0:f9:d5:9d:76:e5:06:71:2c:1f:77:18:db:2d:10:72:35:
         79:3f:9d:9a:1a:c0:36:32:d9:77:f1:ca:12:a6:df:8a:04:61:
         3d:d8:36:51:f6:db:dc:6d:dd:41:3f:af:04:4b:67:40:c1:72:
         74:cc:cb:4c:ec:2e:a0:ba:1c:d5:78:65:fd:13:c1:02:94:eb:
         bc:66:c6:4a:8a:40:b9:15:31:3b:c5:aa:49:3c:c8:3d:72:b9:
         ef:1d:a9:e3:4f:24:fe:e2:09:42:f3:2d:b0:f0:0e:d3:7a:38:
         43:01:f5:6a:87:e1:93:cf:d1:9a:15:48:65:ca:8b:ac:41:71:
         31:43:7f:f6:0d:74:48:39:97:62:3f:47:e7:33:f4:92:f2:5b:
         e2:16:e3:95:3c:a5:72:1b:16:78:f0:e1:c5:ba:ff:b6:77:d8:
         e2:8b:1b:83:36:f3:85:7f:6b:c1:91:c4:c9:f6:31:50:83:21:
         84:fb:9a:8a:d7:09:8b:ad:ce:21:80:86:2a:c8:ff:a3:51:c7:
         b2:1f:ab:37:10:f2:c9:c6:4c:4f:7b:b1:46:ab:e9:1c:ed:ed:
         62:d1:bd:81:dc:dc:57:71:17:93:6e:6f:0e:86:b0:96:bc:f5:
         40:d7:dd:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBom0XYVXXSmifrJTCcbYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YzViZGVjNzMxOGY4NzFkNTNlODY2NDgyZjQxNzMzZGVm
MDk0MjgwHhcNMjUwNDI5MTMwMDI3WhcNMjUwNDMwMTMwMDI3WjAzMTEwLwYDVQQD
Eyg2NDIyYTYwZGVlZmU5ZDQyMTUwNTMxYzU4YjlmNDg5Yjg4OTNhYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2w4dcz0KLw3DdLl2kUza7r3BnRi
4uRz4IeDVwaWvczmnGm+BCHSa6fWHoSR+htyty85S+SrCbMAlqwR7D1X/lfCJtiX
w9+rnCTMblaCfLF51727sgPm/pL8BYFxoOsuhv42Qte41DPTo7z4ejrtAr4KMUtb
Dba+brJIddrX4IKmMJRg4QOOK3nt4rdnDxzXiiSxH0ykjGER20ySoEVKstkKjbMR
k4wllgv1d0Z5aUF4rOLoEiaxZMT9BD3WyF1w4FNXLVbYCFF8EV8effO0ZPwIFNGQ
GNrCRV/G3NJKjaAXP0PCgTJU0pIuuoRN7Z6/SzT4QeP0Xua0RzIp5XYTZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQipg3u/p1CFQUxxYufSJuIk6xKMB8GA1UdIwQY
MBaAFAXFvexzGPhx1T6GZIL0FzPe8JQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNXOTdITVktSEhWUG9aa2d2UVhNOTd3bENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zZWJkMGMtMjk5MS00NTgzLWJmZWMt
NzEyMmZlYWZjOGM3LzEvQmNXOTdITVktSEhWUG9aa2d2UVhNOTd3bENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zZWJkMGMtMjk5MS00NTgzLWJmZWMtNzEyMmZlYWZjOGM3
LzEvQmNXOTdITVktSEhWUG9aa2d2UVhNOTd3bENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4mdhIkQi
R6KvrwN+uYV2lXntR6D51Z125QZxLB93GNstEHI1eT+dmhrANjLZd/HKEqbfigRh
Pdg2Ufbb3G3dQT+vBEtnQMFydMzLTOwuoLoc1Xhl/RPBApTrvGbGSopAuRUxO8Wq
STzIPXK57x2p408k/uIJQvMtsPAO03o4QwH1aofhk8/RmhVIZcqLrEFxMUN/9g10
SDmXYj9H5zP0kvJb4hbjlTylchsWePDhxbr/tnfY4osbgzbzhX9rwZHEyfYxUIMh
hPuaitcJi63OIYCGKsj/o1HHsh+rNxDyycZMT3uxRqvpHO3tYtG9gdzcV3EXk25v
Doawlrz1QNfdkA==
-----END CERTIFICATE-----