Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          cZJwD2QZ81PGKZawHKifLan/Knd8L9G8kupW6QAhB4M=
Subject key identifier:   B0:9A:C7:26:79:3D:A2:A4:6E:0F:20:33:A0:02:9C:38:23:AD:63:BB
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       0199221E4FDD97C0BFE5ED6A532B1A91DFDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          08BC
Signing time:             Sun 07 Sep 2025 03:00:35 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:35 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:35 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: NDAyKebFn/eoJaobTL3xcPCXj/Jze+T16Dnr4UTRTGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:4f:dd:97:c0:bf:e5:ed:6a:53:2b:1a:91:df:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Sep  7 03:00:35 2025 GMT
            Not After : Sep  8 03:00:35 2025 GMT
        Subject: CN=b09ac726793da2a46e0f2033a0029c3823ad63bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:60:5a:18:c0:66:3b:16:80:b8:76:3b:cb:98:
                    c8:ac:91:3a:f2:b6:19:5a:68:6e:da:ba:b7:05:db:
                    7b:35:d8:d6:74:9f:58:e4:1e:84:db:d9:10:4c:28:
                    34:da:7d:18:f8:22:c0:28:71:ac:5e:d2:7a:e1:3c:
                    3c:7b:3c:59:0f:29:67:e1:e7:0c:5d:f9:2d:03:f9:
                    d6:48:65:f4:5d:ac:cd:bd:d3:9b:b8:ce:64:de:b7:
                    5f:6c:91:16:1b:9b:b4:99:b4:45:38:c7:7c:8e:bb:
                    ea:fd:20:23:f2:6f:c2:75:d0:ed:28:28:22:e7:5c:
                    3f:31:63:ab:f6:f4:b2:b5:31:ae:42:96:65:f7:a4:
                    6c:2a:f6:0f:b6:2d:c2:47:33:70:86:56:34:0a:9f:
                    5c:c1:cc:c3:bc:de:96:d7:43:c6:63:63:40:40:02:
                    04:72:59:b1:9f:e2:15:57:78:aa:bc:41:29:3e:df:
                    71:e1:77:2a:8c:ba:7a:54:7c:42:c4:d5:9c:56:ad:
                    e0:11:f1:c2:d3:78:24:e4:0e:77:f6:66:c5:6f:d5:
                    8e:93:ff:64:fb:73:4a:8f:ca:42:03:df:98:03:01:
                    b5:cb:f1:45:e5:24:96:30:ca:7f:e3:ed:e5:37:fe:
                    29:62:2c:48:c7:d4:e3:4c:7b:ed:f2:6e:89:1e:de:
                    45:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:9A:C7:26:79:3D:A2:A4:6E:0F:20:33:A0:02:9C:38:23:AD:63:BB
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:44:cb:fb:6c:f8:01:b3:b8:b1:97:a1:a1:2a:91:ea:00:59:
         b8:67:92:d8:72:16:ff:a4:cc:fb:47:b3:62:75:48:28:15:a8:
         78:9b:b1:fc:59:b4:be:4c:14:77:b0:af:35:e8:03:ec:d8:8a:
         e5:19:28:51:2c:ee:fc:79:11:7d:23:ff:6c:27:ef:41:94:31:
         e9:f4:e4:74:a8:25:34:9a:2d:b4:83:c0:4a:c8:b4:39:b1:56:
         17:c5:53:93:2b:04:e8:33:b7:18:7f:f6:94:55:87:05:73:d9:
         f4:a8:b5:69:46:ec:04:85:b9:53:78:bf:98:05:b2:aa:d6:54:
         c2:0e:f1:88:b5:6d:17:2b:fc:8e:1f:a9:6c:95:35:04:12:d7:
         c4:ac:18:c3:15:9d:60:87:93:41:c0:d8:b3:1a:29:5b:28:3e:
         82:5a:fd:34:9f:20:dc:80:ad:6c:74:cd:e8:2a:95:54:1d:47:
         7d:6a:f4:29:2c:72:3c:38:1a:2f:65:c6:97:a0:89:c2:10:79:
         c7:58:07:ce:b1:9d:6c:5a:e9:04:80:d8:2b:f2:97:ed:f6:9c:
         0b:59:c6:2d:55:c1:22:d8:77:f8:5c:37:be:41:b4:3d:17:8c:
         f5:0d:48:9f:cc:0b:8a:9c:47:c4:2a:f0:54:c6:a7:80:e4:1a:
         86:b9:2a:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHk/dl8C/5e1qUysakd/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjUwOTA3MDMwMDM1WhcNMjUwOTA4MDMwMDM1WjAzMTEwLwYDVQQD
EyhiMDlhYzcyNjc5M2RhMmE0NmUwZjIwMzNhMDAyOWMzODIzYWQ2M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mBaGMBmOxaAuHY7y5jIrJE68rYZ
Wmhu2rq3Bdt7NdjWdJ9Y5B6E29kQTCg02n0Y+CLAKHGsXtJ64Tw8ezxZDyln4ecM
XfktA/nWSGX0XazNvdObuM5k3rdfbJEWG5u0mbRFOMd8jrvq/SAj8m/CddDtKCgi
51w/MWOr9vSytTGuQpZl96RsKvYPti3CRzNwhlY0Cp9cwczDvN6W10PGY2NAQAIE
clmxn+IVV3iqvEEpPt9x4XcqjLp6VHxCxNWcVq3gEfHC03gk5A539mbFb9WOk/9k
+3NKj8pCA9+YAwG1y/FF5SSWMMp/4+3lN/4pYixIx9TjTHvt8m6JHt5FUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCaxyZ5PaKkbg8gM6ACnDgjrWO7MB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqUTL+2z4
AbO4sZehoSqR6gBZuGeS2HIW/6TM+0ezYnVIKBWoeJux/Fm0vkwUd7CvNegD7NiK
5RkoUSzu/HkRfSP/bCfvQZQx6fTkdKglNJottIPASsi0ObFWF8VTkysE6DO3GH/2
lFWHBXPZ9Ki1aUbsBIW5U3i/mAWyqtZUwg7xiLVtFyv8jh+pbJU1BBLXxKwYwxWd
YIeTQcDYsxopWyg+glr9NJ8g3ICtbHTN6CqVVB1HfWr0KSxyPDgaL2XGl6CJwhB5
x1gHzrGdbFrpBIDYK/KX7facC1nGLVXBIth3+Fw3vkG0PReM9Q1In8wLipxHxCrw
VMangOQahrkq6Q==
-----END CERTIFICATE-----