Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
File:                     BsL3NfcUX3DScCYC7oyBVknrLkU.mft (raw, json)
Hash identifier:          t7gU1VZN9geM3x8O2dCWbZnSV/PZ5F55hm7ZH0wm6WE=
Subject key identifier:   69:CD:B3:ED:64:CD:19:FC:FB:F3:D4:C8:18:92:3C:5F:00:41:FD:05
Authority key identifier: 06:C2:F7:35:F7:14:5F:70:D2:70:26:02:EE:8C:81:56:49:EB:2E:45
Certificate issuer:       /CN=06c2f735f7145f70d2702602ee8c815649eb2e45
Certificate serial:       019A71B92F7AB80CC7B0F5CD36618E3D31F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
Manifest number:          1153
Signing time:             Tue 11 Nov 2025 07:02:32 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:32 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:32 +0000
Files and hashes:         1: BsL3NfcUX3DScCYC7oyBVknrLkU.crl (hash: cDYb+bTDxPCG2v0cmiD3k4L7UGaNXGgFDAzGNryyQHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:2f:7a:b8:0c:c7:b0:f5:cd:36:61:8e:3d:31:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06c2f735f7145f70d2702602ee8c815649eb2e45
        Validity
            Not Before: Nov 11 07:02:32 2025 GMT
            Not After : Nov 12 07:02:32 2025 GMT
        Subject: CN=69cdb3ed64cd19fcfbf3d4c818923c5f0041fd05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:53:af:73:f6:57:42:5e:9e:be:93:1e:ec:1b:
                    50:7e:33:fc:11:b5:68:65:1f:3f:b3:1c:75:57:2b:
                    a2:e1:03:fd:33:23:0f:a0:a3:70:b2:ec:08:87:c6:
                    d2:6f:6f:0e:d3:83:c6:bc:e5:8d:fc:8b:c7:87:18:
                    fb:71:95:99:c5:1f:ea:1a:27:c5:ca:90:21:26:4a:
                    dc:31:d5:f8:88:e8:65:c8:3b:f5:17:6b:82:85:6f:
                    df:01:49:57:c7:10:d8:91:d0:83:05:f0:2d:b1:bb:
                    b6:f3:3c:bf:91:ea:66:f7:2d:13:98:d8:e1:dd:6c:
                    98:ea:35:55:c4:02:bf:1e:4c:34:44:9d:e0:e5:3c:
                    02:c9:f4:a5:28:76:46:de:aa:f4:55:38:65:f8:1f:
                    f1:c0:9a:4f:ba:38:87:0c:dc:e9:09:52:f9:85:5c:
                    f5:1e:7d:16:00:b0:20:90:de:5f:d1:ef:82:bf:76:
                    6b:9d:63:07:73:fd:7d:8e:57:8c:2e:c5:04:eb:ef:
                    bc:0c:a8:58:b5:df:63:37:26:97:06:a7:b0:43:49:
                    d6:de:65:94:89:0e:8e:bd:d8:a1:65:5f:75:5f:53:
                    80:30:1b:99:74:65:72:24:7b:a2:92:59:21:fe:26:
                    6b:10:04:bb:b3:9c:af:0d:a4:c6:37:99:c5:f0:e2:
                    68:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:CD:B3:ED:64:CD:19:FC:FB:F3:D4:C8:18:92:3C:5F:00:41:FD:05
