Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          5Ab3NIakcv2my6rxZ4PJxaGkJVzgz1cJaBKKD753oKU=
Subject key identifier:   D7:13:DC:86:08:21:29:3E:06:80:C0:67:F9:32:11:AA:2E:A8:C3:FA
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019F17C2E2D7D9FA29A4F5F5C74C83C91E19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0E15
Signing time:             Tue 30 Jun 2026 09:01:15 +0000
Manifest this update:     Tue 30 Jun 2026 09:01:15 +0000
Manifest next update:     Wed 01 Jul 2026 09:01:15 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: EYcKwOAj/oClHJMSbkkvYB8w4O7RK+o46NIDWmv9fp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c2:e2:d7:d9:fa:29:a4:f5:f5:c7:4c:83:c9:1e:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Jun 30 09:01:15 2026 GMT
            Not After : Jul  1 09:01:15 2026 GMT
        Subject: CN=d713dc860821293e0680c067f93211aa2ea8c3fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:5d:d2:3c:de:34:19:a2:c3:18:08:86:92:09:
                    aa:09:f6:c4:16:d6:99:56:2f:68:8e:65:70:4a:e0:
                    9e:ca:68:ae:16:a4:c7:99:a1:90:02:f9:2c:a0:e5:
                    b3:91:95:1b:e6:d9:c5:ca:e3:24:88:2d:f8:43:73:
                    92:9a:47:65:86:90:f3:f2:a5:a8:be:8f:ff:49:53:
                    ac:43:ec:13:92:fc:74:bb:2c:12:1d:36:a2:2f:14:
                    34:1a:97:54:e7:d7:6d:bb:c9:18:0a:5f:8a:14:28:
                    8d:b8:b6:fc:49:39:2a:f1:7e:ec:d1:2a:26:31:43:
                    f0:f2:8e:79:6b:ed:ff:90:64:1e:1a:08:77:df:14:
                    8e:df:10:7f:83:18:6f:61:7d:e2:17:80:6c:1b:7d:
                    3a:cd:08:0d:6e:ed:e3:f0:e2:10:80:c1:12:02:bd:
                    80:03:e4:6b:0d:fb:95:1d:9f:1c:06:b1:33:68:f5:
                    63:c3:d2:6e:9f:36:35:6a:89:a1:9e:58:84:ff:90:
                    8c:ff:3a:ec:ef:95:a1:48:f9:fc:33:19:56:a7:5a:
                    76:c0:a7:08:61:2d:78:f4:85:21:45:21:30:87:31:
                    10:c5:a2:f7:a0:ae:85:2a:5b:44:4c:79:40:95:b5:
                    28:e3:17:70:c8:37:17:4c:20:f2:04:6a:aa:b7:60:
                    cc:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:13:DC:86:08:21:29:3E:06:80:C0:67:F9:32:11:AA:2E:A8:C3:FA
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:16:9c:c9:2a:6a:5e:b8:ae:00:2e:86:cf:d4:99:d3:b5:99:
         46:1b:89:d3:23:93:52:52:11:29:70:58:8f:e9:89:5f:b4:15:
         46:b9:d2:b5:6a:21:dd:1d:f1:de:49:25:57:ca:46:c9:b2:92:
         a8:70:7b:9d:2e:66:86:de:e5:77:3b:20:8b:9b:18:4a:a6:2f:
         f9:12:49:76:c3:8f:7d:1d:80:4a:81:1b:9c:a9:d5:5a:ee:50:
         37:85:e6:13:9a:df:58:e8:ce:41:e1:1d:a4:38:4c:8e:09:86:
         37:fe:34:93:40:ca:96:38:d7:17:4d:74:c1:b2:27:f5:59:70:
         d9:aa:a2:8c:88:38:d0:4f:2a:7b:62:b8:cb:6f:78:df:46:e7:
         43:c6:fb:2b:10:00:c9:62:3c:e2:4f:ca:ea:10:9e:15:ff:46:
         af:3e:06:24:75:f6:64:8f:02:39:1b:04:64:ff:47:c1:ce:b8:
         8b:6f:32:99:41:6b:a2:f4:fa:b1:d1:62:4a:22:0f:d1:9f:3a:
         bd:3a:2c:d1:01:4e:d4:cb:4c:65:0f:81:bb:ae:5a:34:3d:34:
         46:c8:0b:50:f6:89:5a:5e:53:3b:88:f4:1f:6c:e4:55:bb:3f:
         01:0a:a6:f1:2c:9b:01:c7:8f:5b:e0:c4:c1:9f:64:f1:28:43:
         e8:d5:43:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwuLX2foppPX1x0yDyR4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjYwNjMwMDkwMTE1WhcNMjYwNzAxMDkwMTE1WjAzMTEwLwYDVQQD
EyhkNzEzZGM4NjA4MjEyOTNlMDY4MGMwNjdmOTMyMTFhYTJlYThjM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl3SPN40GaLDGAiGkgmqCfbEFtaZ
Vi9ojmVwSuCeymiuFqTHmaGQAvksoOWzkZUb5tnFyuMkiC34Q3OSmkdlhpDz8qWo
vo//SVOsQ+wTkvx0uywSHTaiLxQ0GpdU59dtu8kYCl+KFCiNuLb8STkq8X7s0Som
MUPw8o55a+3/kGQeGgh33xSO3xB/gxhvYX3iF4BsG306zQgNbu3j8OIQgMESAr2A
A+RrDfuVHZ8cBrEzaPVjw9JunzY1aomhnliE/5CM/zrs75WhSPn8MxlWp1p2wKcI
YS149IUhRSEwhzEQxaL3oK6FKltETHlAlbUo4xdwyDcXTCDyBGqqt2DMMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcT3IYIISk+BoDAZ/kyEaouqMP6MB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjBacySpq
XriuAC6Gz9SZ07WZRhuJ0yOTUlIRKXBYj+mJX7QVRrnStWoh3R3x3kklV8pGybKS
qHB7nS5mht7ldzsgi5sYSqYv+RJJdsOPfR2ASoEbnKnVWu5QN4XmE5rfWOjOQeEd
pDhMjgmGN/40k0DKljjXF010wbIn9Vlw2aqijIg40E8qe2K4y29430bnQ8b7KxAA
yWI84k/K6hCeFf9Grz4GJHX2ZI8CORsEZP9Hwc64i28ymUFrovT6sdFiSiIP0Z86
vTos0QFO1MtMZQ+Bu65aND00RsgLUPaJWl5TO4j0H2zkVbs/AQqm8SybAcePW+DE
wZ9k8ShD6NVDwQ==
-----END CERTIFICATE-----