Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          mfW1aOY/xYhyghWVB/AVZXtb/9ZTRgDcarPoPWEEQ1w=
Subject key identifier:   84:21:14:80:A4:55:43:D5:94:04:AE:FA:66:E9:E5:74:5B:FF:31:80
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       019E311770840E08FE4CDBCFBE3465627E19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          0574
Signing time:             Sat 16 May 2026 14:01:20 +0000
Manifest this update:     Sat 16 May 2026 14:01:20 +0000
Manifest next update:     Sun 17 May 2026 14:01:20 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: dwmlpgDvEMjNInX76NE9JJD9xq739rdcsIT8EHrO3Fo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:17:70:84:0e:08:fe:4c:db:cf:be:34:65:62:7e:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: May 16 14:01:20 2026 GMT
            Not After : May 17 14:01:20 2026 GMT
        Subject: CN=84211480a45543d59404aefa66e9e5745bff3180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7c:4e:a7:1f:71:fc:68:23:c3:f3:2e:8a:71:
                    83:ca:c7:62:07:9c:2d:94:52:09:55:09:11:9a:46:
                    37:0f:6f:30:c7:d5:04:31:54:2f:b6:f7:2b:ac:12:
                    aa:5d:07:b8:16:4b:1f:c1:84:d1:50:1a:bf:4c:95:
                    7f:5f:ec:58:b9:62:62:41:93:ac:35:3b:8c:64:57:
                    45:cf:6d:1c:31:37:19:ed:bb:c8:ec:18:ab:2f:72:
                    8e:4f:26:9f:cc:10:47:36:92:62:19:09:f3:65:ac:
                    79:36:8a:23:01:0d:4d:59:3a:a2:27:dc:18:4b:e1:
                    dc:48:4d:6c:51:b5:1a:8f:01:55:12:3e:11:9e:c4:
                    3a:9d:c4:12:53:b9:25:bf:1b:cd:69:f4:0e:38:1c:
                    df:8e:4b:ab:34:8e:9d:02:77:5c:a7:54:56:d6:be:
                    9e:1a:4b:b4:fc:ae:45:cf:21:cd:e1:0e:af:f0:27:
                    6e:a7:3f:1d:7c:e4:43:21:43:7b:c6:c6:c2:db:79:
                    a4:fd:5f:e7:4f:09:aa:2e:12:37:fe:0d:ae:64:1e:
                    0f:4d:8d:b0:e1:af:0a:b2:89:0c:a4:8c:e5:77:1d:
                    79:02:2b:c9:b3:c1:31:38:3e:59:7e:c4:f2:5a:59:
                    1c:53:c2:ca:02:b2:c7:33:5a:1b:83:7e:79:2d:a7:
                    6f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:21:14:80:A4:55:43:D5:94:04:AE:FA:66:E9:E5:74:5B:FF:31:80
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:1e:81:7f:43:85:f0:0d:7b:30:4d:f6:d2:4e:81:ee:dd:89:
         37:0b:d4:aa:8b:e8:3b:38:a0:1b:67:77:3c:4e:6e:5c:e8:b1:
         fb:50:c8:87:f0:b7:07:fb:15:81:5a:e6:57:11:09:52:8e:db:
         0b:06:08:c9:24:5f:22:e1:88:68:23:db:36:51:4e:d0:5f:00:
         42:51:42:87:4d:9d:e6:89:6d:c5:8f:6c:46:89:34:ec:fe:d1:
         ae:18:03:aa:63:b2:62:de:8c:df:08:1a:73:66:4b:e0:22:43:
         07:03:e8:8a:65:a1:66:3e:3f:fb:ba:7c:64:e8:32:9c:da:27:
         a1:7f:c2:61:e3:69:4a:c1:19:b0:55:b4:18:d7:6a:c6:69:5a:
         b8:29:0c:de:09:e5:c0:f8:2b:7b:d5:c1:4c:ac:79:a8:4e:dd:
         17:aa:33:eb:82:d6:5e:80:2d:f6:34:d1:f8:71:5f:67:52:16:
         18:78:66:b1:37:d9:6e:9e:52:98:c8:e6:2c:66:72:e0:07:59:
         2a:ec:f5:76:00:11:82:ac:90:38:01:6f:b6:2f:98:7e:62:0b:
         79:4d:a1:d9:31:f2:38:e0:6f:ea:49:83:bb:4b:00:92:3f:2b:
         44:49:5c:ab:56:1e:6c:d1:61:f6:8d:14:ec:e6:be:b0:6c:ab:
         cb:35:8b:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xF3CEDgj+TNvPvjRlYn4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjYwNTE2MTQwMTIwWhcNMjYwNTE3MTQwMTIwWjAzMTEwLwYDVQQD
Eyg4NDIxMTQ4MGE0NTU0M2Q1OTQwNGFlZmE2NmU5ZTU3NDViZmYzMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3xOpx9x/Ggjw/MuinGDysdiB5wt
lFIJVQkRmkY3D28wx9UEMVQvtvcrrBKqXQe4FksfwYTRUBq/TJV/X+xYuWJiQZOs
NTuMZFdFz20cMTcZ7bvI7BirL3KOTyafzBBHNpJiGQnzZax5NoojAQ1NWTqiJ9wY
S+HcSE1sUbUajwFVEj4RnsQ6ncQSU7klvxvNafQOOBzfjkurNI6dAndcp1RW1r6e
Gku0/K5FzyHN4Q6v8Cdupz8dfORDIUN7xsbC23mk/V/nTwmqLhI3/g2uZB4PTY2w
4a8KsokMpIzldx15AivJs8ExOD5ZfsTyWlkcU8LKArLHM1obg355LadvKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQhFICkVUPVlASu+mbp5XRb/zGAMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAch6Bf0OF
8A17ME320k6B7t2JNwvUqovoOzigG2d3PE5uXOix+1DIh/C3B/sVgVrmVxEJUo7b
CwYIySRfIuGIaCPbNlFO0F8AQlFCh02d5oltxY9sRok07P7RrhgDqmOyYt6M3wga
c2ZL4CJDBwPoimWhZj4/+7p8ZOgynNonoX/CYeNpSsEZsFW0GNdqxmlauCkM3gnl
wPgre9XBTKx5qE7dF6oz64LWXoAt9jTR+HFfZ1IWGHhmsTfZbp5SmMjmLGZy4AdZ
Kuz1dgARgqyQOAFvti+YfmILeU2h2THyOOBv6kmDu0sAkj8rRElcq1YebNFh9o0U
7Oa+sGyryzWLFA==
-----END CERTIFICATE-----