Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          HmlU2mYZGXECqGA1Zue6RkNiMpjHQ3tY6NZYdy+DP8c=
Subject key identifier:   83:D0:9D:CA:8D:61:37:A6:77:6C:B4:45:AA:96:B9:63:AB:32:67:91
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       019D3866935E91ACF98F1138711D9F48482D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          05B9
Signing time:             Sun 29 Mar 2026 07:02:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:19 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: HGHoRFbKERRe4CzBr4oQHEQdCrI3OtoEt+L6YK/p9kc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:93:5e:91:ac:f9:8f:11:38:71:1d:9f:48:48:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: Mar 29 07:02:19 2026 GMT
            Not After : Mar 30 07:02:19 2026 GMT
        Subject: CN=83d09dca8d6137a6776cb445aa96b963ab326791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4c:1f:84:90:7e:86:f0:97:97:b1:d4:19:8b:
                    28:80:1d:d0:97:7a:89:7b:5a:52:9a:11:18:48:da:
                    eb:a1:ad:b3:0b:36:16:fd:e7:2c:89:ae:23:82:65:
                    53:3d:78:f2:b8:f5:e5:14:59:66:21:17:a4:df:a5:
                    cd:aa:98:2f:78:73:b1:5e:ff:65:d1:f2:bb:73:2b:
                    6c:93:e8:43:ff:96:64:9a:d2:7b:f1:13:5f:c7:e1:
                    d5:58:58:b1:16:05:69:38:c5:b4:b3:87:db:f2:c6:
                    88:8b:4b:35:e6:c8:90:ca:40:c8:6d:39:f3:68:e7:
                    be:57:6f:2f:8d:78:de:dc:a7:23:99:41:67:13:78:
                    40:70:7e:87:b7:d8:70:ef:17:88:b5:0f:33:cb:58:
                    63:da:52:b9:2b:43:3a:2f:d3:d0:9a:2c:7b:16:a1:
                    52:8c:95:7f:7e:da:99:bf:39:ea:71:f8:bb:e5:9f:
                    36:5a:3f:c4:af:c4:28:c6:ec:8b:66:bc:e7:aa:58:
                    fa:cc:bf:fe:a0:dc:c4:4b:82:54:4f:df:36:9e:78:
                    9f:35:92:c3:bb:a0:13:92:b0:01:fd:6f:7e:18:05:
                    3d:02:cb:17:f1:f5:df:19:2c:32:e3:44:45:e2:94:
                    bf:a3:d8:4b:30:10:83:1b:05:ba:ab:2c:e7:e8:9b:
                    54:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:D0:9D:CA:8D:61:37:A6:77:6C:B4:45:AA:96:B9:63:AB:32:67:91
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:bf:79:af:a3:20:7e:37:11:5e:0f:db:10:d0:2d:a7:ed:3a:
         d8:c1:62:a9:bb:f0:54:4d:37:06:aa:d1:f2:c3:56:a1:82:67:
         37:10:36:1b:d0:8b:f3:eb:96:6e:5a:8c:bf:4f:41:2b:f1:df:
         a7:54:c9:9c:36:7e:c9:0e:42:f7:89:96:79:66:61:17:34:dc:
         09:05:0e:70:5d:52:5b:7c:25:3a:72:39:78:1e:0c:56:9a:f1:
         0c:8a:43:d1:15:a1:36:fc:2b:55:f0:43:dc:39:63:a4:50:a7:
         a5:3b:6f:b1:d9:14:c1:cd:49:e2:4b:0c:46:82:25:a5:ba:d7:
         0e:8b:5b:cd:75:d9:ea:f1:54:55:df:a7:b0:e2:b1:01:60:0e:
         cf:48:6d:b2:11:0b:1f:d0:8f:61:1a:91:3e:e9:01:ff:d5:e1:
         c4:8d:2f:e7:cb:9f:e0:a2:00:74:f4:d9:55:7d:47:33:5e:cd:
         56:c9:fb:98:90:a3:b8:bc:7b:29:03:d6:b5:7f:fe:5b:67:0f:
         db:21:98:24:8e:bd:43:b4:ba:ca:f7:f0:b1:6f:38:70:ed:3a:
         fe:8b:b6:75:1b:2f:e8:eb:a7:51:9f:a1:bb:56:f3:b3:97:28:
         b3:b8:69:c8:7f:66:7a:1f:a1:45:9d:01:50:68:a3:4f:a2:8a:
         c2:b1:a5:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpNekaz5jxE4cR2fSEgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjYwMzI5MDcwMjE5WhcNMjYwMzMwMDcwMjE5WjAzMTEwLwYDVQQD
Eyg4M2QwOWRjYThkNjEzN2E2Nzc2Y2I0NDVhYTk2Yjk2M2FiMzI2NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUwfhJB+hvCXl7HUGYsogB3Ql3qJ
e1pSmhEYSNrroa2zCzYW/ecsia4jgmVTPXjyuPXlFFlmIRek36XNqpgveHOxXv9l
0fK7cytsk+hD/5ZkmtJ78RNfx+HVWFixFgVpOMW0s4fb8saIi0s15siQykDIbTnz
aOe+V28vjXje3KcjmUFnE3hAcH6Ht9hw7xeItQ8zy1hj2lK5K0M6L9PQmix7FqFS
jJV/ftqZvznqcfi75Z82Wj/Er8QoxuyLZrznqlj6zL/+oNzES4JUT982nnifNZLD
u6ATkrAB/W9+GAU9AssX8fXfGSwy40RF4pS/o9hLMBCDGwW6qyzn6JtUQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPQncqNYTemd2y0RaqWuWOrMmeRMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACb95r6Mg
fjcRXg/bENAtp+062MFiqbvwVE03BqrR8sNWoYJnNxA2G9CL8+uWblqMv09BK/Hf
p1TJnDZ+yQ5C94mWeWZhFzTcCQUOcF1SW3wlOnI5eB4MVprxDIpD0RWhNvwrVfBD
3DljpFCnpTtvsdkUwc1J4ksMRoIlpbrXDotbzXXZ6vFUVd+nsOKxAWAOz0htshEL
H9CPYRqRPukB/9XhxI0v58uf4KIAdPTZVX1HM17NVsn7mJCjuLx7KQPWtX/+W2cP
2yGYJI69Q7S6yvfwsW84cO06/ou2dRsv6OunUZ+hu1bzs5cos7hpyH9meh+hRZ0B
UGijT6KKwrGlvQ==
-----END CERTIFICATE-----