Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          3yCdkb7KwVikhVOnmF7iQAza5GUndPFlvTjh4a9x3U8=
Subject key identifier:   17:95:5E:4D:B1:8B:E5:32:5C:B8:57:3E:8E:E4:87:19:E8:FD:9F:1E
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019A71B7E6C8AE1126C20986133FDDFB763C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          1705
Signing time:             Tue 11 Nov 2025 07:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:08 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: 6w4AdWjMWK/RnD6rs7B3gLEwM8CimRBDSxn20F1wL4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e6:c8:ae:11:26:c2:09:86:13:3f:dd:fb:76:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Nov 11 07:01:08 2025 GMT
            Not After : Nov 12 07:01:08 2025 GMT
        Subject: CN=17955e4db18be5325cb8573e8ee48719e8fd9f1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6a:8e:6e:80:ca:fa:52:ed:9d:fe:fb:e7:74:
                    f3:93:f1:5d:1a:89:94:32:b8:f0:f5:a2:d3:d0:b7:
                    e1:a4:f6:b1:d5:ad:39:51:69:9f:34:aa:ac:1d:dc:
                    12:29:50:56:ff:5d:2d:45:87:15:8c:09:3f:10:36:
                    97:86:21:dd:9d:fc:32:f1:8e:e8:10:aa:7b:2c:49:
                    ee:eb:9d:0c:05:81:eb:87:3e:39:74:00:10:c3:07:
                    67:39:c1:50:d3:7e:25:42:3f:44:dd:b8:18:df:01:
                    2d:42:63:4d:a5:e3:39:30:28:dc:59:b9:e6:7a:a7:
                    39:13:8f:35:c0:87:68:45:ba:75:34:bf:92:2f:59:
                    67:5a:e4:f6:85:7e:68:ec:76:0b:a5:33:8b:ef:98:
                    fd:64:f4:bb:b2:56:63:6c:34:a9:b1:db:e7:a7:22:
                    91:66:ba:e1:40:c3:06:4c:f5:be:96:03:93:aa:0f:
                    71:03:d1:3c:dc:fe:1b:4f:ac:08:39:af:25:7b:40:
                    d9:86:d1:55:e9:a7:1f:90:bd:a7:79:83:94:90:75:
                    5d:ba:99:79:3c:74:5f:23:ff:5b:70:ad:ae:3d:33:
                    6a:d9:76:02:56:fc:c4:32:49:c6:a5:a2:4c:eb:64:
                    65:4d:35:8b:17:a7:5a:a5:63:6e:df:03:10:d8:6f:
                    3c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:95:5E:4D:B1:8B:E5:32:5C:B8:57:3E:8E:E4:87:19:E8:FD:9F:1E
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:10:41:df:41:f9:67:7b:38:dd:f4:ae:ae:d8:b7:c4:af:e4:
         ff:9f:0c:92:30:5d:88:06:9f:49:f3:a5:dd:a7:5a:70:02:d6:
         52:5e:ef:77:60:38:1a:1a:da:32:f2:a1:86:95:fe:0a:0b:33:
         ec:8b:1f:82:e6:71:49:3d:68:8f:a5:3f:20:bd:8a:58:42:2b:
         01:31:50:e3:f7:d9:3c:77:bb:d3:a7:61:1e:47:83:a2:38:be:
         a7:43:00:5f:56:cc:b4:8c:40:08:e0:97:1e:e9:1a:f7:61:ad:
         7f:88:49:cf:ce:f4:42:95:97:2b:0d:d5:29:0c:05:c8:08:b8:
         a8:ec:ef:07:de:2b:8a:95:58:ab:05:83:7f:5b:dc:dc:e7:35:
         8c:f4:88:36:4b:5a:cf:1b:25:f3:f1:43:08:cc:1e:8f:cf:49:
         02:d0:de:08:0d:41:0a:da:6a:3d:41:b3:db:35:9d:73:2a:07:
         a7:21:85:27:2d:15:e9:49:b3:01:ba:d0:07:52:3a:94:d4:d8:
         d2:88:89:d6:8b:99:61:55:17:8f:91:93:72:91:66:f1:ce:c2:
         be:72:02:f8:08:be:3b:ff:4a:70:a5:00:b1:97:d4:eb:38:e0:
         06:90:b7:a5:6a:85:ba:e3:32:9a:bb:c1:36:f3:fa:22:aa:51:
         ea:48:3c:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+bIrhEmwgmGEz/d+3Y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
EygxNzk1NWU0ZGIxOGJlNTMyNWNiODU3M2U4ZWU0ODcxOWU4ZmQ5ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGqOboDK+lLtnf7753Tzk/FdGomU
Mrjw9aLT0LfhpPax1a05UWmfNKqsHdwSKVBW/10tRYcVjAk/EDaXhiHdnfwy8Y7o
EKp7LEnu650MBYHrhz45dAAQwwdnOcFQ034lQj9E3bgY3wEtQmNNpeM5MCjcWbnm
eqc5E481wIdoRbp1NL+SL1lnWuT2hX5o7HYLpTOL75j9ZPS7slZjbDSpsdvnpyKR
ZrrhQMMGTPW+lgOTqg9xA9E83P4bT6wIOa8le0DZhtFV6acfkL2neYOUkHVdupl5
PHRfI/9bcK2uPTNq2XYCVvzEMknGpaJM62RlTTWLF6dapWNu3wMQ2G88jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeVXk2xi+UyXLhXPo7khxno/Z8eMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhBB30H5
Z3s43fSurti3xK/k/58MkjBdiAafSfOl3adacALWUl7vd2A4GhraMvKhhpX+Cgsz
7IsfguZxST1oj6U/IL2KWEIrATFQ4/fZPHe706dhHkeDoji+p0MAX1bMtIxACOCX
Huka92Gtf4hJz870QpWXKw3VKQwFyAi4qOzvB94ripVYqwWDf1vc3Oc1jPSINkta
zxsl8/FDCMwej89JAtDeCA1BCtpqPUGz2zWdcyoHpyGFJy0V6UmzAbrQB1I6lNTY
0oiJ1ouZYVUXj5GTcpFm8c7CvnIC+Ai+O/9KcKUAsZfU6zjgBpC3pWqFuuMymrvB
NvP6IqpR6kg8FA==
-----END CERTIFICATE-----