Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          rLfkypxAzWblZknIC1SRZSBoterdUW2cfuFCKToLFYA=
Subject key identifier:   46:7A:7D:82:AE:2E:68:87:08:21:A3:7F:4F:ED:B8:DF:3C:F5:F1:58
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       019E2F96A1827328069044BAD287A6828BD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          0639
Signing time:             Sat 16 May 2026 07:01:01 +0000
Manifest this update:     Sat 16 May 2026 07:01:01 +0000
Manifest next update:     Sun 17 May 2026 07:01:01 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: WohAUogHbenV/AlRM8uxrcBKsR6Wu4GYvDuPZiLJLOU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:a1:82:73:28:06:90:44:ba:d2:87:a6:82:8b:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: May 16 07:01:01 2026 GMT
            Not After : May 17 07:01:01 2026 GMT
        Subject: CN=467a7d82ae2e68870821a37f4fedb8df3cf5f158
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:57:2d:99:53:18:7b:14:4d:1d:e3:e6:34:20:
                    ec:c6:79:ab:4e:ab:08:6e:b2:5d:4b:f2:6c:d6:0d:
                    02:9d:85:87:72:f0:fd:c6:94:51:66:b8:e6:fd:a6:
                    4e:ba:e0:31:dc:23:e8:ff:41:28:e1:b3:dd:32:23:
                    88:6e:8f:62:fc:ce:94:58:9e:e2:3b:f6:3e:b6:37:
                    4b:eb:8f:de:61:19:c8:7d:04:78:c0:2f:a2:39:05:
                    25:8d:5c:6a:9b:b6:31:be:b5:ed:c3:b8:a2:e8:d2:
                    d3:15:59:b9:b3:4f:b3:fb:8a:ce:5b:ff:32:34:55:
                    57:a1:50:05:65:6e:24:5a:27:a1:88:bf:f5:d7:ca:
                    1c:02:04:cf:44:e1:38:a5:bc:32:54:9a:5e:9b:c8:
                    53:45:8c:57:41:85:4f:9b:e4:f6:29:55:58:00:01:
                    c1:53:d5:1f:4e:7d:d6:a3:b9:6e:a3:8d:32:36:9e:
                    f8:3a:cc:4c:63:71:46:b8:84:3e:b7:d3:f2:9c:b6:
                    30:01:53:9a:a8:5b:91:4a:7e:30:89:46:39:75:3a:
                    cc:e1:0e:59:dc:07:ed:89:6a:15:83:bb:0a:da:c0:
                    9f:ed:9d:46:a8:57:ce:ea:13:d8:58:22:3d:8f:b8:
                    c1:c4:be:49:51:ee:f6:ad:5c:f6:fc:a0:93:bc:9c:
                    c3:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:7A:7D:82:AE:2E:68:87:08:21:A3:7F:4F:ED:B8:DF:3C:F5:F1:58
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:97:d8:f9:36:2f:c5:4a:5b:d9:d6:2e:c0:0e:ae:ac:01:8e:
         68:bf:8c:bc:86:db:3e:79:e6:72:0d:86:f5:48:7c:ad:0c:14:
         26:ce:94:a7:c3:be:e0:70:37:42:95:7e:30:f4:51:3f:09:27:
         81:89:c4:a1:c5:04:1a:f2:cb:c8:44:26:98:52:ad:41:e3:e8:
         48:3d:10:83:31:47:7c:ca:99:f4:75:49:35:d0:34:79:ea:43:
         5e:ed:eb:30:b7:a4:db:6d:57:6f:55:c5:ad:43:0d:37:f1:93:
         f4:c2:d7:31:a8:20:8a:5e:a5:b3:17:a0:b8:25:b4:59:67:45:
         b9:5c:95:04:6a:fa:46:53:03:81:30:e9:dc:16:98:03:1f:0c:
         0e:57:1d:06:46:bc:35:54:6b:c4:10:10:00:ef:37:05:6a:9b:
         e4:5a:c7:ab:19:df:85:d7:95:6b:5d:3f:b4:37:65:8d:f4:3d:
         9d:f9:d9:a2:7d:c7:1f:f3:4d:9b:79:c7:b8:1e:3b:b2:43:4b:
         3c:1d:a1:bb:72:10:b2:a3:0c:23:1a:48:60:5c:a2:f6:86:0f:
         b1:e5:fc:c6:10:03:f7:d8:66:93:d4:7c:bd:0e:1f:6e:92:71:
         c9:12:2d:8e:f4:58:14:1c:cf:13:60:d6:12:e9:36:8e:73:62:
         55:86:5d:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlqGCcygGkES60oemgovQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjYwNTE2MDcwMTAxWhcNMjYwNTE3MDcwMTAxWjAzMTEwLwYDVQQD
Eyg0NjdhN2Q4MmFlMmU2ODg3MDgyMWEzN2Y0ZmVkYjhkZjNjZjVmMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVctmVMYexRNHePmNCDsxnmrTqsI
brJdS/Js1g0CnYWHcvD9xpRRZrjm/aZOuuAx3CPo/0Eo4bPdMiOIbo9i/M6UWJ7i
O/Y+tjdL64/eYRnIfQR4wC+iOQUljVxqm7YxvrXtw7ii6NLTFVm5s0+z+4rOW/8y
NFVXoVAFZW4kWiehiL/118ocAgTPROE4pbwyVJpem8hTRYxXQYVPm+T2KVVYAAHB
U9UfTn3Wo7luo40yNp74OsxMY3FGuIQ+t9PynLYwAVOaqFuRSn4wiUY5dTrM4Q5Z
3AftiWoVg7sK2sCf7Z1GqFfO6hPYWCI9j7jBxL5JUe72rVz2/KCTvJzDgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZ6fYKuLmiHCCGjf0/tuN889fFYMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZfY+TYv
xUpb2dYuwA6urAGOaL+MvIbbPnnmcg2G9Uh8rQwUJs6Up8O+4HA3QpV+MPRRPwkn
gYnEocUEGvLLyEQmmFKtQePoSD0QgzFHfMqZ9HVJNdA0eepDXu3rMLek221Xb1XF
rUMNN/GT9MLXMaggil6lsxeguCW0WWdFuVyVBGr6RlMDgTDp3BaYAx8MDlcdBka8
NVRrxBAQAO83BWqb5FrHqxnfhdeVa10/tDdljfQ9nfnZon3HH/NNm3nHuB47skNL
PB2hu3IQsqMMIxpIYFyi9oYPseX8xhAD99hmk9R8vQ4fbpJxyRItjvRYFBzPE2DW
Euk2jnNiVYZd1g==
-----END CERTIFICATE-----