Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          d5wf4OW/g9r9BkPIq26n2kpD7PMRNHIYcpjXnCuLQYI=
Subject key identifier:   7F:E0:06:B5:89:FA:52:11:9E:0A:B3:1D:C5:0E:72:5B:9E:F9:E1:CB
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       019E3004FF9803D9CD01BFB5F8C0B8D027A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          0B5A
Signing time:             Sat 16 May 2026 09:01:34 +0000
Manifest this update:     Sat 16 May 2026 09:01:34 +0000
Manifest next update:     Sun 17 May 2026 09:01:34 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: lFg0f+GUBCYg3UyGGEhFhuqxvfX8fPDC7ejzy0HjNo8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:04:ff:98:03:d9:cd:01:bf:b5:f8:c0:b8:d0:27:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: May 16 09:01:34 2026 GMT
            Not After : May 17 09:01:34 2026 GMT
        Subject: CN=7fe006b589fa52119e0ab31dc50e725b9ef9e1cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e2:59:88:93:a9:d6:b1:97:f3:08:ea:49:2d:
                    74:77:8e:4e:d6:c3:ed:23:cd:44:e0:c8:28:df:04:
                    0e:74:b8:dd:5f:37:06:31:66:c5:4a:f3:1c:6f:83:
                    73:10:11:6e:ec:87:15:64:99:01:c6:76:92:26:be:
                    15:24:77:6e:d3:41:88:48:38:32:fc:4e:3d:8c:a4:
                    05:51:56:a1:ba:c7:35:a2:92:f4:77:8b:42:b8:45:
                    3b:54:fc:e9:f4:35:9a:5c:f5:13:48:18:4a:2c:88:
                    99:82:a5:0c:1f:6e:94:82:c2:c6:cc:03:21:48:e9:
                    e7:26:54:5c:43:b0:47:f9:e1:39:18:54:6d:39:ff:
                    ad:5f:25:94:b8:2a:1f:82:49:62:d0:36:a8:fa:84:
                    4a:35:86:94:ec:ee:36:a2:5f:aa:da:8b:bf:06:00:
                    fd:f0:82:7c:a4:48:68:98:b8:ab:fa:88:11:36:b8:
                    51:c2:20:d9:1d:9b:18:bf:83:3d:c1:5e:f1:87:29:
                    bb:89:90:0e:6f:49:33:89:49:1f:b6:ee:00:3b:1f:
                    af:5d:dd:35:7f:28:57:d7:01:c5:86:fe:1f:32:c1:
                    5e:cc:58:70:e6:67:1c:cd:02:54:46:ff:e9:9e:7c:
                    9f:6e:c4:4d:27:2b:c2:85:01:7a:b7:f6:29:5d:49:
                    30:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E0:06:B5:89:FA:52:11:9E:0A:B3:1D:C5:0E:72:5B:9E:F9:E1:CB
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:cd:9a:cc:cf:1a:41:2b:18:97:96:b8:74:85:5c:98:9b:bf:
         38:56:bc:b7:1c:0d:74:9f:46:aa:16:bb:0e:4f:0c:d3:05:c9:
         9a:6a:98:25:3a:69:d0:11:46:73:e7:ae:c8:d4:b9:5a:7c:3a:
         1d:6d:5b:3e:a0:7e:67:61:d3:d7:56:70:1b:9c:c1:c1:9a:d9:
         1d:dc:3e:00:a6:dc:95:74:b8:06:44:50:2e:07:7a:c2:12:46:
         06:9d:4a:e8:35:88:a5:ad:4f:0b:8b:ee:ee:9a:eb:b7:65:90:
         0d:cf:cc:44:66:e8:3f:7e:ff:e6:9d:dc:e9:83:9f:9b:0a:c4:
         8d:1b:eb:e1:65:f7:c3:6a:e8:a3:84:f0:c8:8b:bc:68:41:6c:
         16:07:5d:f3:73:ef:fb:ce:ca:89:65:d2:88:7b:12:1e:cd:87:
         23:df:8a:2e:31:2e:1c:e1:80:ca:50:e6:34:c5:5b:3f:19:d9:
         5c:b9:36:6f:7e:11:4a:e9:67:00:2d:77:55:bf:52:ae:aa:ca:
         3d:e8:6b:92:35:64:7b:89:5b:1d:4d:41:33:6d:df:a1:03:66:
         4d:46:c9:dc:e4:43:a9:cd:1b:a7:44:d6:87:54:8f:f4:ff:6b:
         bd:08:53:f8:b7:71:9b:87:29:da:a7:d5:06:92:98:df:01:6e:
         9c:8f:df:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBP+YA9nNAb+1+MC40CehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjYwNTE2MDkwMTM0WhcNMjYwNTE3MDkwMTM0WjAzMTEwLwYDVQQD
Eyg3ZmUwMDZiNTg5ZmE1MjExOWUwYWIzMWRjNTBlNzI1YjllZjllMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+JZiJOp1rGX8wjqSS10d45O1sPt
I81E4Mgo3wQOdLjdXzcGMWbFSvMcb4NzEBFu7IcVZJkBxnaSJr4VJHdu00GISDgy
/E49jKQFUVahusc1opL0d4tCuEU7VPzp9DWaXPUTSBhKLIiZgqUMH26UgsLGzAMh
SOnnJlRcQ7BH+eE5GFRtOf+tXyWUuCofgkli0Dao+oRKNYaU7O42ol+q2ou/BgD9
8IJ8pEhomLir+ogRNrhRwiDZHZsYv4M9wV7xhym7iZAOb0kziUkftu4AOx+vXd01
fyhX1wHFhv4fMsFezFhw5mcczQJURv/pnnyfbsRNJyvChQF6t/YpXUkwYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/gBrWJ+lIRngqzHcUOclue+eHLMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmM2azM8a
QSsYl5a4dIVcmJu/OFa8txwNdJ9Gqha7Dk8M0wXJmmqYJTpp0BFGc+euyNS5Wnw6
HW1bPqB+Z2HT11ZwG5zBwZrZHdw+AKbclXS4BkRQLgd6whJGBp1K6DWIpa1PC4vu
7prrt2WQDc/MRGboP37/5p3c6YOfmwrEjRvr4WX3w2roo4TwyIu8aEFsFgdd83Pv
+87KiWXSiHsSHs2HI9+KLjEuHOGAylDmNMVbPxnZXLk2b34RSulnAC13Vb9SrqrK
PehrkjVke4lbHU1BM23foQNmTUbJ3ORDqc0bp0TWh1SP9P9rvQhT+Ldxm4cp2qfV
BpKY3wFunI/f7Q==
-----END CERTIFICATE-----