Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          hhkfvJkJMc/0mxhz9EYJJgtF0d9o0c4vuSizkjRYeuA=
Subject key identifier:   69:5F:0E:E8:AB:E7:66:97:74:1C:F4:39:39:D8:8F:10:D4:7C:69:3B
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       019F194322E88E0AD74FE46D460F42330874
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          10C0
Signing time:             Tue 30 Jun 2026 16:00:57 +0000
Manifest this update:     Tue 30 Jun 2026 16:00:57 +0000
Manifest next update:     Wed 01 Jul 2026 16:00:57 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: VYMnoAH5OCxZAvdScmxaBf8oQiWwPqoJEjri4IBkfbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:22:e8:8e:0a:d7:4f:e4:6d:46:0f:42:33:08:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Jun 30 16:00:57 2026 GMT
            Not After : Jul  1 16:00:57 2026 GMT
        Subject: CN=695f0ee8abe76697741cf43939d88f10d47c693b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0e:a6:d2:99:89:83:af:bd:79:88:1e:5a:f2:
                    12:63:73:8d:e0:29:0e:81:cb:ce:ec:3e:40:4c:84:
                    67:26:2b:8c:a7:ad:02:65:9e:23:58:c0:a3:23:b3:
                    f0:50:d9:ce:92:5c:b3:37:75:a6:18:4a:88:74:57:
                    e3:71:51:ad:1c:89:58:21:58:40:14:70:ed:0f:b1:
                    0f:a2:fe:f7:ae:ef:96:d9:ea:76:92:3e:f1:05:ae:
                    2b:90:fe:c1:d4:e4:d5:2e:03:1b:78:31:c3:1e:47:
                    5d:4a:59:fa:c9:5f:c5:c1:a2:93:4c:1a:2d:bc:7e:
                    9e:58:5b:cb:4c:ae:06:fa:65:a6:cc:ac:96:04:89:
                    39:ef:52:c3:0f:f8:10:23:d9:b5:a4:0e:25:25:60:
                    9e:5e:5a:6c:65:b3:8d:14:a1:a8:6f:0f:cb:ed:72:
                    e4:37:10:59:f8:eb:20:53:e9:0e:43:03:ad:4c:e4:
                    01:9e:8f:ff:11:b3:4c:a8:41:4c:03:8e:42:56:1a:
                    70:ac:5c:bb:53:81:80:53:c6:c9:3a:b7:03:5d:c2:
                    6d:46:4b:55:b3:b1:46:40:51:c8:7f:78:22:69:95:
                    c5:63:bd:b8:26:ec:73:22:b7:84:eb:80:2c:c0:ff:
                    87:ac:8d:bc:99:8a:69:25:87:59:13:16:29:95:ff:
                    69:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:5F:0E:E8:AB:E7:66:97:74:1C:F4:39:39:D8:8F:10:D4:7C:69:3B
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:84:a9:20:c6:7b:95:16:40:8f:8f:36:82:4e:a5:11:5c:e0:
         0d:f0:83:68:23:04:34:f2:23:b8:cd:15:f1:6a:b6:7d:0a:db:
         59:0b:fc:fc:21:38:9c:e3:63:12:01:ef:2b:b4:67:a1:27:ce:
         60:86:17:5e:21:17:0b:9c:ff:4a:fa:8b:f4:1d:4c:ac:0a:a7:
         78:6c:cb:e6:9b:6c:c3:4e:ff:52:e6:bf:49:c0:46:ad:f7:63:
         de:69:00:4b:6b:3f:c8:f4:fe:bc:ec:f2:11:34:27:e8:bd:f6:
         cb:6e:a7:a9:7d:64:e4:32:08:4e:8f:f8:23:91:e8:b1:ad:aa:
         62:86:13:92:60:f1:19:f7:41:c0:09:05:8c:eb:1a:ba:cb:e6:
         e9:c8:6e:14:00:b8:71:f5:64:de:e1:8d:eb:c9:7c:3a:d9:48:
         c5:79:e8:83:af:29:b3:06:74:58:c8:aa:52:ab:bc:cc:ca:f0:
         e8:b4:8f:aa:55:4b:6a:27:0f:a2:8e:13:57:4c:8b:af:6a:ea:
         4b:d5:03:db:36:93:97:3a:f0:39:dc:63:2b:f5:bd:9a:0f:2b:
         44:c1:9c:87:43:41:cd:86:6f:9e:4a:03:d5:ef:8d:58:05:60:
         4a:9c:fd:e8:b7:37:58:e4:b4:e7:cb:3c:6a:a9:62:94:8a:7a:
         54:da:43:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQyLojgrXT+RtRg9CMwh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjYwNjMwMTYwMDU3WhcNMjYwNzAxMTYwMDU3WjAzMTEwLwYDVQQD
Eyg2OTVmMGVlOGFiZTc2Njk3NzQxY2Y0MzkzOWQ4OGYxMGQ0N2M2OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ6m0pmJg6+9eYgeWvISY3ON4CkO
gcvO7D5ATIRnJiuMp60CZZ4jWMCjI7PwUNnOklyzN3WmGEqIdFfjcVGtHIlYIVhA
FHDtD7EPov73ru+W2ep2kj7xBa4rkP7B1OTVLgMbeDHDHkddSln6yV/FwaKTTBot
vH6eWFvLTK4G+mWmzKyWBIk571LDD/gQI9m1pA4lJWCeXlpsZbONFKGobw/L7XLk
NxBZ+OsgU+kOQwOtTOQBno//EbNMqEFMA45CVhpwrFy7U4GAU8bJOrcDXcJtRktV
s7FGQFHIf3giaZXFY724JuxzIreE64AswP+HrI28mYppJYdZExYplf9pBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlfDuir52aXdBz0OTnYjxDUfGk7MB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwYSpIMZ7
lRZAj482gk6lEVzgDfCDaCMENPIjuM0V8Wq2fQrbWQv8/CE4nONjEgHvK7RnoSfO
YIYXXiEXC5z/SvqL9B1MrAqneGzL5ptsw07/Uua/ScBGrfdj3mkAS2s/yPT+vOzy
ETQn6L32y26nqX1k5DIITo/4I5Hosa2qYoYTkmDxGfdBwAkFjOsausvm6chuFAC4
cfVk3uGN68l8OtlIxXnog68pswZ0WMiqUqu8zMrw6LSPqlVLaicPoo4TV0yLr2rq
S9UD2zaTlzrwOdxjK/W9mg8rRMGch0NBzYZvnkoD1e+NWAVgSpz96Lc3WOS058s8
aqlilIp6VNpDqA==
-----END CERTIFICATE-----