Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          QHDCkVrEjzM3dOyjgjmOZU7ZTtR3dGdg79k7ZjdTxq4=
Subject key identifier:   81:B3:56:68:0C:7E:7A:3B:9F:8C:87:CD:B4:2B:8D:AB:59:29:2D:A9
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       019A7225CACD935B7479A8540001B84103B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          096A
Signing time:             Tue 11 Nov 2025 09:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:10 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: EoTBRIFuX9hfdT53rMtiFnL4yWpZJosxFnSCTypERbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:ca:cd:93:5b:74:79:a8:54:00:01:b8:41:03:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Nov 11 09:01:10 2025 GMT
            Not After : Nov 12 09:01:10 2025 GMT
        Subject: CN=81b356680c7e7a3b9f8c87cdb42b8dab59292da9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:39:46:3c:f7:1e:02:3f:7e:64:51:44:8e:4d:
                    d7:10:b5:2b:1c:2a:c9:24:d7:2e:b8:6c:f9:56:a6:
                    4d:b7:bf:6c:aa:a0:40:33:2f:e1:1d:b0:39:9e:2c:
                    a6:84:4b:c5:32:40:b6:74:6e:7a:92:3e:3a:b6:d2:
                    52:30:6c:90:6f:48:48:19:66:d9:8e:7f:09:18:18:
                    4b:38:ab:97:25:77:f3:a1:4e:d1:f7:0b:05:e7:3e:
                    23:66:0e:28:d3:c4:b3:ab:2a:25:20:3a:26:5d:f4:
                    17:ee:4c:c6:88:c6:a0:21:26:9c:a1:90:e8:e8:c4:
                    c4:b0:67:e1:86:52:3e:e1:97:27:70:0b:44:9b:9e:
                    22:d5:a3:7d:0b:93:a2:8a:f0:9a:47:08:33:73:43:
                    2f:16:a9:5a:b9:f1:8d:02:3d:30:3a:5c:76:23:c1:
                    66:7b:de:12:83:46:de:a1:7d:4b:ce:68:f2:f2:5e:
                    cf:e3:26:6a:b3:f0:c3:24:ba:56:06:e3:5c:f1:a6:
                    77:f0:84:f0:05:19:4a:3c:c8:8f:7e:4e:99:95:bd:
                    e5:c8:71:c8:08:67:57:ef:81:4d:15:4b:af:3b:d1:
                    7c:77:bd:92:fd:31:be:0b:fe:0a:b2:5d:2f:78:9a:
                    5c:d2:1c:ee:d0:1b:7b:f3:4e:c6:43:73:3c:88:fa:
                    0d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:B3:56:68:0C:7E:7A:3B:9F:8C:87:CD:B4:2B:8D:AB:59:29:2D:A9
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:8d:9d:25:d0:6b:1d:a7:fb:93:a4:f0:4e:70:cb:32:ef:3d:
         2a:db:65:21:1b:5a:fa:8a:c9:1d:44:25:5f:39:50:88:2b:69:
         77:bb:1f:bc:4c:e0:4e:aa:b2:ef:56:7d:1b:48:e4:ec:32:61:
         67:43:79:dd:73:e6:a6:ac:08:b9:13:6a:48:1f:f2:a9:f9:76:
         5f:cb:dd:ec:6d:69:d8:3a:58:db:5f:25:53:f6:bf:2f:96:02:
         83:25:51:73:43:4f:1b:a0:1f:bc:9d:be:3a:c2:b8:5c:74:31:
         0e:73:c7:c5:2a:d7:49:df:ab:c5:72:fd:7f:a5:79:6f:9c:48:
         15:ed:0a:4b:39:ab:01:cb:54:94:6c:77:56:f7:13:7b:c1:60:
         11:8a:50:47:67:fc:9c:00:b9:cc:04:ae:21:17:5a:83:e6:38:
         0a:67:af:e0:21:3a:c8:52:01:09:99:c7:9e:8e:3f:4f:9d:67:
         49:60:d9:70:ac:de:1e:9a:d2:eb:59:8e:c9:e2:e7:b7:c3:83:
         ab:27:28:a8:b4:e4:ac:fc:fe:a1:7e:63:94:4c:17:ba:18:77:
         b0:d7:46:8b:08:a9:e1:b7:5c:d6:6e:5c:46:fa:0c:81:a4:2c:
         00:0a:43:65:09:6d:ae:8f:00:c9:f8:f0:f4:ba:0e:63:a3:dd:
         2f:3f:3e:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcrNk1t0eahUAAG4QQO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjUxMTExMDkwMTEwWhcNMjUxMTEyMDkwMTEwWjAzMTEwLwYDVQQD
Eyg4MWIzNTY2ODBjN2U3YTNiOWY4Yzg3Y2RiNDJiOGRhYjU5MjkyZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jlGPPceAj9+ZFFEjk3XELUrHCrJ
JNcuuGz5VqZNt79sqqBAMy/hHbA5niymhEvFMkC2dG56kj46ttJSMGyQb0hIGWbZ
jn8JGBhLOKuXJXfzoU7R9wsF5z4jZg4o08SzqyolIDomXfQX7kzGiMagISacoZDo
6MTEsGfhhlI+4ZcncAtEm54i1aN9C5OiivCaRwgzc0MvFqlaufGNAj0wOlx2I8Fm
e94Sg0beoX1Lzmjy8l7P4yZqs/DDJLpWBuNc8aZ38ITwBRlKPMiPfk6Zlb3lyHHI
CGdX74FNFUuvO9F8d72S/TG+C/4Ksl0veJpc0hzu0Bt7807GQ3M8iPoN0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGzVmgMfno7n4yHzbQrjatZKS2pMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmI2dJdBr
Haf7k6TwTnDLMu89KttlIRta+orJHUQlXzlQiCtpd7sfvEzgTqqy71Z9G0jk7DJh
Z0N53XPmpqwIuRNqSB/yqfl2X8vd7G1p2DpY218lU/a/L5YCgyVRc0NPG6AfvJ2+
OsK4XHQxDnPHxSrXSd+rxXL9f6V5b5xIFe0KSzmrActUlGx3VvcTe8FgEYpQR2f8
nAC5zASuIRdag+Y4Cmev4CE6yFIBCZnHno4/T51nSWDZcKzeHprS61mOyeLnt8OD
qycoqLTkrPz+oX5jlEwXuhh3sNdGiwip4bdc1m5cRvoMgaQsAApDZQltro8Ayfjw
9LoOY6PdLz8+wg==
-----END CERTIFICATE-----