Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          gu6k65lO0j9VnImxTvsC83x8siA+dQbpnzXejhTowxU=
Subject key identifier:   49:7D:1F:DF:8C:E4:65:A3:99:28:4F:12:87:C5:8F:A2:E8:73:42:97
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019E3004E03AF0EF02D3CACE1CEEF50EE16F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0D9D
Signing time:             Sat 16 May 2026 09:01:26 +0000
Manifest this update:     Sat 16 May 2026 09:01:26 +0000
Manifest next update:     Sun 17 May 2026 09:01:26 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: DKuQ8DoGg6n3jw2rjwo3tnN13QHhhCvbZpVqPImZlfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:04:e0:3a:f0:ef:02:d3:ca:ce:1c:ee:f5:0e:e1:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: May 16 09:01:26 2026 GMT
            Not After : May 17 09:01:26 2026 GMT
        Subject: CN=497d1fdf8ce465a399284f1287c58fa2e8734297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:b8:6b:e4:f5:69:91:62:31:89:ae:e8:06:32:
                    c1:74:44:9d:cf:df:3d:c1:1a:42:05:b6:de:ff:0d:
                    cb:dd:eb:41:ed:b0:54:a1:f0:bf:78:5b:ee:1b:73:
                    30:71:90:43:8a:aa:e7:8e:af:2a:4b:e1:8e:3a:94:
                    80:60:7e:ec:f6:86:26:d1:cc:1f:3c:bf:de:aa:19:
                    c1:df:29:8d:44:96:de:f2:e3:f6:5f:b3:1f:8f:c5:
                    46:75:67:72:1c:f6:27:be:bc:ee:73:e5:3a:54:17:
                    3b:f1:f6:a7:27:1b:40:53:cb:01:f4:de:c1:20:a1:
                    e3:49:53:c6:37:2f:1b:1b:f4:e7:d5:a9:2e:21:44:
                    51:e1:2e:85:e2:cb:99:df:db:c2:7c:9a:6a:49:d7:
                    92:9f:14:66:76:d6:6e:77:5b:97:45:73:4a:7a:f1:
                    7f:40:56:34:76:89:6a:8e:21:05:64:7a:cf:6d:37:
                    94:7e:9e:06:38:f0:dc:fd:77:8d:22:6a:5c:ab:68:
                    ec:bc:5b:7c:10:7e:fa:e9:6f:e3:d2:32:dc:8c:a2:
                    3a:ae:d3:d9:c0:6a:d7:4c:01:aa:f6:b3:a7:aa:bc:
                    50:74:e9:1d:0b:8b:12:b5:17:31:48:d2:b2:1e:cc:
                    33:4f:79:d4:01:03:e5:ed:b8:1f:8c:e0:c3:04:ad:
                    d5:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:7D:1F:DF:8C:E4:65:A3:99:28:4F:12:87:C5:8F:A2:E8:73:42:97
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:57:c9:95:54:8a:2b:3e:b2:b2:ce:e1:d0:a0:ff:2c:7f:34:
         9b:6b:10:ef:39:68:96:88:e3:e0:14:cd:94:b1:3d:85:64:21:
         8d:81:08:b7:ae:73:2d:46:56:80:9d:df:5a:b2:23:20:20:f9:
         2f:ef:e9:47:2c:d7:b4:ba:f9:09:d9:55:1e:9c:fe:be:37:11:
         b0:ca:57:a9:ee:cd:f3:15:e4:e6:b2:88:de:e4:28:91:d7:00:
         09:35:2f:a1:d4:e3:d3:e3:b9:42:6c:18:76:0f:96:6b:84:6c:
         83:67:df:01:14:09:70:dd:71:77:23:4d:b6:71:fa:fc:49:3a:
         f3:3f:cf:99:62:d5:cb:4a:97:7c:22:b1:65:6e:0a:aa:fd:82:
         58:ba:56:70:b8:c3:21:48:6a:4e:b7:80:6b:d9:2e:38:4c:e0:
         ac:7c:44:09:3e:d9:98:1e:8f:ea:5f:57:6b:e0:2b:de:3b:c2:
         49:bb:ac:e6:4d:c5:dc:9f:2a:37:d5:c9:f7:82:3b:6c:52:55:
         c0:3f:8d:31:9c:dc:3d:fe:54:51:d6:b5:a3:22:cb:48:a4:8e:
         67:d5:19:ac:f6:b6:d8:df:29:fe:b9:62:c0:53:df:d4:1b:b5:
         41:12:74:e3:2a:ea:f8:d7:62:c2:01:71:7d:b9:98:51:62:e5:
         0b:6d:3d:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBOA68O8C08rOHO71DuFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjYwNTE2MDkwMTI2WhcNMjYwNTE3MDkwMTI2WjAzMTEwLwYDVQQD
Eyg0OTdkMWZkZjhjZTQ2NWEzOTkyODRmMTI4N2M1OGZhMmU4NzM0Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bhr5PVpkWIxia7oBjLBdESdz989
wRpCBbbe/w3L3etB7bBUofC/eFvuG3MwcZBDiqrnjq8qS+GOOpSAYH7s9oYm0cwf
PL/eqhnB3ymNRJbe8uP2X7Mfj8VGdWdyHPYnvrzuc+U6VBc78fanJxtAU8sB9N7B
IKHjSVPGNy8bG/Tn1akuIURR4S6F4suZ39vCfJpqSdeSnxRmdtZud1uXRXNKevF/
QFY0dolqjiEFZHrPbTeUfp4GOPDc/XeNImpcq2jsvFt8EH766W/j0jLcjKI6rtPZ
wGrXTAGq9rOnqrxQdOkdC4sStRcxSNKyHswzT3nUAQPl7bgfjODDBK3VQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEl9H9+M5GWjmShPEofFj6Loc0KXMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvFfJlVSK
Kz6yss7h0KD/LH80m2sQ7zlolojj4BTNlLE9hWQhjYEIt65zLUZWgJ3fWrIjICD5
L+/pRyzXtLr5CdlVHpz+vjcRsMpXqe7N8xXk5rKI3uQokdcACTUvodTj0+O5QmwY
dg+Wa4Rsg2ffARQJcN1xdyNNtnH6/Ek68z/PmWLVy0qXfCKxZW4Kqv2CWLpWcLjD
IUhqTreAa9kuOEzgrHxECT7ZmB6P6l9Xa+Ar3jvCSbus5k3F3J8qN9XJ94I7bFJV
wD+NMZzcPf5UUda1oyLLSKSOZ9UZrPa22N8p/rliwFPf1Bu1QRJ04yrq+NdiwgFx
fbmYUWLlC2098g==
-----END CERTIFICATE-----