Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
File:                     bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json)
Hash identifier:          0qADxorQ6/QTts1LQtysVH5yNdbZpNNEz1jxeUfL1x8=
Subject key identifier:   BA:68:09:BA:24:D8:9D:88:77:D1:26:51:27:3B:BF:64:4C:AD:17:84
Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C
Certificate issuer:       /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
Certificate serial:       019D38664393DE9816EE1D1C36974EFEA831
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
Manifest number:          06AE
Signing time:             Sun 29 Mar 2026 07:01:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:59 +0000
Files and hashes:         1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: KbEfgEvGIt24+zW1JtECIzW2imHGDod93Jwe5CrQowE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:43:93:de:98:16:ee:1d:1c:36:97:4e:fe:a8:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
        Validity
            Not Before: Mar 29 07:01:59 2026 GMT
            Not After : Mar 30 07:01:59 2026 GMT
        Subject: CN=ba6809ba24d89d8877d12651273bbf644cad1784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:80:2e:77:4e:f3:00:df:61:0e:1b:06:06:47:
                    69:4e:1b:b3:fc:10:ca:04:2d:7e:e3:5c:34:ff:2e:
                    42:31:c2:6b:98:f8:c8:91:1a:c8:01:94:61:8e:97:
                    1e:69:f6:00:1f:cb:49:37:32:c3:8a:08:54:6f:ea:
                    e8:04:7a:0a:ac:89:36:12:61:60:f3:1f:48:33:ad:
                    d2:96:d4:cc:00:90:bc:f7:31:06:d9:bf:9e:b3:b9:
                    2d:08:1d:e3:a2:5d:83:fb:4e:d5:e1:57:15:cf:10:
                    c7:aa:8c:16:ee:8c:02:92:38:56:83:ee:fe:89:ad:
                    db:eb:75:f2:99:f9:71:ec:3c:5d:a3:9b:db:a7:5c:
                    73:d2:71:0d:d0:7b:52:e2:0b:bf:6b:6c:df:38:a3:
                    fc:8e:5a:24:3c:f2:4f:28:70:c2:4c:b4:7d:39:f1:
                    b9:39:5e:25:18:0d:c2:b5:f0:ab:98:88:0c:6d:a1:
                    96:69:33:7f:4b:27:bc:07:cc:13:d6:97:82:b4:0e:
                    2b:b1:a9:a1:fb:c5:83:a9:38:27:e2:50:c6:36:0f:
                    a9:1e:41:14:64:d2:ba:15:b6:b7:ef:73:49:3b:b9:
                    67:04:c8:47:1f:24:78:f7:d2:03:77:ec:ff:bd:e5:
                    6b:1c:67:b9:b4:76:d5:a9:d7:c1:05:63:62:93:50:
                    1a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:68:09:BA:24:D8:9D:88:77:D1:26:51:27:3B:BF:64:4C:AD:17:84
            X509v3 Authority Key Identifier:
                keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:81:a2:4b:63:79:a8:ef:37:d3:27:7d:e8:64:24:f1:91:e0:
         b8:99:80:dd:16:0d:1c:95:90:0b:99:12:a1:db:c7:ce:21:5b:
         ff:4f:43:64:16:de:b0:e5:e7:77:cb:5b:d9:6f:82:9b:f0:e9:
         13:04:93:e2:49:c6:0c:d3:ab:d6:bd:94:e0:a4:d2:2f:3b:4b:
         40:6c:82:de:45:76:90:c2:85:9c:3c:6e:b1:c8:5f:e5:8f:a8:
         0d:20:4f:d8:39:c1:5f:27:f8:9f:1e:d0:6a:52:cc:61:0c:5b:
         99:66:6e:56:c3:b4:b4:68:5b:2a:9f:dc:e6:74:a4:1e:df:4f:
         d5:bf:3d:ef:d4:3e:be:6d:27:cc:4d:3e:88:4a:8e:5f:ab:61:
         77:24:04:b9:6d:5b:18:dd:cc:99:74:2c:85:69:02:90:f8:5e:
         f1:f7:94:1f:54:9e:f0:b5:a2:9e:ee:40:99:4e:bb:0f:30:37:
         e8:b7:78:a5:d3:42:fe:49:23:02:2b:fd:44:d2:31:1f:8b:a6:
         d3:9c:0e:65:3b:62:ed:60:12:6b:2c:2c:97:06:a8:2d:a4:55:
         e3:55:5b:bc:46:c1:b3:34:22:7b:ea:69:24:09:35:31:05:88:
         82:1a:1a:62:ad:9a:65:f9:8b:34:37:94:c2:b4:03:f7:d5:66:
         1d:56:7e:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkOT3pgW7h0cNpdO/qgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0
MmRmMWMwHhcNMjYwMzI5MDcwMTU5WhcNMjYwMzMwMDcwMTU5WjAzMTEwLwYDVQQD
EyhiYTY4MDliYTI0ZDg5ZDg4NzdkMTI2NTEyNzNiYmY2NDRjYWQxNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYAud07zAN9hDhsGBkdpThuz/BDK
BC1+41w0/y5CMcJrmPjIkRrIAZRhjpceafYAH8tJNzLDighUb+roBHoKrIk2EmFg
8x9IM63SltTMAJC89zEG2b+es7ktCB3jol2D+07V4VcVzxDHqowW7owCkjhWg+7+
ia3b63Xymflx7Dxdo5vbp1xz0nEN0HtS4gu/a2zfOKP8jlokPPJPKHDCTLR9OfG5
OV4lGA3CtfCrmIgMbaGWaTN/Sye8B8wT1peCtA4rsamh+8WDqTgn4lDGNg+pHkEU
ZNK6Fba373NJO7lnBMhHHyR499IDd+z/veVrHGe5tHbVqdfBBWNik1AaKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpoCbok2J2Id9EmUSc7v2RMrReEMB8GA1UdIwQY
MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt
MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0
LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK4GiS2N5
qO830yd96GQk8ZHguJmA3RYNHJWQC5kSodvHziFb/09DZBbesOXnd8tb2W+Cm/Dp
EwST4knGDNOr1r2U4KTSLztLQGyC3kV2kMKFnDxuschf5Y+oDSBP2DnBXyf4nx7Q
alLMYQxbmWZuVsO0tGhbKp/c5nSkHt9P1b8979Q+vm0nzE0+iEqOX6thdyQEuW1b
GN3MmXQshWkCkPhe8feUH1Se8LWinu5AmU67DzA36Ld4pdNC/kkjAiv9RNIxH4um
05wOZTti7WASaywslwaoLaRV41VbvEbBszQie+ppJAk1MQWIghoaYq2aZfmLNDeU
wrQD99VmHVZ+Uw==
-----END CERTIFICATE-----