Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
File:                     BkwamGxZM6O5EIToo_8IBm05jhk.mft (raw, json)
Hash identifier:          +pr0cib0xHhUG/hgmuYX3nSF/PMHXTE5ESjcaD0UWOQ=
Subject key identifier:   D0:AF:E4:C6:9D:CA:40:65:2B:7E:C9:DB:33:D8:04:D3:78:67:90:3C
Authority key identifier: 06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
Certificate issuer:       /CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Certificate serial:       019E318539320F949D0404A0C78278BEB844
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
Manifest number:          0D20
Signing time:             Sat 16 May 2026 16:01:14 +0000
Manifest this update:     Sat 16 May 2026 16:01:14 +0000
Manifest next update:     Sun 17 May 2026 16:01:14 +0000
Files and hashes:         1: BkwamGxZM6O5EIToo_8IBm05jhk.crl (hash: IoQ4Sd0DSUVaYxifnUYCVd6/jvapUhKBN0dbM334rlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:85:39:32:0f:94:9d:04:04:a0:c7:82:78:be:b8:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064c1a986c5933a3b91084e8a3ff08066d398e19
        Validity
            Not Before: May 16 16:01:14 2026 GMT
            Not After : May 17 16:01:14 2026 GMT
        Subject: CN=d0afe4c69dca40652b7ec9db33d804d37867903c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ea:a5:87:76:9a:87:b5:c8:03:23:1a:9d:84:
                    bb:88:f0:c2:8b:56:d9:28:d4:da:34:23:a3:84:9b:
                    31:ac:f4:3f:05:5c:16:5a:df:31:ae:6d:4e:a8:bd:
                    11:8a:98:d5:53:ea:95:bd:e5:83:fa:19:92:51:94:
                    09:1c:97:e5:80:58:4e:3f:f1:46:3c:42:62:57:fb:
                    81:e9:29:2b:86:0f:2b:a4:a0:e4:b6:2a:15:7c:53:
                    b8:67:1c:21:3a:79:bc:73:b8:5f:7e:ad:96:81:fc:
                    88:61:12:1a:1b:7e:4a:4f:b9:4d:15:1c:e2:cf:ab:
                    ce:e1:29:6f:f4:92:27:59:f1:ff:d1:40:ee:ca:a1:
                    4a:3e:1e:a5:13:e6:2f:34:a7:fa:3b:49:e3:5e:bc:
                    b2:63:e0:f3:d3:5c:5e:fe:45:d1:da:59:33:a1:93:
                    0f:ed:ee:53:32:37:07:19:e0:02:ea:02:ce:27:7e:
                    37:3b:86:2e:49:33:6b:56:61:ff:ca:94:cd:2a:e7:
                    33:6d:93:88:0f:90:31:cb:a6:f9:bc:1d:99:fa:d6:
                    6e:c8:78:27:fa:c4:2f:30:ed:74:b9:75:97:13:3f:
                    72:33:1a:b1:15:6b:b1:80:0c:f7:6b:d1:68:cc:8d:
                    5b:e5:53:16:eb:83:e9:76:a7:36:93:2e:77:65:ba:
                    14:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:AF:E4:C6:9D:CA:40:65:2B:7E:C9:DB:33:D8:04:D3:78:67:90:3C
            X509v3 Authority Key Identifier:
                keyid:06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:d2:98:a4:fe:52:f4:0f:e1:a7:3b:49:3a:e5:5d:b7:e8:4c:
         72:4a:d0:37:5c:b4:ce:ab:07:26:5c:ed:3e:6c:12:b3:44:b8:
         56:5a:5b:4f:99:ef:f7:59:4f:86:4c:cc:be:0f:db:5f:fe:48:
         f2:c4:80:2b:e2:a3:42:c8:ca:9c:40:6c:bc:72:53:5b:79:46:
         57:06:c3:09:99:1f:59:fa:47:85:f3:41:6a:c6:3a:d0:24:40:
         24:24:a1:fe:1c:44:ea:01:d5:f8:1d:8c:2d:b1:67:29:90:0a:
         0d:93:17:22:f7:f9:16:15:bd:3a:a6:2d:fc:5a:8c:74:ff:c2:
         83:cc:bb:b1:26:69:fb:15:96:d4:4a:f1:00:fc:04:9a:af:fc:
         32:c2:e5:f5:cd:3e:73:3f:18:8e:82:c2:5b:fe:9b:9c:fb:81:
         eb:79:7f:cc:67:93:32:95:0a:bd:a3:2e:02:d2:0d:de:8b:44:
         05:f9:23:ce:be:33:cc:cc:36:17:07:ff:7d:58:30:1d:b2:b6:
         f7:05:f8:92:9d:b8:ee:40:ea:65:5f:6a:80:91:bd:64:b9:d8:
         54:c1:34:79:0f:f8:95:e1:3e:ca:db:6b:93:4f:0b:70:18:89:
         81:3f:74:49:96:1c:fd:70:e0:54:6b:c0:7a:99:ca:3f:47:85:
         4a:60:66:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhTkyD5SdBASgx4J4vrhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGMxYTk4NmM1OTMzYTNiOTEwODRlOGEzZmYwODA2NmQz
OThlMTkwHhcNMjYwNTE2MTYwMTE0WhcNMjYwNTE3MTYwMTE0WjAzMTEwLwYDVQQD
EyhkMGFmZTRjNjlkY2E0MDY1MmI3ZWM5ZGIzM2Q4MDRkMzc4Njc5MDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruqlh3aah7XIAyManYS7iPDCi1bZ
KNTaNCOjhJsxrPQ/BVwWWt8xrm1OqL0RipjVU+qVveWD+hmSUZQJHJflgFhOP/FG
PEJiV/uB6Skrhg8rpKDktioVfFO4ZxwhOnm8c7hffq2WgfyIYRIaG35KT7lNFRzi
z6vO4Slv9JInWfH/0UDuyqFKPh6lE+YvNKf6O0njXryyY+Dz01xe/kXR2lkzoZMP
7e5TMjcHGeAC6gLOJ343O4YuSTNrVmH/ypTNKuczbZOID5Axy6b5vB2Z+tZuyHgn
+sQvMO10uXWXEz9yMxqxFWuxgAz3a9FozI1b5VMW64Ppdqc2ky53ZboUVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCv5MadykBlK37J2zPYBNN4Z5A8MB8GA1UdIwQY
MBaAFAZMGphsWTOjuRCE6KP/CAZtOY4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgt
N2Y2YTY1NWZkNzg4LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgtN2Y2YTY1NWZkNzg4
LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEActKYpP5S
9A/hpztJOuVdt+hMckrQN1y0zqsHJlztPmwSs0S4VlpbT5nv91lPhkzMvg/bX/5I
8sSAK+KjQsjKnEBsvHJTW3lGVwbDCZkfWfpHhfNBasY60CRAJCSh/hxE6gHV+B2M
LbFnKZAKDZMXIvf5FhW9OqYt/FqMdP/Cg8y7sSZp+xWW1ErxAPwEmq/8MsLl9c0+
cz8YjoLCW/6bnPuB63l/zGeTMpUKvaMuAtIN3otEBfkjzr4zzMw2Fwf/fVgwHbK2
9wX4kp247kDqZV9qgJG9ZLnYVME0eQ/4leE+yttrk08LcBiJgT90SZYc/XDgVGvA
epnKP0eFSmBmzg==
-----END CERTIFICATE-----