Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          kheSLpns2BAyq8rZIzT+UAsUEAKt8GXWTqxKixda1AA=
Subject key identifier:   1D:02:EB:5D:FC:8E:DC:84:31:51:57:36:FA:B5:C0:28:D2:BF:FD:BA
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       019D38662A1FB8A1E07138EBBFFFF433D3CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          0FC7
Signing time:             Sun 29 Mar 2026 07:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:52 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: VKu0JxsKX+MUH9inejEB7k6cdfvmfrJTboKJb2GfMZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2a:1f:b8:a1:e0:71:38:eb:bf:ff:f4:33:d3:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Mar 29 07:01:52 2026 GMT
            Not After : Mar 30 07:01:52 2026 GMT
        Subject: CN=1d02eb5dfc8edc8431515736fab5c028d2bffdba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9b:01:35:94:8b:63:e4:a1:60:8f:f0:19:a0:
                    eb:e4:00:bb:f2:c5:e8:44:ad:a4:9e:81:9f:e8:57:
                    2d:07:83:d4:08:e6:c7:3a:20:f7:88:20:20:68:8c:
                    37:93:ab:40:d1:7b:02:24:1b:36:5e:cd:a2:c5:22:
                    ae:a7:73:6f:c7:fc:55:ab:f1:7f:26:7e:3e:bf:ed:
                    be:45:05:e9:f6:10:df:6a:c2:e0:4d:1c:d9:a1:da:
                    01:4f:6a:57:1a:ed:b4:75:b4:f2:a0:63:a6:c2:a4:
                    3a:6c:54:93:c3:8a:f6:54:f1:99:11:d5:16:81:5d:
                    35:d4:5f:87:14:90:31:fd:db:a6:e1:71:12:72:00:
                    d6:c5:2a:bb:2b:d8:93:62:2c:4c:b0:3b:a3:bc:c1:
                    b4:7f:84:03:8d:8a:1e:8b:ce:62:63:34:38:d0:49:
                    1c:13:28:59:ef:95:04:02:17:c9:8c:ba:42:cf:d2:
                    18:50:1a:df:a6:c7:c7:27:09:26:b2:33:1e:cc:b7:
                    c0:b9:6a:67:d3:3e:2e:ee:7e:2f:95:13:7c:ed:27:
                    ef:2e:63:3d:81:ac:b4:e9:12:36:e0:e9:d5:01:e6:
                    68:28:25:30:8e:90:05:b5:72:f0:63:13:a3:47:bc:
                    e0:b1:b1:ef:10:b5:74:cb:45:48:9d:5a:a3:f7:28:
                    ce:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:02:EB:5D:FC:8E:DC:84:31:51:57:36:FA:B5:C0:28:D2:BF:FD:BA
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:68:a3:92:49:9e:19:13:ef:ae:c7:23:26:5e:d8:d8:97:27:
         be:59:df:b9:66:60:80:71:cc:d9:7f:1a:df:80:2c:a3:f2:ab:
         86:37:47:5c:c5:6f:ff:58:ad:c4:6b:12:4f:73:3c:95:f8:7d:
         da:88:af:23:9b:be:2b:c0:84:86:4a:0a:bf:17:86:81:a8:c9:
         2d:b4:f4:8b:8d:21:19:09:4b:39:78:63:d4:e0:9b:3f:3c:36:
         2a:32:b4:b5:15:7b:9d:87:d8:c2:f3:2d:b8:23:d9:80:54:21:
         cf:4b:4d:4b:b9:87:5d:ce:f4:7a:38:3b:87:91:3a:2c:f4:7d:
         67:f5:b9:d5:0b:b7:56:d9:70:dc:e7:c0:ae:af:30:68:86:ea:
         1e:3c:ee:c6:09:00:a8:70:68:ab:06:c8:aa:30:ec:92:e2:38:
         ce:44:90:93:3c:6c:50:30:51:7b:79:87:cc:8b:e4:e2:02:64:
         17:fd:89:e2:41:2a:63:ee:03:68:57:58:39:0c:d2:ff:2e:f4:
         3c:05:9b:e9:8e:4b:a0:a6:ae:20:d3:64:66:21:a3:bf:ac:ed:
         8d:66:70:9c:f2:98:f1:a8:b2:23:8e:7d:ef:89:6e:95:98:3b:
         d6:b7:06:e3:e8:68:37:dc:e7:75:e0:39:48:ea:74:b2:a9:95:
         62:18:42:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiofuKHgcTjrv//0M9POMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjYwMzI5MDcwMTUyWhcNMjYwMzMwMDcwMTUyWjAzMTEwLwYDVQQD
EygxZDAyZWI1ZGZjOGVkYzg0MzE1MTU3MzZmYWI1YzAyOGQyYmZmZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJsBNZSLY+ShYI/wGaDr5AC78sXo
RK2knoGf6FctB4PUCObHOiD3iCAgaIw3k6tA0XsCJBs2Xs2ixSKup3Nvx/xVq/F/
Jn4+v+2+RQXp9hDfasLgTRzZodoBT2pXGu20dbTyoGOmwqQ6bFSTw4r2VPGZEdUW
gV011F+HFJAx/dum4XEScgDWxSq7K9iTYixMsDujvMG0f4QDjYoei85iYzQ40Ekc
EyhZ75UEAhfJjLpCz9IYUBrfpsfHJwkmsjMezLfAuWpn0z4u7n4vlRN87SfvLmM9
gay06RI24OnVAeZoKCUwjpAFtXLwYxOjR7zgsbHvELV0y0VInVqj9yjOiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0C6138jtyEMVFXNvq1wCjSv/26MB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmijkkme
GRPvrscjJl7Y2JcnvlnfuWZggHHM2X8a34Aso/KrhjdHXMVv/1itxGsST3M8lfh9
2oivI5u+K8CEhkoKvxeGgajJLbT0i40hGQlLOXhj1OCbPzw2KjK0tRV7nYfYwvMt
uCPZgFQhz0tNS7mHXc70ejg7h5E6LPR9Z/W51Qu3Vtlw3OfArq8waIbqHjzuxgkA
qHBoqwbIqjDskuI4zkSQkzxsUDBRe3mHzIvk4gJkF/2J4kEqY+4DaFdYOQzS/y70
PAWb6Y5LoKauINNkZiGjv6ztjWZwnPKY8aiyI45974lulZg71rcG4+hoN9zndeA5
SOp0sqmVYhhCgQ==
-----END CERTIFICATE-----