Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
File:                     BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft (raw, json)
Hash identifier:          OfNGS9ylUE7UVsMl0xFTkd1WIQrK7hiuksfkR2svn3I=
Subject key identifier:   21:2E:A1:A5:03:FA:D5:C0:CD:2A:00:42:57:58:72:72:E1:6A:BD:D1
Authority key identifier: 06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04
Certificate issuer:       /CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
Certificate serial:       019A71B7D1C350F668AB404439B0F57B1CC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
Manifest number:          0BE7
Signing time:             Tue 11 Nov 2025 07:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:03 +0000
Files and hashes:         1: BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl (hash: EG5PNPRCP0Jc9Jgm7B9hThm3Dapgfhnu+lE+TD3FCUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:d1:c3:50:f6:68:ab:40:44:39:b0:f5:7b:1c:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06018e7b52bd3268aa4d5d3aa577f47d0f187504
        Validity
            Not Before: Nov 11 07:01:03 2025 GMT
            Not After : Nov 12 07:01:03 2025 GMT
        Subject: CN=212ea1a503fad5c0cd2a004257587272e16abdd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:01:33:18:a3:cb:d8:09:c2:62:6f:28:ad:ba:
                    eb:9a:49:e1:91:31:90:3c:df:d9:a0:83:89:6b:63:
                    fa:a7:7e:ea:b1:0d:bd:75:6b:88:c9:20:49:ec:89:
                    a4:13:b5:4e:aa:bf:48:3d:d8:2f:da:1e:73:48:95:
                    57:a2:f2:22:1c:86:cd:16:65:39:d2:dd:b4:f8:8b:
                    6f:65:ce:8e:ca:7a:05:7a:fa:f8:84:28:2f:7f:32:
                    97:10:f5:5e:88:b6:92:09:91:e5:2a:aa:43:98:4e:
                    cb:b6:78:bf:ce:45:e8:88:44:0f:92:f9:14:04:03:
                    22:5b:e5:38:76:60:5a:91:23:74:6f:9c:96:07:7b:
                    ab:f5:b9:9a:48:35:dd:fd:2c:57:c7:da:d6:47:26:
                    bb:76:6d:9f:86:1c:2c:00:92:fb:b3:a7:cf:a1:96:
                    ba:8d:36:55:0a:4f:29:f8:f0:05:9a:1e:f0:72:26:
                    6c:31:a3:5b:f4:47:aa:87:34:4c:d0:9d:f0:7c:42:
                    13:e2:59:17:f4:00:6c:2b:eb:13:10:5d:d5:84:df:
                    6e:14:6e:d3:04:29:cb:c5:6c:c9:e6:b6:7e:8a:ea:
                    de:93:67:8d:54:04:be:c9:ea:f2:6d:02:53:2b:ef:
                    81:6b:0a:b0:70:77:5b:8e:42:af:83:bb:dc:74:e9:
                    5c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:2E:A1:A5:03:FA:D5:C0:CD:2A:00:42:57:58:72:72:E1:6A:BD:D1
            X509v3 Authority Key Identifier:
                keyid:06:01:8E:7B:52:BD:32:68:AA:4D:5D:3A:A5:77:F4:7D:0F:18:75:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fdc9b0-7185-4b18-857d-1d9fe8aa12ab/1/BgGOe1K9MmiqTV06pXf0fQ8YdQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:2d:72:db:fd:36:05:41:f5:d7:af:2a:63:4a:35:15:92:ec:
         76:76:ac:53:c6:06:64:0a:0b:b8:e3:38:eb:7b:be:da:aa:13:
         b2:58:94:c0:08:a5:14:51:fa:f4:e1:b7:fc:7e:41:f8:84:83:
         78:d5:d5:fc:75:f8:33:24:4a:55:c3:19:ff:10:de:13:92:bd:
         40:90:fe:e1:43:64:45:c6:b1:66:b2:6f:59:de:f2:f2:10:4f:
         6c:33:42:a1:dc:be:af:5b:92:0d:b6:d5:0a:30:2c:fa:0e:83:
         9e:dc:f2:2d:fb:df:24:1b:0d:95:22:e9:8f:fc:26:b7:47:c2:
         85:7d:bd:52:6e:61:97:d3:99:e1:87:38:3b:d2:fb:11:de:af:
         8d:c7:ae:94:de:4c:42:cd:6d:9f:fe:84:8f:08:f2:5a:48:9c:
         d6:a4:3d:dc:33:1b:79:04:51:1c:fd:04:26:f7:ad:a5:53:8a:
         8b:e3:5e:dd:42:63:94:9d:ef:df:ab:c9:2a:ff:e8:84:4a:3e:
         be:41:85:86:df:60:df:ea:14:0a:43:4a:fa:03:fd:02:30:ed:
         c1:ce:e9:88:09:16:33:80:d5:11:fd:6b:96:29:e8:cd:9b:68:
         d7:8d:96:33:95:05:8c:c7:32:c0:57:51:5f:73:8b:ac:0b:73:
         92:65:1d:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9HDUPZoq0BEObD1exzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDE4ZTdiNTJiZDMyNjhhYTRkNWQzYWE1NzdmNDdkMGYx
ODc1MDQwHhcNMjUxMTExMDcwMTAzWhcNMjUxMTEyMDcwMTAzWjAzMTEwLwYDVQQD
EygyMTJlYTFhNTAzZmFkNWMwY2QyYTAwNDI1NzU4NzI3MmUxNmFiZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAEzGKPL2AnCYm8orbrrmknhkTGQ
PN/ZoIOJa2P6p37qsQ29dWuIySBJ7ImkE7VOqr9IPdgv2h5zSJVXovIiHIbNFmU5
0t20+ItvZc6OynoFevr4hCgvfzKXEPVeiLaSCZHlKqpDmE7Ltni/zkXoiEQPkvkU
BAMiW+U4dmBakSN0b5yWB3ur9bmaSDXd/SxXx9rWRya7dm2fhhwsAJL7s6fPoZa6
jTZVCk8p+PAFmh7wciZsMaNb9EeqhzRM0J3wfEIT4lkX9ABsK+sTEF3VhN9uFG7T
BCnLxWzJ5rZ+iurek2eNVAS+yerybQJTK++BawqwcHdbjkKvg7vcdOlcuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEuoaUD+tXAzSoAQldYcnLhar3RMB8GA1UdIwQY
MBaAFAYBjntSvTJoqk1dOqV39H0PGHUEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2Qt
MWQ5ZmU4YWExMmFiLzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZGM5YjAtNzE4NS00YjE4LTg1N2QtMWQ5ZmU4YWExMmFi
LzEvQmdHT2UxSzlNbWlxVFYwNnBYZjBmUThZZFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIS1y2/02
BUH1168qY0o1FZLsdnasU8YGZAoLuOM463u+2qoTsliUwAilFFH69OG3/H5B+ISD
eNXV/HX4MyRKVcMZ/xDeE5K9QJD+4UNkRcaxZrJvWd7y8hBPbDNCody+r1uSDbbV
CjAs+g6DntzyLfvfJBsNlSLpj/wmt0fChX29Um5hl9OZ4Yc4O9L7Ed6vjceulN5M
Qs1tn/6EjwjyWkic1qQ93DMbeQRRHP0EJvetpVOKi+Ne3UJjlJ3v36vJKv/ohEo+
vkGFht9g3+oUCkNK+gP9AjDtwc7piAkWM4DVEf1rlinozZto142WM5UFjMcywFdR
X3OLrAtzkmUdkQ==
-----END CERTIFICATE-----