            X509v3 Authority Key Identifier:
                keyid:06:C2:F7:35:F7:14:5F:70:D2:70:26:02:EE:8C:81:56:49:EB:2E:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:04:8e:37:86:f7:84:d6:0d:96:1f:ea:2f:6d:f5:30:ba:72:
         2b:33:f7:32:5d:92:4f:89:21:12:4b:fe:1a:e6:bb:33:91:1a:
         b5:53:f2:95:44:1f:dc:92:ca:f5:fd:e3:b6:ec:0f:27:bb:ed:
         3c:00:90:a6:0d:71:33:aa:a7:e8:f4:d2:c4:e4:35:a8:1e:5c:
         9e:89:2c:d9:ec:a9:e7:40:4a:59:54:61:46:05:e8:69:58:c5:
         11:98:6a:7c:46:97:61:90:f8:26:fb:2d:e0:68:ee:44:e0:3b:
         74:c6:db:43:39:76:aa:00:a1:b1:f7:30:e2:30:34:20:dd:8f:
         d3:b5:a5:34:62:8a:8f:68:e3:85:a3:6c:4c:47:2a:53:1b:95:
         e9:22:7b:29:7e:9c:03:07:42:a1:af:77:56:96:a6:09:80:66:
         dd:fd:d2:8c:02:80:64:50:d9:e8:d1:71:c4:39:b6:64:af:81:
         29:3f:1c:ac:6b:a0:24:ac:a5:d1:0d:19:26:bd:32:dc:74:25:
         fd:e7:b5:98:7c:3e:3d:75:98:e2:5b:0c:ef:d2:cc:99:82:7f:
         16:be:47:d9:03:ee:33:f4:f3:0c:dd:3f:29:f9:c9:0c:d4:38:
         b4:a4:db:dd:14:4d:9a:c9:29:65:2d:83:61:b8:25:e3:3d:e7:
         73:7d:4c:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuS96uAzHsPXNNmGOPTH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzJmNzM1ZjcxNDVmNzBkMjcwMjYwMmVlOGM4MTU2NDll
YjJlNDUwHhcNMjUxMTExMDcwMjMyWhcNMjUxMTEyMDcwMjMyWjAzMTEwLwYDVQQD
Eyg2OWNkYjNlZDY0Y2QxOWZjZmJmM2Q0YzgxODkyM2M1ZjAwNDFmZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVOvc/ZXQl6evpMe7BtQfjP8EbVo
ZR8/sxx1Vyui4QP9MyMPoKNwsuwIh8bSb28O04PGvOWN/IvHhxj7cZWZxR/qGifF
ypAhJkrcMdX4iOhlyDv1F2uChW/fAUlXxxDYkdCDBfAtsbu28zy/kepm9y0TmNjh
3WyY6jVVxAK/Hkw0RJ3g5TwCyfSlKHZG3qr0VThl+B/xwJpPujiHDNzpCVL5hVz1
Hn0WALAgkN5f0e+Cv3ZrnWMHc/19jleMLsUE6++8DKhYtd9jNyaXBqewQ0nW3mWU
iQ6OvdihZV91X1OAMBuZdGVyJHuiklkh/iZrEAS7s5yvDaTGN5nF8OJooQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGnNs+1kzRn8+/PUyBiSPF8AQf0FMB8GA1UdIwQY
MBaAFAbC9zX3FF9w0nAmAu6MgVZJ6y5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTczMjgtNzdjNi00Y2EzLThiNmQt
MWZmNjMwYzM1MGZmLzEvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTczMjgtNzdjNi00Y2EzLThiNmQtMWZmNjMwYzM1MGZm
LzEvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwgSON4b3
hNYNlh/qL231MLpyKzP3Ml2ST4khEkv+Gua7M5EatVPylUQf3JLK9f3jtuwPJ7vt
PACQpg1xM6qn6PTSxOQ1qB5cnoks2eyp50BKWVRhRgXoaVjFEZhqfEaXYZD4Jvst
4GjuROA7dMbbQzl2qgChsfcw4jA0IN2P07WlNGKKj2jjhaNsTEcqUxuV6SJ7KX6c
AwdCoa93VpamCYBm3f3SjAKAZFDZ6NFxxDm2ZK+BKT8crGugJKyl0Q0ZJr0y3HQl
/ee1mHw+PXWY4lsM79LMmYJ/Fr5H2QPuM/TzDN0/KfnJDNQ4tKTb3RRNmskpZS2D
Ybgl4z3nc31MPQ==
-----END CERTIFICATE-----