Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
File:                     BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft (raw, json)
Hash identifier:          Wz6860oj0a2vnHs4kPb+ayd5ZJc+YpE1DFQH575TwFE=
Subject key identifier:   5B:FB:78:86:2D:B0:8D:E3:8F:1A:CD:E5:F6:18:A6:5A:2D:91:E3:D5
Authority key identifier: 06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04
Certificate issuer:       /CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
Certificate serial:       019D3866874281E50AC43597EA449189843C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
Manifest number:          0D57
Signing time:             Sun 29 Mar 2026 07:02:16 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:16 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:16 +0000
Files and hashes:         1: BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl (hash: eD+eCnNDirsKQBgOmu39t83LCeaXyELBzu4SxYKhVak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:87:42:81:e5:0a:c4:35:97:ea:44:91:89:84:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
        Validity
            Not Before: Mar 29 07:02:16 2026 GMT
            Not After : Mar 30 07:02:16 2026 GMT
        Subject: CN=5bfb78862db08de38f1acde5f618a65a2d91e3d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c2:b7:7e:02:53:05:cf:58:ad:a4:b3:82:e8:
                    55:68:64:29:25:c8:a3:ed:c5:dd:0f:b2:55:f8:c7:
                    2d:ec:76:63:0a:ed:97:1f:69:75:84:02:7a:f4:dd:
                    ad:35:5c:3d:c5:29:2b:fa:24:ca:8e:9b:aa:87:cb:
                    26:c7:a0:4a:81:2a:44:0e:02:aa:ac:67:41:25:47:
                    44:e4:f9:f4:54:b1:80:f7:4e:f2:c7:c7:55:69:56:
                    56:84:03:bd:9f:ee:7a:0e:40:38:b7:a5:fb:81:39:
                    c1:a0:49:45:f4:35:71:84:14:f0:0b:24:3a:f2:84:
                    07:a3:3a:5e:d0:68:28:6a:37:4b:8c:ee:f0:23:5e:
                    cf:71:e0:cd:bd:e9:45:fe:8f:00:41:cb:49:2e:df:
                    b4:7d:c2:69:60:30:b4:f0:8e:91:b8:db:f9:ce:6c:
                    1c:07:b1:5d:b6:a2:79:85:cc:cb:d5:1c:24:6f:2a:
                    f5:28:78:11:cb:6d:9c:5a:94:59:62:81:4a:ba:50:
                    c3:56:5c:e7:99:92:63:eb:f0:6c:2e:7e:c0:7b:5c:
                    f2:d8:ab:83:8b:e5:82:fc:67:b3:3f:e5:75:57:56:
                    c6:08:3e:ca:d1:7b:65:1d:38:81:9d:c6:ee:18:16:
                    27:af:fc:b1:77:df:19:80:36:a6:e2:57:5b:cd:c4:
                    b6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:FB:78:86:2D:B0:8D:E3:8F:1A:CD:E5:F6:18:A6:5A:2D:91:E3:D5
            X509v3 Authority Key Identifier:
                keyid:06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:bb:89:a0:7c:6c:a2:a9:48:16:25:64:27:13:41:63:f6:f2:
         1a:57:bb:b1:4b:b8:41:7a:88:75:25:a7:57:65:82:64:4d:a4:
         1d:72:43:ff:75:64:13:02:ea:04:a8:7e:e2:e3:91:39:37:38:
         80:37:29:10:c0:91:b1:0d:f0:47:06:bc:f4:66:2b:73:73:2a:
         58:80:a8:30:12:71:4c:4b:5f:1f:98:2b:40:b1:1a:a6:f6:82:
         fc:55:e7:c6:97:4d:44:82:45:2f:c7:f5:19:9e:79:8f:33:4c:
         cf:a2:73:8d:3b:73:04:77:9e:c7:07:31:08:e6:b5:8b:8d:5c:
         46:01:fc:6b:b2:93:72:54:a6:e6:ae:29:f5:3a:cf:11:0f:52:
         b0:aa:32:95:20:72:04:d2:f6:da:87:3e:ac:ac:a8:b2:79:f9:
         71:c5:83:70:3f:d8:72:d2:f1:96:9c:2c:69:7b:90:e5:d4:a9:
         7a:a6:e5:0a:06:af:20:9e:2d:ab:14:79:a7:7e:f8:f3:3c:42:
         d9:45:c6:c1:c3:18:2f:c9:0a:e8:b6:4c:21:8f:3c:91:b4:0a:
         8d:e0:75:09:25:62:32:10:ec:3b:ba:1f:eb:8d:ef:6b:a6:b3:
         05:6e:9a:bb:87:7d:f6:d1:6f:64:6f:a1:0a:f9:3a:aa:8e:73:
         c9:21:ed:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZodCgeUKxDWX6kSRiYQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDE4ZTdiNTJiZDMyNjhhYTRkNWQzYWE1NzdmNDdkMGYx
ODc1MDQwHhcNMjYwMzI5MDcwMjE2WhcNMjYwMzMwMDcwMjE2WjAzMTEwLwYDVQQD
Eyg1YmZiNzg4NjJkYjA4ZGUzOGYxYWNkZTVmNjE4YTY1YTJkOTFlM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMK3fgJTBc9YraSzguhVaGQpJcij
7cXdD7JV+Mct7HZjCu2XH2l1hAJ69N2tNVw9xSkr+iTKjpuqh8smx6BKgSpEDgKq
rGdBJUdE5Pn0VLGA907yx8dVaVZWhAO9n+56DkA4t6X7gTnBoElF9DVxhBTwCyQ6
8oQHozpe0GgoajdLjO7wI17PceDNvelF/o8AQctJLt+0fcJpYDC08I6RuNv5zmwc
B7FdtqJ5hczL1Rwkbyr1KHgRy22cWpRZYoFKulDDVlznmZJj6/BsLn7Ae1zy2KuD
i+WC/GezP+V1V1bGCD7K0XtlHTiBncbuGBYnr/yxd98ZgDam4ldbzcS2UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv7eIYtsI3jjxrN5fYYplotkePVMB8GA1UdIwQY
MBaAFAYBjntSvTJoqk1dOqV39H0PGHUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2Qt
MWQ5ZmU4YWExMmFiLzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2QtMWQ5ZmU4YWExMmFi
LzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYruJoHxs
oqlIFiVkJxNBY/byGle7sUu4QXqIdSWnV2WCZE2kHXJD/3VkEwLqBKh+4uOROTc4
gDcpEMCRsQ3wRwa89GYrc3MqWICoMBJxTEtfH5grQLEapvaC/FXnxpdNRIJFL8f1
GZ55jzNMz6JzjTtzBHeexwcxCOa1i41cRgH8a7KTclSm5q4p9TrPEQ9SsKoylSBy
BNL22oc+rKyosnn5ccWDcD/YctLxlpwsaXuQ5dSpeqblCgavIJ4tqxR5p3748zxC
2UXGwcMYL8kK6LZMIY88kbQKjeB1CSViMhDsO7of643va6azBW6au4d99tFvZG+h
Cvk6qo5zySHtUQ==
-----END CERTIFICATE-----