Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          NcDypMV6zZYsRIiFwj8PCQSVUcbRU1X1nGHrqwMOTqM=
Subject key identifier:   0C:94:1B:3C:4D:B5:EA:19:F8:27:1E:59:32:49:E0:8A:46:6A:07:0E
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       0199239F2C13B021EABA50D384F8D4368B0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          0DAA
Signing time:             Sun 07 Sep 2025 10:00:57 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:57 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:57 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: 3mkRk60fTZCv4MJoVs7m1cGWVbPj7/XoNZxisU+aFvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:2c:13:b0:21:ea:ba:50:d3:84:f8:d4:36:8b:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Sep  7 10:00:57 2025 GMT
            Not After : Sep  8 10:00:57 2025 GMT
        Subject: CN=0c941b3c4db5ea19f8271e593249e08a466a070e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:7e:92:4b:6d:63:69:ef:cc:7e:dd:10:10:1c:
                    ff:4f:9c:a6:9a:1c:42:da:f8:c8:d7:7d:af:c5:01:
                    64:f8:04:1b:6f:ae:eb:bc:60:aa:9f:bb:fc:ea:41:
                    b3:f5:f4:62:2f:ed:bc:0f:22:11:eb:83:60:a1:41:
                    5d:f9:d4:f5:e0:5a:e2:ab:a7:3b:5e:d8:81:6b:c9:
                    7a:f8:5a:d9:a4:a2:67:6a:c8:c8:fe:7d:39:86:8b:
                    a7:1b:c6:16:03:5f:da:db:21:cc:9c:ad:71:57:11:
                    b4:b8:3f:f7:12:df:52:e6:a3:02:86:5e:08:8c:ba:
                    a7:6c:42:57:69:27:2c:12:06:b3:c1:57:22:f1:14:
                    8a:5d:af:f3:04:51:ca:9e:08:c6:08:7e:1e:cc:d4:
                    36:7e:11:49:5d:02:23:d0:9f:42:2d:d5:ed:0c:16:
                    32:73:e8:b0:79:87:10:0b:e4:1e:e3:87:43:e8:1f:
                    f5:1c:70:a2:1b:02:44:3e:9a:64:f7:e9:f7:3b:ed:
                    17:04:d9:3d:41:d9:8f:86:98:84:1e:51:3c:a0:d4:
                    1a:3b:3f:18:63:63:02:73:59:f9:2f:8a:b4:4d:85:
                    07:e4:2d:1e:7f:ea:ec:66:0f:59:da:3a:e1:82:80:
                    93:12:88:d3:1f:e7:fc:53:27:a4:27:3f:8f:05:64:
                    b5:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:94:1B:3C:4D:B5:EA:19:F8:27:1E:59:32:49:E0:8A:46:6A:07:0E
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:6c:f6:0f:0b:07:bc:a1:3a:a0:c1:6f:9f:30:d5:e8:14:b0:
         30:5c:1a:72:42:6c:3b:2e:94:cc:60:c6:4c:fc:be:43:11:84:
         3b:f5:3d:7a:b8:0c:44:e7:ad:a9:ee:38:22:29:13:bf:38:7f:
         90:36:fe:ea:73:6d:3a:18:7d:e7:6a:4c:c5:a1:c7:c7:8e:c9:
         c6:f1:0b:cd:11:f5:bc:01:10:e2:fd:23:62:44:08:7f:56:fe:
         bb:8a:24:21:ae:6d:03:cf:3e:24:92:6c:3b:01:86:5c:a2:b9:
         71:b7:b5:fe:8b:20:cd:da:49:95:6b:c7:ff:55:37:e2:ab:eb:
         bf:48:f3:3a:55:6b:d4:ec:ab:f1:5c:4d:d9:ec:d4:7e:ce:23:
         96:d0:6d:0e:ed:23:41:96:b3:c3:7a:53:39:c3:fc:9d:70:9f:
         e1:ec:6f:80:50:91:37:76:e8:d3:1b:93:95:ca:d9:17:e1:5f:
         f1:95:e4:cc:5e:ef:1d:e8:1c:e6:3f:d7:22:e1:90:57:51:26:
         d3:9e:0c:70:62:f4:99:32:c3:eb:e8:bc:86:df:cb:b7:13:1c:
         80:59:fd:26:70:e8:96:8b:f6:6b:c6:e9:91:df:fc:b5:1f:be:
         9a:6e:28:a0:1d:cc:c9:07:c1:3c:46:47:9b:fb:4a:aa:6e:4e:
         6c:d0:ff:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnywTsCHqulDThPjUNosPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjUwOTA3MTAwMDU3WhcNMjUwOTA4MTAwMDU3WjAzMTEwLwYDVQQD
EygwYzk0MWIzYzRkYjVlYTE5ZjgyNzFlNTkzMjQ5ZTA4YTQ2NmEwNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX6SS21jae/Mft0QEBz/T5ymmhxC
2vjI132vxQFk+AQbb67rvGCqn7v86kGz9fRiL+28DyIR64NgoUFd+dT14Friq6c7
XtiBa8l6+FrZpKJnasjI/n05hounG8YWA1/a2yHMnK1xVxG0uD/3Et9S5qMChl4I
jLqnbEJXaScsEgazwVci8RSKXa/zBFHKngjGCH4ezNQ2fhFJXQIj0J9CLdXtDBYy
c+iweYcQC+Qe44dD6B/1HHCiGwJEPppk9+n3O+0XBNk9QdmPhpiEHlE8oNQaOz8Y
Y2MCc1n5L4q0TYUH5C0ef+rsZg9Z2jrhgoCTEojTH+f8UyekJz+PBWS1lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyUGzxNteoZ+CceWTJJ4IpGagcOMB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApWz2DwsH
vKE6oMFvnzDV6BSwMFwackJsOy6UzGDGTPy+QxGEO/U9ergMROetqe44IikTvzh/
kDb+6nNtOhh952pMxaHHx47JxvELzRH1vAEQ4v0jYkQIf1b+u4okIa5tA88+JJJs
OwGGXKK5cbe1/osgzdpJlWvH/1U34qvrv0jzOlVr1Oyr8VxN2ezUfs4jltBtDu0j
QZazw3pTOcP8nXCf4exvgFCRN3bo0xuTlcrZF+Ff8ZXkzF7vHegc5j/XIuGQV1Em
054McGL0mTLD6+i8ht/LtxMcgFn9JnDolov2a8bpkd/8tR++mm4ooB3MyQfBPEZH
m/tKqm5ObND/jg==
-----END CERTIFICATE-----