Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          RmkWlTurTyUv+0WZrwaFxTUr0LD8Dhfnaj1KDFHn4xU=
Subject key identifier:   68:1F:E3:41:9C:A4:9D:75:C8:25:76:E3:3D:B4:EA:ED:4F:6C:0B:25
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       019D38D2D9F7BFDE0268AF1637EB639B54F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          0ADA
Signing time:             Sun 29 Mar 2026 09:00:35 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:35 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:35 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: rW9rxQ+I73Ihu8/TpHvpDa6PQsi2YIR+om7WJQfvPtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:d9:f7:bf:de:02:68:af:16:37:eb:63:9b:54:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Mar 29 09:00:35 2026 GMT
            Not After : Mar 30 09:00:35 2026 GMT
        Subject: CN=681fe3419ca49d75c82576e33db4eaed4f6c0b25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3d:69:4e:b4:21:67:ec:a5:c4:ff:82:2e:f7:
                    bd:bc:49:95:8c:a1:2a:34:7d:1d:32:0c:8e:37:29:
                    11:9b:94:73:2f:5d:18:52:36:a3:8a:4f:1b:a7:52:
                    52:2f:4a:c7:76:4f:13:de:f8:05:a8:55:65:a1:37:
                    2d:d9:ba:2e:f1:8d:56:b4:0e:6c:c1:0a:05:c4:a9:
                    0f:b3:0e:af:a9:c3:24:b1:07:62:e0:d9:37:0e:5b:
                    f8:5b:bd:98:ca:74:32:82:23:ea:35:a2:c8:58:61:
                    78:0c:02:bf:b3:fd:66:c2:51:0d:6c:2f:39:9e:cd:
                    52:9b:d9:f0:3f:e0:6e:6f:06:66:97:0d:2c:37:8d:
                    77:d5:e5:af:92:a8:8b:c4:8c:ed:e8:0a:7f:cd:ea:
                    4d:f4:b9:38:cf:77:ea:72:57:4b:52:dd:31:a9:cd:
                    34:1b:ea:8b:19:8d:84:6f:48:0e:16:9b:94:60:42:
                    08:57:89:da:5c:88:56:39:f5:fa:66:d1:54:5d:8b:
                    b9:c6:5c:0a:2f:58:35:4c:e7:60:ee:fe:86:85:b9:
                    c0:6a:77:47:73:d7:d3:41:de:9f:5a:f7:b3:cb:68:
                    d8:a6:33:de:ef:6d:d2:b5:35:4f:40:05:a1:36:cc:
                    60:34:70:39:13:86:6c:64:60:14:d3:52:b1:17:90:
                    73:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:1F:E3:41:9C:A4:9D:75:C8:25:76:E3:3D:B4:EA:ED:4F:6C:0B:25
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:91:72:fc:1e:f9:c1:17:73:33:2e:a3:38:7b:f8:2a:88:c7:
         c5:37:76:8e:f0:10:aa:61:e0:bc:01:46:1a:62:9d:ce:df:86:
         66:ed:e6:c2:22:3e:a7:0d:52:fd:f0:af:c4:d6:bd:69:51:47:
         32:da:22:5e:b1:18:b1:b6:03:18:d6:74:37:d6:ab:7e:cf:3b:
         e0:1d:e3:56:47:82:60:d8:48:ff:4b:78:91:b2:85:f3:5b:6a:
         54:18:8a:5d:87:6b:d4:43:23:f0:4e:29:36:8c:ad:67:fb:15:
         17:f3:6c:dc:39:37:24:92:e5:7f:0c:7c:61:60:21:8e:65:42:
         c2:16:90:00:c3:d8:8e:26:15:53:0f:45:cf:f9:43:b8:f5:71:
         61:44:f3:55:d1:25:8a:88:8e:01:de:6d:86:3d:4a:c3:39:ab:
         0e:d5:43:5e:9d:b4:9b:94:19:bc:f8:1b:62:b0:88:fd:d6:6f:
         fa:5f:e4:9e:fa:66:5f:bf:5d:5c:33:7d:24:3c:9b:b5:1e:e1:
         70:03:53:49:e7:0b:05:9d:1a:33:04:6f:c8:7a:4e:7e:50:19:
         0e:6c:aa:b0:ac:47:03:90:ec:f5:f2:2e:92:02:db:bb:6a:77:
         a3:e2:8f:2f:d8:a7:cc:cd:b9:52:6b:81:90:de:9b:20:dd:81:
         ee:f4:fe:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tn3v94CaK8WN+tjm1TzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjYwMzI5MDkwMDM1WhcNMjYwMzMwMDkwMDM1WjAzMTEwLwYDVQQD
Eyg2ODFmZTM0MTljYTQ5ZDc1YzgyNTc2ZTMzZGI0ZWFlZDRmNmMwYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT1pTrQhZ+ylxP+CLve9vEmVjKEq
NH0dMgyONykRm5RzL10YUjajik8bp1JSL0rHdk8T3vgFqFVloTct2bou8Y1WtA5s
wQoFxKkPsw6vqcMksQdi4Nk3Dlv4W72YynQygiPqNaLIWGF4DAK/s/1mwlENbC85
ns1Sm9nwP+BubwZmlw0sN4131eWvkqiLxIzt6Ap/zepN9Lk4z3fqcldLUt0xqc00
G+qLGY2Eb0gOFpuUYEIIV4naXIhWOfX6ZtFUXYu5xlwKL1g1TOdg7v6GhbnAandH
c9fTQd6fWvezy2jYpjPe723StTVPQAWhNsxgNHA5E4ZsZGAU01KxF5BzNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgf40GcpJ11yCV24z206u1PbAslMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJFy/B75
wRdzMy6jOHv4KojHxTd2jvAQqmHgvAFGGmKdzt+GZu3mwiI+pw1S/fCvxNa9aVFH
MtoiXrEYsbYDGNZ0N9arfs874B3jVkeCYNhI/0t4kbKF81tqVBiKXYdr1EMj8E4p
NoytZ/sVF/Ns3Dk3JJLlfwx8YWAhjmVCwhaQAMPYjiYVUw9Fz/lDuPVxYUTzVdEl
ioiOAd5thj1KwzmrDtVDXp20m5QZvPgbYrCI/dZv+l/knvpmX79dXDN9JDybtR7h
cANTSecLBZ0aMwRvyHpOflAZDmyqsKxHA5Ds9fIukgLbu2p3o+KPL9inzM25UmuB
kN6bIN2B7vT+ew==
-----END CERTIFICATE-----