Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          htN+zFGJVUswWpDvvtYV9r/Qq5JZ+26fKBvwStIusxI=
Subject key identifier:   C2:48:0B:88:D0:B2:C8:37:77:36:BF:CA:20:4D:6B:B6:20:C8:2A:03
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       019A73A6236C7F6D9AA50FA625646086DC5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          044A
Signing time:             Tue 11 Nov 2025 16:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 16:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 16:00:59 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: PJwQj+j0VG/4I3H/PDs5Je7voqQyIfRZQ/TZjWiOQz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:23:6c:7f:6d:9a:a5:0f:a6:25:64:60:86:dc:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: Nov 11 16:00:59 2025 GMT
            Not After : Nov 12 16:00:59 2025 GMT
        Subject: CN=c2480b88d0b2c8377736bfca204d6bb620c82a03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8e:be:7b:a9:95:79:09:37:80:3b:fb:53:ce:
                    8b:0d:16:96:30:7d:e7:42:c2:7b:90:00:f8:14:88:
                    a0:8f:23:4b:f8:0a:64:b4:ac:63:e5:a2:a3:51:96:
                    19:93:29:8d:5e:89:77:7a:14:5e:f6:20:cc:f9:05:
                    f1:fa:00:cf:62:23:99:37:d5:c4:a4:e7:05:75:40:
                    5c:da:f6:14:66:be:c4:d4:6e:c7:c0:a8:ad:95:52:
                    bd:27:98:39:1d:0a:f6:39:e0:b6:c4:51:68:74:88:
                    d8:75:88:f3:49:42:f5:30:a2:52:0c:05:04:c2:7f:
                    58:52:63:03:fe:0b:aa:bf:77:2b:83:d4:5f:d2:32:
                    6d:5c:23:82:df:f8:50:67:12:39:e1:32:8d:e1:e3:
                    2e:23:82:69:cf:d7:26:c0:ec:af:e6:25:fd:0d:c9:
                    c9:f9:77:1e:69:28:14:0b:14:ac:7c:4c:e6:0c:f8:
                    07:76:82:c4:e5:a3:45:c0:ec:5f:32:70:e8:9c:ae:
                    ea:fd:06:f1:b5:c4:50:4d:7a:ec:d1:09:fa:18:b0:
                    85:4d:57:23:69:7f:46:46:6a:22:af:9e:65:21:93:
                    a8:2d:8a:33:77:df:dc:f0:c2:f6:e0:09:46:cd:2c:
                    aa:d9:2d:a7:12:67:17:a5:f2:77:e7:9f:7c:ec:1f:
                    16:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:48:0B:88:D0:B2:C8:37:77:36:BF:CA:20:4D:6B:B6:20:C8:2A:03
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:0f:51:38:1e:4b:0d:23:0e:04:9e:b4:7d:42:65:3e:42:72:
         95:bf:30:59:3f:69:b6:68:67:64:7b:9c:e6:7a:0e:e1:69:1f:
         2b:b0:dc:2f:a0:c9:ba:51:80:95:e5:f3:23:83:d7:c9:9c:1a:
         cb:ff:42:81:82:41:d2:de:c2:9d:d6:3b:f9:1d:65:06:e8:a0:
         cb:57:16:9b:08:b0:fb:2b:af:a4:fd:d8:46:4e:72:4d:4c:1a:
         4b:57:9b:be:39:39:bc:51:9c:94:6f:a7:96:83:e9:2b:a0:e8:
         b2:61:a6:9d:d7:14:a6:46:0f:d1:fc:4a:42:f8:04:57:6f:c8:
         a3:d2:8d:1c:ef:e5:2d:ef:98:b5:65:a8:e1:f1:c6:e7:37:e0:
         8c:e2:89:6a:e7:06:25:73:56:68:1f:c7:8c:d5:cc:ce:ca:1c:
         66:6b:03:4b:f0:0b:43:78:74:a6:fc:1c:d7:87:1c:51:9b:f0:
         c5:6b:55:bc:13:b1:c6:6e:90:6e:22:98:e9:3a:db:39:87:c6:
         af:a8:d2:79:1e:70:b1:56:db:d5:a7:f6:f8:c5:6f:46:6c:13:
         c2:11:1f:78:ce:97:2e:37:a1:a0:96:f6:aa:bf:aa:a0:ce:35:
         0a:89:89:c5:bc:91:74:59:75:36:ce:b1:1e:53:da:3b:67:ed:
         60:b8:0f:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpiNsf22apQ+mJWRghtxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjUxMTExMTYwMDU5WhcNMjUxMTEyMTYwMDU5WjAzMTEwLwYDVQQD
EyhjMjQ4MGI4OGQwYjJjODM3NzczNmJmY2EyMDRkNmJiNjIwYzgyYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv46+e6mVeQk3gDv7U86LDRaWMH3n
QsJ7kAD4FIigjyNL+ApktKxj5aKjUZYZkymNXol3ehRe9iDM+QXx+gDPYiOZN9XE
pOcFdUBc2vYUZr7E1G7HwKitlVK9J5g5HQr2OeC2xFFodIjYdYjzSUL1MKJSDAUE
wn9YUmMD/guqv3crg9Rf0jJtXCOC3/hQZxI54TKN4eMuI4Jpz9cmwOyv5iX9DcnJ
+XceaSgUCxSsfEzmDPgHdoLE5aNFwOxfMnDonK7q/QbxtcRQTXrs0Qn6GLCFTVcj
aX9GRmoir55lIZOoLYozd9/c8ML24AlGzSyq2S2nEmcXpfJ355987B8WMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJIC4jQssg3dza/yiBNa7YgyCoDMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFw9ROB5L
DSMOBJ60fUJlPkJylb8wWT9ptmhnZHuc5noO4WkfK7DcL6DJulGAleXzI4PXyZwa
y/9CgYJB0t7CndY7+R1lBuigy1cWmwiw+yuvpP3YRk5yTUwaS1ebvjk5vFGclG+n
loPpK6DosmGmndcUpkYP0fxKQvgEV2/Io9KNHO/lLe+YtWWo4fHG5zfgjOKJaucG
JXNWaB/HjNXMzsocZmsDS/ALQ3h0pvwc14ccUZvwxWtVvBOxxm6QbiKY6TrbOYfG
r6jSeR5wsVbb1af2+MVvRmwTwhEfeM6XLjehoJb2qr+qoM41ComJxbyRdFl1Ns6x
HlPaO2ftYLgPcg==
-----END CERTIFICATE-----