Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          0dGB2LAlGST529ek3Fgp2eAVeMC92XIw7CMn8Cl41k0=
Subject key identifier:   F8:8E:03:9A:39:19:4A:9F:6F:6E:20:5C:59:D5:A2:D8:A5:58:26:F9
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019D3752EA0AFFA0882E04E3BAD8A162A0E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          1065
Signing time:             Sun 29 Mar 2026 02:01:13 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:13 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:13 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: //bAK15VmJ4v0GHKubY7BlXQOHqOebe451EPbyQPOAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:ea:0a:ff:a0:88:2e:04:e3:ba:d8:a1:62:a0:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Mar 29 02:01:13 2026 GMT
            Not After : Mar 30 02:01:13 2026 GMT
        Subject: CN=f88e039a39194a9f6f6e205c59d5a2d8a55826f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:60:ab:d8:fe:ec:b8:b8:b2:28:96:74:c5:03:
                    8e:09:cf:2e:8a:f9:fb:cd:4f:27:d6:32:9a:55:0f:
                    a0:c1:4e:df:15:8d:7c:83:7f:d8:82:33:e2:51:30:
                    ac:ce:54:b9:52:7d:89:e8:84:b8:84:06:d6:46:36:
                    95:5f:7f:91:02:f5:98:29:4d:ba:76:66:ea:64:b5:
                    c9:eb:da:62:61:6a:c0:f3:e2:17:bf:ef:9a:e1:f1:
                    cf:39:ec:64:d4:4f:9a:b4:65:9f:aa:6c:94:93:80:
                    1e:fd:fe:9f:49:45:9e:23:50:a9:32:fe:9e:0f:0f:
                    1c:a0:d8:9a:24:06:d9:84:9a:31:cd:86:b4:73:33:
                    01:93:1e:24:e4:68:fe:81:f2:a5:6e:70:f3:c0:fa:
                    7d:e7:03:1d:35:0e:7a:cc:dd:c2:a2:e3:e2:ea:fc:
                    51:4c:da:70:35:b0:43:76:af:be:a7:f9:28:f5:90:
                    d0:fc:f6:11:52:78:8e:ca:fc:2e:1e:b0:79:ea:af:
                    35:f1:56:b0:fa:db:7b:65:5f:08:c1:a4:4d:62:86:
                    bc:bb:2c:38:3d:08:60:8c:01:e0:67:28:1d:ef:ed:
                    a3:ee:93:73:db:cf:60:ba:71:c5:d2:ec:77:42:de:
                    44:6d:06:34:0a:1a:9e:24:26:c5:25:ce:9f:e4:10:
                    47:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:8E:03:9A:39:19:4A:9F:6F:6E:20:5C:59:D5:A2:D8:A5:58:26:F9
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:15:8c:6b:56:d6:95:08:61:fc:d0:e2:69:05:83:11:78:b7:
         d9:c8:34:b3:cc:78:50:18:f4:df:e0:82:0e:b3:3b:8d:e8:18:
         05:69:94:88:7a:c4:41:2a:7e:af:ab:84:f4:48:3f:0d:e1:6f:
         b5:3c:3a:cb:bd:78:09:36:45:35:1f:9b:59:98:6b:e1:5e:b3:
         de:76:00:78:4f:78:1e:f4:ea:a3:72:d6:7d:13:eb:81:89:37:
         6c:fe:a1:e6:b1:ee:c7:f3:36:c5:7e:3e:9d:61:fa:30:44:80:
         2c:87:bc:c5:fe:0c:ac:c9:0b:de:73:4f:e7:5c:b1:ce:ae:1c:
         8e:c7:19:fd:ef:26:46:80:c0:94:79:6f:d2:7a:88:24:a3:25:
         d4:1d:99:62:2d:7a:0d:44:6f:c0:f0:73:51:0b:98:38:6f:ed:
         80:b0:89:c4:18:61:1e:9d:49:42:d5:59:fb:f4:bd:11:0f:c0:
         e4:07:46:58:17:d3:15:92:bf:79:21:1f:5f:41:6f:18:00:62:
         ed:b7:cc:84:4c:67:3c:8c:a0:a2:be:28:70:01:26:71:52:35:
         c0:67:86:60:da:0f:d5:43:55:56:38:46:a8:b9:f9:bb:8b:06:
         3d:94:ab:b4:88:24:d9:5e:f1:9c:7c:6c:69:51:17:bb:4b:88:
         74:ae:66:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UuoK/6CILgTjutihYqDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjYwMzI5MDIwMTEzWhcNMjYwMzMwMDIwMTEzWjAzMTEwLwYDVQQD
EyhmODhlMDM5YTM5MTk0YTlmNmY2ZTIwNWM1OWQ1YTJkOGE1NTgyNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9WCr2P7suLiyKJZ0xQOOCc8uivn7
zU8n1jKaVQ+gwU7fFY18g3/YgjPiUTCszlS5Un2J6IS4hAbWRjaVX3+RAvWYKU26
dmbqZLXJ69piYWrA8+IXv++a4fHPOexk1E+atGWfqmyUk4Ae/f6fSUWeI1CpMv6e
Dw8coNiaJAbZhJoxzYa0czMBkx4k5Gj+gfKlbnDzwPp95wMdNQ56zN3CouPi6vxR
TNpwNbBDdq++p/ko9ZDQ/PYRUniOyvwuHrB56q818Vaw+tt7ZV8IwaRNYoa8uyw4
PQhgjAHgZygd7+2j7pNz289gunHF0ux3Qt5EbQY0ChqeJCbFJc6f5BBHuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiOA5o5GUqfb24gXFnVotilWCb5MB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmxWMa1bW
lQhh/NDiaQWDEXi32cg0s8x4UBj03+CCDrM7jegYBWmUiHrEQSp+r6uE9Eg/DeFv
tTw6y714CTZFNR+bWZhr4V6z3nYAeE94HvTqo3LWfRPrgYk3bP6h5rHux/M2xX4+
nWH6MESALIe8xf4MrMkL3nNP51yxzq4cjscZ/e8mRoDAlHlv0nqIJKMl1B2ZYi16
DURvwPBzUQuYOG/tgLCJxBhhHp1JQtVZ+/S9EQ/A5AdGWBfTFZK/eSEfX0FvGABi
7bfMhExnPIygor4ocAEmcVI1wGeGYNoP1UNVVjhGqLn5u4sGPZSrtIgk2V7xnHxs
aVEXu0uIdK5mgw==
-----END CERTIFICATE-----