Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
File:                     BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft (raw, json)
Hash identifier:          59WbxmM9N0op2W1TrhoO5GrqWG/QDCqeWOOwLeQbHNo=
Subject key identifier:   54:B5:2D:7C:24:65:D2:22:CF:90:B7:41:89:45:42:F3:CA:51:E7:59
Authority key identifier: 06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4
Certificate issuer:       /CN=066ba209c50c02a858b54308c82ae5bf302efaa4
Certificate serial:       019D3865FC639FEB9C6DD49DFB6345908D32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
Manifest number:          1560
Signing time:             Sun 29 Mar 2026 07:01:40 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:40 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:40 +0000
Files and hashes:         1: BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl (hash: rwdy0q8o8a694NAI4I7h88+lb60MX2pE2vhkXfoo03Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:fc:63:9f:eb:9c:6d:d4:9d:fb:63:45:90:8d:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=066ba209c50c02a858b54308c82ae5bf302efaa4
        Validity
            Not Before: Mar 29 07:01:40 2026 GMT
            Not After : Mar 30 07:01:40 2026 GMT
        Subject: CN=54b52d7c2465d222cf90b741894542f3ca51e759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:19:6d:c8:64:ac:de:f9:4b:c6:7e:fa:1f:b3:
                    2a:e2:42:f7:37:28:0d:33:e7:06:a2:e0:3d:3c:62:
                    85:60:b6:06:f2:ba:f9:f9:3d:8f:50:9a:20:62:43:
                    33:df:8d:2a:35:c7:9a:36:11:87:8f:ef:71:27:f5:
                    65:ae:06:74:1c:c6:6f:10:d3:e8:fd:99:01:82:8e:
                    5c:9a:91:27:1f:d9:36:d8:2a:c3:51:c2:2b:55:1c:
                    d3:20:d3:5f:b7:5a:d2:6e:c9:f2:5a:ed:92:92:80:
                    18:34:95:6b:87:b9:48:32:98:58:3b:87:80:c5:36:
                    c1:f1:9c:de:a8:29:8e:68:46:18:b1:07:bb:dd:a6:
                    85:3f:d2:4b:94:df:10:34:0d:22:c3:48:f6:f4:18:
                    f2:26:14:91:e2:e7:f0:cc:26:6d:50:9e:c2:f7:fd:
                    8c:db:29:97:47:94:68:1e:03:4d:0c:3e:b4:6d:2a:
                    57:41:f0:7d:1b:76:75:9d:0f:72:a1:fa:cd:0b:ce:
                    f3:eb:b9:6d:ae:b5:44:6d:27:92:19:ab:cb:fb:d4:
                    ab:81:83:db:56:e8:50:f8:ce:22:99:b6:a3:92:81:
                    8f:c1:c5:11:3a:b8:f2:77:e1:3a:08:5f:f8:9b:36:
                    a7:7e:14:a3:1b:21:8c:6b:67:38:92:71:2a:ce:4d:
                    b0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:B5:2D:7C:24:65:D2:22:CF:90:B7:41:89:45:42:F3:CA:51:E7:59
            X509v3 Authority Key Identifier:
                keyid:06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:0c:6c:e7:a8:94:6c:98:cb:5c:eb:f9:87:ff:c6:2f:d1:44:
         27:1d:3c:83:55:b3:7a:8d:41:eb:cc:33:0b:f9:50:9b:bc:a1:
         87:f7:25:37:eb:ed:e9:10:df:7b:62:87:97:40:cd:b0:97:c1:
         b4:79:e1:cf:d0:af:a1:9f:5c:30:f6:23:ea:dc:12:c4:ba:15:
         44:de:ca:72:31:76:8b:00:62:5f:a6:f1:5d:f9:44:6e:d6:c4:
         ef:d4:fd:3e:50:5b:fb:5f:6c:6d:53:f9:c1:ed:3a:74:5d:c3:
         09:e2:ba:b9:7d:6c:5c:2e:7a:a3:9f:06:da:f7:b7:fc:10:cd:
         4c:c2:c1:84:f1:a0:a8:cd:6f:44:73:fd:09:b4:c9:c9:0d:e8:
         e4:b6:7e:aa:72:cf:8d:5a:48:18:eb:09:1e:4d:7c:af:7b:a1:
         ce:7d:57:d9:01:51:e4:8d:b5:f8:8c:14:54:42:56:84:ca:42:
         ef:54:16:7c:85:96:52:89:c8:11:a3:ee:ac:94:84:a3:3c:3a:
         b5:f5:28:25:be:e4:63:82:14:82:8a:e9:6d:7c:13:ce:da:3f:
         69:21:e8:89:f0:ce:f1:bc:b6:f8:cd:b8:3f:b5:b7:87:f8:3a:
         8e:38:59:c8:13:2e:4f:bc:df:f0:04:a5:0a:33:35:ba:ac:e3:
         6d:fe:79:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zfxjn+ucbdSd+2NFkI0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NmJhMjA5YzUwYzAyYTg1OGI1NDMwOGM4MmFlNWJmMzAy
ZWZhYTQwHhcNMjYwMzI5MDcwMTQwWhcNMjYwMzMwMDcwMTQwWjAzMTEwLwYDVQQD
Eyg1NGI1MmQ3YzI0NjVkMjIyY2Y5MGI3NDE4OTQ1NDJmM2NhNTFlNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhltyGSs3vlLxn76H7Mq4kL3NygN
M+cGouA9PGKFYLYG8rr5+T2PUJogYkMz340qNceaNhGHj+9xJ/VlrgZ0HMZvENPo
/ZkBgo5cmpEnH9k22CrDUcIrVRzTINNft1rSbsnyWu2SkoAYNJVrh7lIMphYO4eA
xTbB8ZzeqCmOaEYYsQe73aaFP9JLlN8QNA0iw0j29BjyJhSR4ufwzCZtUJ7C9/2M
2ymXR5RoHgNNDD60bSpXQfB9G3Z1nQ9yofrNC87z67ltrrVEbSeSGavL+9SrgYPb
VuhQ+M4imbajkoGPwcUROrjyd+E6CF/4mzanfhSjGyGMa2c4knEqzk2wTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFS1LXwkZdIiz5C3QYlFQvPKUedZMB8GA1UdIwQY
MBaAFAZrognFDAKoWLVDCMgq5b8wLvqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYt
OTNmZmVjNWMzYzgxLzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMTUxYjgtZDhmMS00MTAyLTkzNmYtOTNmZmVjNWMzYzgx
LzEvQm11aUNjVU1BcWhZdFVNSXlDcmx2ekF1LXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxwxs56iU
bJjLXOv5h//GL9FEJx08g1Wzeo1B68wzC/lQm7yhh/clN+vt6RDfe2KHl0DNsJfB
tHnhz9CvoZ9cMPYj6twSxLoVRN7KcjF2iwBiX6bxXflEbtbE79T9PlBb+19sbVP5
we06dF3DCeK6uX1sXC56o58G2ve3/BDNTMLBhPGgqM1vRHP9CbTJyQ3o5LZ+qnLP
jVpIGOsJHk18r3uhzn1X2QFR5I21+IwUVEJWhMpC71QWfIWWUonIEaPurJSEozw6
tfUoJb7kY4IUgorpbXwTzto/aSHoifDO8by2+M24P7W3h/g6jjhZyBMuT7zf8ASl
CjM1uqzjbf55Ug==
-----END CERTIFICATE-----