Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          Zs/87A1hCFvp+nz8gxGG5z5Jp6v9Q6WVs3tbceJWChg=
Subject key identifier:   43:F3:62:C7:FC:B3:ED:91:83:0D:C1:61:15:72:0B:D3:F8:01:BE:28
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019E3072D887256D5A6C02B334BD445E61C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          10E6
Signing time:             Sat 16 May 2026 11:01:33 +0000
Manifest this update:     Sat 16 May 2026 11:01:33 +0000
Manifest next update:     Sun 17 May 2026 11:01:33 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: 35MqkmCbCgl9DWLyunNSngf+BkPGWj/CmWGJgbfUQRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:72:d8:87:25:6d:5a:6c:02:b3:34:bd:44:5e:61:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: May 16 11:01:33 2026 GMT
            Not After : May 17 11:01:33 2026 GMT
        Subject: CN=43f362c7fcb3ed91830dc16115720bd3f801be28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a1:89:d6:f0:3d:92:f3:fa:07:2d:53:77:85:
                    3e:04:3f:09:27:77:8d:cd:4b:bf:98:ab:1e:af:88:
                    a3:07:60:b9:38:0a:89:a5:0f:55:a4:08:c9:79:14:
                    cc:8a:df:5e:77:81:a0:75:4c:f6:a4:45:92:cc:e9:
                    c3:0b:1c:dc:ce:63:22:ac:a4:bb:61:11:7a:07:e7:
                    cd:01:d1:07:8d:28:68:db:8e:e1:2d:b9:05:d1:1a:
                    2a:ba:eb:dd:e6:49:59:0e:21:71:9f:39:25:15:1f:
                    d3:22:40:2c:9d:fb:be:d1:cc:57:22:c2:f2:7d:2f:
                    98:26:58:b4:81:20:40:18:60:44:d9:43:6a:69:65:
                    5c:ae:be:22:11:41:25:ce:44:b7:47:d2:c2:dd:69:
                    0a:4c:80:01:7a:21:15:b5:6d:de:7b:45:14:af:db:
                    50:95:e9:49:ba:fc:c7:c0:cf:29:18:30:69:46:22:
                    77:84:4b:d4:92:44:aa:7d:4e:1b:c1:04:65:0f:ce:
                    fb:81:1b:62:e1:55:c5:8f:1e:3b:4d:a5:f1:e1:fb:
                    20:94:19:75:c2:9f:dc:5a:86:73:19:6e:23:14:1f:
                    1b:6b:2e:74:d7:e2:90:d8:9d:a7:9f:33:36:85:5c:
                    37:54:b3:52:0f:cf:59:e1:b2:0e:a8:61:aa:32:f6:
                    4b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F3:62:C7:FC:B3:ED:91:83:0D:C1:61:15:72:0B:D3:F8:01:BE:28
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:67:ac:21:93:bb:12:05:2b:3e:57:98:10:77:27:5f:c5:2b:
         91:c1:e3:50:3a:48:4d:69:88:00:6e:82:2c:4d:4b:08:60:75:
         87:3a:79:05:50:fe:79:18:66:d5:d1:16:fa:81:37:f7:e4:50:
         ed:c6:ac:c4:52:74:a3:3c:3f:53:53:52:0d:c2:d3:29:fd:61:
         a0:11:50:d9:b7:20:dc:d1:37:52:91:38:14:c4:04:1f:4f:87:
         66:c6:33:e4:fa:e4:a7:2d:75:1a:5e:db:c9:91:cc:0c:89:0f:
         1b:09:a3:9e:b2:0a:ce:03:84:06:51:44:4a:cf:e0:31:c0:2a:
         3e:09:10:35:5b:40:69:06:5d:97:81:45:f2:f4:af:ca:e8:fa:
         64:7f:32:c7:c6:17:aa:15:60:ec:a0:d7:4d:65:59:df:c6:ae:
         01:ac:85:2f:20:e3:67:26:46:fb:df:d6:3c:17:e7:59:25:92:
         4e:2d:a9:17:91:a5:b9:3a:e6:a0:13:63:37:10:2c:0f:60:74:
         cf:11:07:f8:c7:36:77:05:8b:5e:dd:72:3c:b9:0c:3e:1f:9c:
         9b:ac:b4:c0:22:1d:a0:1d:b5:bb:9d:fa:42:c5:20:b9:4a:bc:
         77:0c:fd:ae:38:7d:f4:d4:ff:dc:74:e3:cd:b9:f9:b0:29:a4:
         3f:15:56:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wctiHJW1abAKzNL1EXmHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjYwNTE2MTEwMTMzWhcNMjYwNTE3MTEwMTMzWjAzMTEwLwYDVQQD
Eyg0M2YzNjJjN2ZjYjNlZDkxODMwZGMxNjExNTcyMGJkM2Y4MDFiZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6GJ1vA9kvP6By1Td4U+BD8JJ3eN
zUu/mKser4ijB2C5OAqJpQ9VpAjJeRTMit9ed4GgdUz2pEWSzOnDCxzczmMirKS7
YRF6B+fNAdEHjSho247hLbkF0Roquuvd5klZDiFxnzklFR/TIkAsnfu+0cxXIsLy
fS+YJli0gSBAGGBE2UNqaWVcrr4iEUElzkS3R9LC3WkKTIABeiEVtW3ee0UUr9tQ
lelJuvzHwM8pGDBpRiJ3hEvUkkSqfU4bwQRlD877gRti4VXFjx47TaXx4fsglBl1
wp/cWoZzGW4jFB8bay501+KQ2J2nnzM2hVw3VLNSD89Z4bIOqGGqMvZLdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPzYsf8s+2Rgw3BYRVyC9P4Ab4oMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs2esIZO7
EgUrPleYEHcnX8UrkcHjUDpITWmIAG6CLE1LCGB1hzp5BVD+eRhm1dEW+oE39+RQ
7casxFJ0ozw/U1NSDcLTKf1hoBFQ2bcg3NE3UpE4FMQEH0+HZsYz5Prkpy11Gl7b
yZHMDIkPGwmjnrIKzgOEBlFESs/gMcAqPgkQNVtAaQZdl4FF8vSvyuj6ZH8yx8YX
qhVg7KDXTWVZ38auAayFLyDjZyZG+9/WPBfnWSWSTi2pF5GluTrmoBNjNxAsD2B0
zxEH+Mc2dwWLXt1yPLkMPh+cm6y0wCIdoB21u536QsUguUq8dwz9rjh99NT/3HTj
zbn5sCmkPxVWFA==
-----END CERTIFICATE-----