Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          wGMtA7EbNXO0RSb2v5IheEN0hzS29qJPtTX8rpN6Rqg=
Subject key identifier:   B8:05:C8:31:28:AC:5E:94:3C:54:28:5C:28:91:16:60:DA:9A:38:E4
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       0199239F69BC5F5F6693E8EB135EF5AECE9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          039C
Signing time:             Sun 07 Sep 2025 10:01:13 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:13 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:13 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: cPl59sPoIjHmEkZUSEhdIukL9Sc6WKQF3AKROt1zHeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:69:bc:5f:5f:66:93:e8:eb:13:5e:f5:ae:ce:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: Sep  7 10:01:13 2025 GMT
            Not After : Sep  8 10:01:13 2025 GMT
        Subject: CN=b805c83128ac5e943c54285c28911660da9a38e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:9f:e1:84:73:dc:c0:8c:92:3e:68:b6:b7:79:
                    fa:a5:d8:f9:d4:7b:31:9e:a6:56:12:86:98:ca:3d:
                    5e:dd:78:ac:90:8e:61:ab:84:0c:28:f8:c3:42:17:
                    73:21:f4:eb:b2:36:01:5c:36:15:f0:e6:a1:3f:5d:
                    e9:5b:ef:2c:74:a8:4a:9e:10:d6:ce:47:fc:b8:db:
                    c3:be:fc:e0:48:1d:f0:28:f9:7d:fd:aa:93:d7:31:
                    9a:e1:5b:ff:66:bd:41:64:d6:5a:bd:99:5e:c7:4c:
                    9d:6c:ec:85:d4:49:38:7f:63:2d:91:e2:39:e0:a8:
                    c3:01:ac:dd:a3:e5:54:ec:0c:c7:ca:98:ab:78:f9:
                    39:c5:5a:d0:90:c5:14:6a:b1:ff:29:c6:3d:76:7d:
                    48:01:43:cc:90:94:2e:b7:96:ad:6e:72:b8:5b:d9:
                    76:81:45:23:43:e7:4f:0e:21:19:80:e1:f1:51:a7:
                    08:5c:94:c7:54:09:fa:97:04:a4:d6:b6:94:2f:dd:
                    26:28:e1:08:36:8e:a2:87:56:0b:7e:f5:43:b3:4b:
                    ff:e1:b5:61:86:15:3d:2e:72:18:e9:c3:61:28:d3:
                    8b:5e:22:1b:c5:16:92:10:9b:3a:6f:40:d4:be:82:
                    a3:0c:6a:f6:d4:1a:99:8e:31:8b:e4:4e:61:b9:f2:
                    f5:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:05:C8:31:28:AC:5E:94:3C:54:28:5C:28:91:16:60:DA:9A:38:E4
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:a9:94:eb:13:59:86:16:0c:4c:c5:51:c2:1a:82:c9:2d:e2:
         c3:9b:9b:e8:48:92:a5:66:ad:97:03:af:d8:bc:5e:e0:ab:96:
         25:4a:99:9a:da:18:94:86:1b:c8:58:3c:3b:e9:eb:84:d3:f2:
         b7:89:44:4f:8d:00:b5:b1:d2:b8:56:d8:11:12:e5:ec:f3:b4:
         c9:bb:5f:77:41:b2:85:5a:5a:03:4f:f6:35:fe:ff:2c:22:b5:
         c0:4a:84:2e:f3:35:df:7f:2b:e8:3a:c2:da:3c:52:93:59:41:
         df:20:c8:4e:1e:60:6b:76:da:fb:7d:e2:97:2f:1c:15:a4:54:
         7c:8c:46:90:5d:db:53:eb:f6:7d:df:c0:69:34:f6:71:d3:89:
         fc:a0:4a:01:d1:a0:0d:50:20:1c:03:24:62:60:7c:db:ea:e5:
         e6:2a:5a:af:60:5a:95:71:4c:51:bf:f7:79:76:ee:3c:67:c3:
         50:88:3f:25:b5:92:4d:ba:f6:d2:1f:64:b3:99:c7:1d:a3:09:
         e1:da:3f:97:42:1d:7f:87:4f:39:4a:f0:66:0a:13:d3:3a:17:
         8a:a0:c0:67:08:a9:d4:17:d6:fa:3c:b6:4a:ca:ad:02:3e:ac:
         58:f3:ac:f1:e7:e5:07:b5:3a:74:bb:f6:43:e7:46:07:fb:a1:
         b1:f9:d2:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn2m8X19mk+jrE171rs6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjUwOTA3MTAwMTEzWhcNMjUwOTA4MTAwMTEzWjAzMTEwLwYDVQQD
EyhiODA1YzgzMTI4YWM1ZTk0M2M1NDI4NWMyODkxMTY2MGRhOWEzOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp/hhHPcwIySPmi2t3n6pdj51Hsx
nqZWEoaYyj1e3XiskI5hq4QMKPjDQhdzIfTrsjYBXDYV8OahP13pW+8sdKhKnhDW
zkf8uNvDvvzgSB3wKPl9/aqT1zGa4Vv/Zr1BZNZavZlex0ydbOyF1Ek4f2MtkeI5
4KjDAazdo+VU7AzHypirePk5xVrQkMUUarH/KcY9dn1IAUPMkJQut5atbnK4W9l2
gUUjQ+dPDiEZgOHxUacIXJTHVAn6lwSk1raUL90mKOEINo6ih1YLfvVDs0v/4bVh
hhU9LnIY6cNhKNOLXiIbxRaSEJs6b0DUvoKjDGr21BqZjjGL5E5hufL1wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgFyDEorF6UPFQoXCiRFmDamjjkMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsKmU6xNZ
hhYMTMVRwhqCyS3iw5ub6EiSpWatlwOv2Lxe4KuWJUqZmtoYlIYbyFg8O+nrhNPy
t4lET40AtbHSuFbYERLl7PO0ybtfd0GyhVpaA0/2Nf7/LCK1wEqELvM1338r6DrC
2jxSk1lB3yDITh5ga3ba+33ily8cFaRUfIxGkF3bU+v2fd/AaTT2cdOJ/KBKAdGg
DVAgHAMkYmB82+rl5ipar2BalXFMUb/3eXbuPGfDUIg/JbWSTbr20h9ks5nHHaMJ
4do/l0Idf4dPOUrwZgoT0zoXiqDAZwip1BfW+jy2SsqtAj6sWPOs8eflB7U6dLv2
Q+dGB/uhsfnS6w==
-----END CERTIFICATE-----