Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          GPpUYqyPb019GMRIiPNVpziDu1DD1TXpcj8BxLDpdEI=
Subject key identifier:   F2:8A:2E:A7:42:CE:E2:2E:50:CB:F0:78:6D:47:EE:0A:5F:BC:C5:69
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       0196A4D3A99553CEA82425661815337DD8DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          0423
Signing time:             Tue 06 May 2025 09:00:56 +0000
Manifest this update:     Tue 06 May 2025 09:00:56 +0000
Manifest next update:     Wed 07 May 2025 09:00:56 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: 2YUqCVcxP6Ytf5C0XZlMGiK0869TDP6N3Ni+ovv9cw4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:d3:a9:95:53:ce:a8:24:25:66:18:15:33:7d:d8:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: May  6 09:00:56 2025 GMT
            Not After : May  7 09:00:56 2025 GMT
        Subject: CN=f28a2ea742cee22e50cbf0786d47ee0a5fbcc569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:22:ed:3a:4d:83:47:5a:f0:2f:d0:05:ab:79:
                    db:cd:90:50:79:5c:e0:c2:91:3b:cb:66:65:04:e4:
                    b4:f7:37:00:21:84:7d:cb:77:a4:b5:18:4a:48:12:
                    df:d4:f5:07:0b:4c:a9:b1:76:7e:05:9a:a8:70:e6:
                    44:66:8d:0c:70:34:6d:f8:ee:29:1c:43:90:36:76:
                    18:66:df:d0:d9:28:6b:e6:c4:76:ae:5d:e9:56:29:
                    04:88:d7:a1:0e:89:9b:bf:a9:aa:60:b7:9c:c0:8a:
                    5e:79:a0:ab:b6:6c:7c:0b:6e:2e:4a:e5:74:c9:a9:
                    14:3f:7f:a0:74:5d:c9:07:b5:7d:fa:a8:df:9f:ea:
                    a4:74:a9:46:46:5e:04:f6:ae:61:84:cd:e2:82:62:
                    53:4d:3c:c9:36:73:88:e1:50:ea:99:a0:bf:ed:83:
                    69:94:6a:3b:3f:c8:c6:e3:cc:27:86:e8:a8:93:a7:
                    cb:a0:4c:da:62:a0:60:8a:d1:34:fd:86:d7:eb:d1:
                    d6:6b:cc:97:f2:41:d7:4f:99:51:3d:81:5b:d1:62:
                    fa:3b:2f:38:e2:cc:1f:f8:cf:72:0f:88:83:b6:49:
                    44:7f:5c:65:5b:2f:bc:13:b3:7a:ac:37:3d:6b:d8:
                    cd:f5:8c:ac:52:ba:41:ed:18:3a:b6:ea:21:1e:e9:
                    5c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:8A:2E:A7:42:CE:E2:2E:50:CB:F0:78:6D:47:EE:0A:5F:BC:C5:69
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:0a:d6:05:95:4e:c9:fc:48:37:73:e0:ef:d8:a4:2c:9e:07:
         6a:db:e3:41:79:f2:8f:ea:21:60:f5:70:73:bc:82:16:39:63:
         5c:5b:fc:e1:e8:20:14:05:e5:8d:47:7b:8b:3b:ce:23:4c:03:
         62:b2:53:a8:68:aa:ae:ba:41:6a:27:5e:71:03:19:b2:ee:28:
         1b:06:81:cc:31:48:f1:10:ef:a6:5b:25:a1:c4:84:47:41:8f:
         44:d1:23:2f:92:a2:cc:b7:ed:19:10:fd:1f:bd:2d:1e:01:73:
         7a:2c:62:fc:85:ee:85:df:cc:03:40:54:2b:0b:05:d2:62:f9:
         11:76:2c:8a:2e:f3:86:bc:89:72:29:d2:df:7e:55:c6:ce:52:
         d4:71:6e:cd:2c:72:dc:a1:12:ba:5f:2f:8f:72:32:a5:79:c9:
         18:1a:4e:c8:ab:6c:b2:14:a9:e9:12:49:e0:df:d0:36:53:38:
         5f:ee:54:72:48:51:9a:b8:78:a5:50:3a:93:d4:2a:8b:cb:ce:
         fd:53:32:e2:cb:91:d1:e9:f5:93:42:40:ee:5c:14:c9:3c:48:
         a4:fe:2a:85:24:4e:b0:ec:67:3d:7c:94:4a:18:2d:09:00:d1:
         ee:83:ca:d3:27:12:8a:aa:76:b4:6b:a3:28:02:0f:57:4a:cc:
         fa:c1:b2:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZak06mVU86oJCVmGBUzfdjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjUwNTA2MDkwMDU2WhcNMjUwNTA3MDkwMDU2WjAzMTEwLwYDVQQD
EyhmMjhhMmVhNzQyY2VlMjJlNTBjYmYwNzg2ZDQ3ZWUwYTVmYmNjNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SLtOk2DR1rwL9AFq3nbzZBQeVzg
wpE7y2ZlBOS09zcAIYR9y3ektRhKSBLf1PUHC0ypsXZ+BZqocOZEZo0McDRt+O4p
HEOQNnYYZt/Q2Shr5sR2rl3pVikEiNehDombv6mqYLecwIpeeaCrtmx8C24uSuV0
yakUP3+gdF3JB7V9+qjfn+qkdKlGRl4E9q5hhM3igmJTTTzJNnOI4VDqmaC/7YNp
lGo7P8jG48wnhuiok6fLoEzaYqBgitE0/YbX69HWa8yX8kHXT5lRPYFb0WL6Oy84
4swf+M9yD4iDtklEf1xlWy+8E7N6rDc9a9jN9YysUrpB7Rg6tuohHulc0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKKLqdCzuIuUMvweG1H7gpfvMVpMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALQrWBZVO
yfxIN3Pg79ikLJ4HatvjQXnyj+ohYPVwc7yCFjljXFv84eggFAXljUd7izvOI0wD
YrJTqGiqrrpBaidecQMZsu4oGwaBzDFI8RDvplslocSER0GPRNEjL5KizLftGRD9
H70tHgFzeixi/IXuhd/MA0BUKwsF0mL5EXYsii7zhryJcinS335Vxs5S1HFuzSxy
3KESul8vj3IypXnJGBpOyKtsshSp6RJJ4N/QNlM4X+5UckhRmrh4pVA6k9Qqi8vO
/VMy4suR0en1k0JA7lwUyTxIpP4qhSROsOxnPXyUShgtCQDR7oPK0ycSiqp2tGuj
KAIPV0rM+sGyJA==
-----END CERTIFICATE-----