Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          of+zasOC88CfBpvLGFjjrcHp75/wzjb73yiYJICM/kE=
Subject key identifier:   97:3C:0B:61:7E:0E:40:21:E8:E1:55:DD:21:F0:4F:7D:EA:3E:B4:1B
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019A7293D465F5FBB71DB8EC36416BC7182B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0EF6
Signing time:             Tue 11 Nov 2025 11:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:21 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: 0R5NSTJEHj3/7lxF6f+4hFNhwPmGiOjyUzyziq0rddI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:d4:65:f5:fb:b7:1d:b8:ec:36:41:6b:c7:18:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Nov 11 11:01:21 2025 GMT
            Not After : Nov 12 11:01:21 2025 GMT
        Subject: CN=973c0b617e0e4021e8e155dd21f04f7dea3eb41b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:90:58:5f:7e:a6:cb:1f:66:72:cd:0d:6e:c6:
                    c8:00:54:0f:41:08:96:5e:d6:91:dd:39:b6:af:d5:
                    2f:61:94:ff:43:54:76:ab:27:2f:bd:85:17:fc:c9:
                    0a:dc:9a:45:0f:db:a8:d6:db:a8:71:a9:6b:26:2e:
                    89:3f:4b:32:b6:4d:11:54:bc:d3:ca:a1:2c:52:21:
                    d6:13:ac:ad:23:f7:a9:89:00:9f:81:a3:5e:12:d2:
                    b6:8f:ba:f6:6c:61:9f:cf:d8:61:a9:7c:68:25:ec:
                    54:97:02:99:96:43:72:ef:eb:02:55:79:1c:88:36:
                    cc:74:97:2e:b1:9a:f2:36:ec:70:92:1f:91:dc:c7:
                    da:99:fb:97:fe:8e:7b:6f:f4:d3:d5:c1:2c:76:a8:
                    50:d7:7b:4f:c1:83:fb:76:45:85:2f:4b:ca:99:5f:
                    8a:f6:9d:f6:6d:8d:34:a5:14:50:2d:3c:4f:e8:50:
                    49:ac:0f:d4:27:16:3a:c4:ba:c2:45:78:ae:f7:66:
                    83:80:d5:45:ec:f6:fd:3d:cb:78:59:92:45:25:97:
                    4a:07:a1:d6:f9:07:35:7f:7f:77:9c:e1:79:40:da:
                    92:aa:45:ef:92:1d:67:f6:b6:23:b8:83:b1:b2:d9:
                    cc:c1:fd:94:9a:6c:ff:9d:c5:5d:33:a4:6e:fa:85:
                    d2:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:3C:0B:61:7E:0E:40:21:E8:E1:55:DD:21:F0:4F:7D:EA:3E:B4:1B
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:56:aa:5a:f7:ab:f7:61:55:3e:90:cc:6e:45:d7:2b:65:6d:
         2d:29:e2:25:ef:ab:80:39:a3:0e:fd:28:4e:99:21:7f:c2:9b:
         25:ff:e6:55:41:3e:0b:64:03:63:0d:e7:f7:88:25:7d:d4:7c:
         ff:88:e7:14:c3:c8:28:e1:2b:9f:58:4c:cb:2c:dc:02:bb:42:
         92:1c:f2:1f:fe:e6:e3:34:4b:4a:2d:3c:80:01:ea:12:0f:28:
         36:d4:3a:7b:fc:ba:91:98:67:c2:c5:03:90:c3:58:c4:f4:f2:
         16:74:74:2e:eb:54:2e:d6:4e:3f:e5:d1:8a:cf:cb:25:f6:52:
         e5:d5:11:60:f7:bf:c5:09:c8:5f:5c:56:3b:fa:9a:0b:77:23:
         4c:1a:32:ea:2c:79:ca:1c:a5:5d:0a:da:a3:a8:bd:24:82:8c:
         be:0f:fe:b9:99:73:2e:aa:e1:65:ca:0a:5e:f8:a2:80:22:59:
         34:03:68:06:98:46:7c:73:20:38:12:a2:72:38:fe:3d:6d:cc:
         e6:78:03:7d:f8:77:b7:71:4a:f0:d6:a7:26:21:8e:83:73:dc:
         20:b0:f8:18:ce:dc:9d:fe:97:f7:7d:c3:bf:03:ee:f9:b4:f7:
         f4:6a:71:19:c6:29:7d:7a:ef:a6:94:67:1d:b4:2f:38:47:61:
         40:07:9d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk9Rl9fu3HbjsNkFrxxgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjUxMTExMTEwMTIxWhcNMjUxMTEyMTEwMTIxWjAzMTEwLwYDVQQD
Eyg5NzNjMGI2MTdlMGU0MDIxZThlMTU1ZGQyMWYwNGY3ZGVhM2ViNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZBYX36myx9mcs0NbsbIAFQPQQiW
XtaR3Tm2r9UvYZT/Q1R2qycvvYUX/MkK3JpFD9uo1tuocalrJi6JP0sytk0RVLzT
yqEsUiHWE6ytI/epiQCfgaNeEtK2j7r2bGGfz9hhqXxoJexUlwKZlkNy7+sCVXkc
iDbMdJcusZryNuxwkh+R3MfamfuX/o57b/TT1cEsdqhQ13tPwYP7dkWFL0vKmV+K
9p32bY00pRRQLTxP6FBJrA/UJxY6xLrCRXiu92aDgNVF7Pb9Pct4WZJFJZdKB6HW
+Qc1f393nOF5QNqSqkXvkh1n9rYjuIOxstnMwf2Ummz/ncVdM6Ru+oXSywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJc8C2F+DkAh6OFV3SHwT33qPrQbMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1aqWver
92FVPpDMbkXXK2VtLSniJe+rgDmjDv0oTpkhf8KbJf/mVUE+C2QDYw3n94glfdR8
/4jnFMPIKOErn1hMyyzcArtCkhzyH/7m4zRLSi08gAHqEg8oNtQ6e/y6kZhnwsUD
kMNYxPTyFnR0LutULtZOP+XRis/LJfZS5dURYPe/xQnIX1xWO/qaC3cjTBoy6ix5
yhylXQrao6i9JIKMvg/+uZlzLqrhZcoKXviigCJZNANoBphGfHMgOBKicjj+PW3M
5ngDffh3t3FK8NanJiGOg3PcILD4GM7cnf6X933DvwPu+bT39GpxGcYpfXrvppRn
HbQvOEdhQAedpQ==
-----END CERTIFICATE-----