Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          skjNcF4gmcibX2BAKiN4ns5cQ1jbqBAk5JSBlDwUAss=
Subject key identifier:   07:67:83:D4:6F:63:1A:3C:19:F0:FD:91:AF:59:1B:BC:BA:72:EF:29
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019A7225A00D24EEBFE532E284B246AA597B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0BAD
Signing time:             Tue 11 Nov 2025 09:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:59 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: jIFJhpa9urxstoaje9m4bPGkv1ZILQlt+9q9YkpSg6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:a0:0d:24:ee:bf:e5:32:e2:84:b2:46:aa:59:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Nov 11 09:00:59 2025 GMT
            Not After : Nov 12 09:00:59 2025 GMT
        Subject: CN=076783d46f631a3c19f0fd91af591bbcba72ef29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:3a:a7:cd:79:f3:4d:44:fb:9d:8d:5f:dc:98:
                    c2:e7:e4:cc:90:45:87:e5:af:2b:b4:62:81:6f:75:
                    2f:6b:ef:d3:13:51:80:a3:a4:af:6c:85:4a:a8:77:
                    81:fc:e9:71:fa:a2:41:14:ea:04:6c:e6:8e:c3:d1:
                    29:9c:b7:46:d4:3f:dc:32:95:c9:48:b3:46:ea:69:
                    ec:9b:93:23:8f:83:24:f9:d7:d2:20:1b:34:a3:ea:
                    44:2e:3c:c1:f5:b4:4a:c7:fa:94:56:a1:23:3e:a2:
                    a9:d0:6b:87:83:01:cc:9e:e3:40:5c:31:bc:74:57:
                    39:7c:ae:45:83:59:80:d7:eb:5d:2a:28:2e:19:31:
                    80:d6:74:0e:46:63:ba:8e:f0:81:5f:1a:00:07:68:
                    c4:9f:ad:72:39:1a:7b:23:42:e5:09:2e:91:c4:33:
                    15:af:02:73:94:cd:60:75:c8:82:82:75:fa:9c:c1:
                    45:c6:f0:a6:ce:8d:d5:fd:ce:bb:fe:a4:16:2e:48:
                    8b:68:e8:d4:7a:99:74:af:01:2c:11:72:d8:5d:65:
                    91:9a:d6:19:d4:e5:d8:b7:3c:07:35:dd:81:a4:70:
                    12:9e:06:af:45:20:94:68:19:33:b0:b6:75:5b:89:
                    a5:c5:2c:5c:53:e4:61:15:50:bd:4b:4d:7a:0d:d6:
                    a7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:67:83:D4:6F:63:1A:3C:19:F0:FD:91:AF:59:1B:BC:BA:72:EF:29
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:24:33:8b:85:83:25:42:ca:0e:af:f9:b6:76:d7:51:4c:96:
         23:6d:bb:eb:5b:02:ca:29:10:ec:5c:0d:97:88:ec:cc:cd:2b:
         08:3e:ff:12:1b:c2:c5:18:b2:93:47:72:81:66:38:6c:2b:3f:
         c5:a0:2e:bf:e2:24:0e:02:16:a3:e6:b5:ad:53:b9:24:35:c3:
         b8:1c:13:b2:04:24:59:cd:aa:98:a4:c8:eb:d4:d8:34:d4:d0:
         64:e0:98:cb:18:a5:fc:cb:03:11:f9:6d:2c:df:ec:21:df:09:
         4c:96:a7:3c:a0:84:d9:0e:29:f6:2b:df:b5:b0:bf:a1:41:1c:
         9f:cd:03:04:13:9f:92:86:d8:2e:e9:df:04:a8:0d:42:55:32:
         9d:57:fa:73:6c:5b:df:a2:69:74:f1:3e:ed:47:67:3f:cc:30:
         ae:5a:92:92:9f:f8:43:c2:99:06:13:e4:e2:3d:0b:f1:6d:28:
         59:2a:9d:4a:57:ad:08:e1:d9:a4:6b:79:19:94:ac:e2:c9:a3:
         6b:ee:41:58:bf:fe:23:84:fd:8d:62:95:da:30:8f:2c:9a:9a:
         b4:24:71:45:d8:5c:09:a2:6d:d4:13:97:eb:25:f4:03:c9:e0:
         d8:43:19:73:cf:e4:02:cb:0c:50:aa:6f:4f:3f:12:be:7b:94:
         f0:a7:bd:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaANJO6/5TLihLJGqll7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjUxMTExMDkwMDU5WhcNMjUxMTEyMDkwMDU5WjAzMTEwLwYDVQQD
EygwNzY3ODNkNDZmNjMxYTNjMTlmMGZkOTFhZjU5MWJiY2JhNzJlZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDqnzXnzTUT7nY1f3JjC5+TMkEWH
5a8rtGKBb3Uva+/TE1GAo6SvbIVKqHeB/Olx+qJBFOoEbOaOw9EpnLdG1D/cMpXJ
SLNG6mnsm5Mjj4Mk+dfSIBs0o+pELjzB9bRKx/qUVqEjPqKp0GuHgwHMnuNAXDG8
dFc5fK5Fg1mA1+tdKiguGTGA1nQORmO6jvCBXxoAB2jEn61yORp7I0LlCS6RxDMV
rwJzlM1gdciCgnX6nMFFxvCmzo3V/c67/qQWLkiLaOjUepl0rwEsEXLYXWWRmtYZ
1OXYtzwHNd2BpHASngavRSCUaBkzsLZ1W4mlxSxcU+RhFVC9S016DdanMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdng9RvYxo8GfD9ka9ZG7y6cu8pMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlCQzi4WD
JULKDq/5tnbXUUyWI22761sCyikQ7FwNl4jszM0rCD7/EhvCxRiyk0dygWY4bCs/
xaAuv+IkDgIWo+a1rVO5JDXDuBwTsgQkWc2qmKTI69TYNNTQZOCYyxil/MsDEflt
LN/sId8JTJanPKCE2Q4p9ivftbC/oUEcn80DBBOfkobYLunfBKgNQlUynVf6c2xb
36JpdPE+7UdnP8wwrlqSkp/4Q8KZBhPk4j0L8W0oWSqdSletCOHZpGt5GZSs4smj
a+5BWL/+I4T9jWKV2jCPLJqatCRxRdhcCaJt1BOX6yX0A8ng2EMZc8/kAssMUKpv
Tz8SvnuU8Ke9TQ==
-----END CERTIFICATE-----