Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          B47cmymul86mvPPpwzfKKoNPMK/DF9OhJusmx9x6U+0=
Subject key identifier:   0D:A5:69:58:27:EB:7A:14:E9:EF:AB:BA:E7:28:9D:6C:98:F1:ED:A5
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019D3A542EFFB29D44D33FBC81D591F7EEEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          1876
Signing time:             Sun 29 Mar 2026 16:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:28 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: 13xJag+6vRdh9AWFyPlZvFrwqP4ddjxKnxQgQZII2Lo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:2e:ff:b2:9d:44:d3:3f:bc:81:d5:91:f7:ee:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Mar 29 16:01:28 2026 GMT
            Not After : Mar 30 16:01:28 2026 GMT
        Subject: CN=0da5695827eb7a14e9efabbae7289d6c98f1eda5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:db:e1:fe:f7:23:ee:7c:d2:c4:61:5b:ba:6b:
                    fe:b5:0e:ee:a1:2b:54:6d:62:b9:65:97:0c:8e:76:
                    45:33:5b:d3:24:6d:f0:99:0e:7a:4b:fd:ac:82:b7:
                    ef:d2:38:b9:c2:4e:9b:10:13:e1:b4:d6:1c:e6:80:
                    74:2c:a1:e5:cc:85:c7:a6:12:c0:20:c9:e7:44:fa:
                    49:5b:04:32:ea:0e:9c:b7:97:e8:bf:d3:66:0f:d7:
                    c6:b9:87:d5:e2:28:f0:ee:97:77:6f:dd:5c:8a:25:
                    a7:f0:50:c1:d3:27:82:01:c0:42:bc:41:cb:e2:14:
                    08:0b:b0:07:88:62:4e:f3:64:36:fc:47:ec:d1:29:
                    4e:7c:92:67:ef:7f:df:79:e0:33:72:cc:d7:6a:23:
                    f8:a6:7c:e8:d1:5c:8b:f8:d5:9f:e1:94:e3:8c:bc:
                    9b:f0:54:60:7e:70:29:ba:80:82:09:d6:08:df:44:
                    64:8f:5b:33:0e:c8:e3:46:0a:35:73:41:1f:43:3d:
                    3f:40:2c:17:0d:01:ed:f4:ee:c2:79:6d:12:0a:fe:
                    cf:f2:48:62:73:22:12:00:b6:46:15:67:c7:e4:33:
                    8b:da:d2:c0:2f:a6:1b:9f:76:c0:7d:72:af:9b:b7:
                    f1:a7:ee:74:8e:1d:55:ae:63:60:3d:cc:3a:00:ed:
                    27:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A5:69:58:27:EB:7A:14:E9:EF:AB:BA:E7:28:9D:6C:98:F1:ED:A5
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:7e:8c:8e:71:b5:22:7a:85:20:03:1d:f4:7a:80:85:e8:0d:
         e5:f4:d1:83:ff:91:f5:16:19:ce:3e:bd:28:99:93:93:ff:10:
         e7:ca:12:31:e1:86:68:74:2f:69:93:66:73:67:04:c0:b7:db:
         50:cd:9a:93:60:06:89:48:c5:c8:47:18:ac:f6:f3:15:42:ed:
         b1:bf:1d:bd:52:34:f6:4b:cb:26:bb:50:4f:09:da:7a:50:af:
         fc:d4:40:9d:df:48:9c:32:8b:7d:de:0c:e0:e7:c4:67:a7:14:
         90:d4:b6:f0:df:2c:3a:85:12:d5:49:a3:9c:22:2b:25:3e:57:
         c9:4d:7e:49:30:e5:27:b8:b6:3e:e2:ce:17:be:e1:37:c4:af:
         4a:c5:fc:d4:21:e2:1f:28:34:eb:eb:fb:99:63:a5:f8:5d:43:
         ef:67:12:86:00:64:4b:03:77:44:5a:02:04:8b:55:95:5a:37:
         40:e6:4f:1e:ad:00:e2:5e:b3:a4:dd:f7:5f:9d:ea:89:f9:a4:
         58:17:c4:f7:04:d6:5c:68:3b:d8:0a:71:f9:97:a2:1b:1c:1f:
         06:4f:36:1a:8b:41:64:b1:bf:00:f7:25:de:0e:11:a4:1b:3f:
         ab:d2:b6:0d:9b:c6:15:1a:e8:64:5a:80:9e:38:1a:a8:a4:6b:
         00:2e:f5:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VC7/sp1E0z+8gdWR9+7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjYwMzI5MTYwMTI4WhcNMjYwMzMwMTYwMTI4WjAzMTEwLwYDVQQD
EygwZGE1Njk1ODI3ZWI3YTE0ZTllZmFiYmFlNzI4OWQ2Yzk4ZjFlZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtvh/vcj7nzSxGFbumv+tQ7uoStU
bWK5ZZcMjnZFM1vTJG3wmQ56S/2sgrfv0ji5wk6bEBPhtNYc5oB0LKHlzIXHphLA
IMnnRPpJWwQy6g6ct5fov9NmD9fGuYfV4ijw7pd3b91ciiWn8FDB0yeCAcBCvEHL
4hQIC7AHiGJO82Q2/Efs0SlOfJJn73/feeAzcszXaiP4pnzo0VyL+NWf4ZTjjLyb
8FRgfnApuoCCCdYI30Rkj1szDsjjRgo1c0EfQz0/QCwXDQHt9O7CeW0SCv7P8khi
cyISALZGFWfH5DOL2tLAL6Ybn3bAfXKvm7fxp+50jh1VrmNgPcw6AO0n9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2laVgn63oU6e+ruuconWyY8e2lMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm36MjnG1
InqFIAMd9HqAhegN5fTRg/+R9RYZzj69KJmTk/8Q58oSMeGGaHQvaZNmc2cEwLfb
UM2ak2AGiUjFyEcYrPbzFULtsb8dvVI09kvLJrtQTwnaelCv/NRAnd9InDKLfd4M
4OfEZ6cUkNS28N8sOoUS1UmjnCIrJT5XyU1+STDlJ7i2PuLOF77hN8SvSsX81CHi
Hyg06+v7mWOl+F1D72cShgBkSwN3RFoCBItVlVo3QOZPHq0A4l6zpN33X53qifmk
WBfE9wTWXGg72Apx+ZeiGxwfBk82GotBZLG/APcl3g4RpBs/q9K2DZvGFRroZFqA
njgaqKRrAC715A==
-----END CERTIFICATE-----