Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
File:                     bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json)
Hash identifier:          bCYrDqt5+Y2HFqESA78o5P5vTdwbFQmfgkSXnFM4I5o=
Subject key identifier:   E6:49:F1:67:8A:06:B8:73:86:F6:24:CF:F2:B3:DE:C8:C8:10:09:8F
Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C
Certificate issuer:       /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
Certificate serial:       0199239F8616B8188373C8F15BA15BA71A79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
Manifest number:          0491
Signing time:             Sun 07 Sep 2025 10:01:21 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:21 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:21 +0000
Files and hashes:         1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: 6VpqbkaQBzJ+dowW09dHHMWVd5XfyPm0FsuvV/jATtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:86:16:b8:18:83:73:c8:f1:5b:a1:5b:a7:1a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
        Validity
            Not Before: Sep  7 10:01:21 2025 GMT
            Not After : Sep  8 10:01:21 2025 GMT
        Subject: CN=e649f1678a06b87386f624cff2b3dec8c810098f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3c:be:fd:01:a2:97:52:77:a1:75:d1:f5:d1:
                    73:8e:96:53:df:8c:5b:2c:62:cf:ce:a0:9b:b6:32:
                    75:b9:ed:6b:aa:e9:fa:a9:fa:2a:31:03:21:bd:91:
                    f2:be:97:eb:45:26:76:19:69:1f:e9:26:d1:9c:d0:
                    ca:82:14:45:5c:d0:4b:84:56:80:04:c2:57:9f:65:
                    f4:04:99:99:1c:de:b5:c0:51:1a:18:7c:20:44:82:
                    92:70:dd:5e:ef:17:8f:5c:25:06:3a:9c:15:f8:c8:
                    a1:34:27:47:0f:ca:49:33:66:02:e9:00:e8:e6:3a:
                    10:a3:56:5b:f6:17:88:a6:e1:9f:a9:95:26:c7:5a:
                    1a:bb:b9:17:75:8d:39:f6:40:66:f7:2a:5a:66:d2:
                    39:74:26:bd:6f:30:9b:82:50:f5:4c:f9:79:be:df:
                    1d:53:06:59:81:50:52:6d:c9:2e:61:e0:92:5d:4e:
                    71:1b:24:16:c6:7f:cb:78:22:4c:db:c2:02:d9:d9:
                    17:43:ab:44:0b:38:db:dd:31:92:72:86:99:2b:19:
                    a9:9a:bd:3e:55:a4:a8:1b:7d:7f:c7:42:11:94:02:
                    fc:46:c3:aa:06:c8:68:78:41:fd:0a:63:7d:2f:e5:
                    f1:c4:e8:c0:0e:26:ab:f4:15:ec:d7:41:9b:19:8e:
                    5f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:49:F1:67:8A:06:B8:73:86:F6:24:CF:F2:B3:DE:C8:C8:10:09:8F
            X509v3 Authority Key Identifier:
                keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:7d:cc:24:13:4d:bd:17:ee:e5:d1:08:dc:97:fa:c2:45:2e:
         24:c8:c7:76:40:41:0a:b6:c9:65:7c:d4:10:8e:21:99:13:a1:
         c8:88:5e:b7:72:57:44:0f:5b:ab:f6:7f:b0:e9:95:ad:f5:cd:
         4d:93:36:0b:91:ca:18:5c:35:6a:fe:eb:8c:22:46:25:5b:0b:
         97:33:9b:39:43:16:c1:ff:29:ee:95:b3:5f:e2:77:af:7b:bf:
         d9:15:09:ea:5e:87:38:1d:47:c1:bb:a7:ee:a3:ee:7a:33:58:
         15:79:d2:ef:26:e2:c4:f4:d0:64:5f:3a:ce:4b:d4:38:1e:ea:
         e0:98:d3:f7:41:8d:9d:c8:3f:bf:28:d3:4d:23:2c:5b:fc:65:
         13:3d:d5:0a:e7:71:e1:36:ee:15:49:a1:7b:d9:37:e9:d0:ef:
         1b:bf:97:37:75:ad:e4:e6:25:ae:4f:31:72:cc:92:82:ca:e4:
         18:d4:c3:24:b8:05:94:08:ac:b8:04:5d:bb:ab:9e:7d:ea:5f:
         4d:38:58:a7:14:2d:2d:51:39:14:54:2b:d5:af:28:45:7e:1c:
         1d:91:61:cf:42:be:c1:05:8c:99:03:66:08:63:3c:19:53:33:
         86:c7:a8:94:a8:c8:fd:32:f4:e5:15:d9:9b:18:9a:d0:2e:26:
         64:3e:1f:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn4YWuBiDc8jxW6Fbpxp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0
MmRmMWMwHhcNMjUwOTA3MTAwMTIxWhcNMjUwOTA4MTAwMTIxWjAzMTEwLwYDVQQD
EyhlNjQ5ZjE2NzhhMDZiODczODZmNjI0Y2ZmMmIzZGVjOGM4MTAwOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDy+/QGil1J3oXXR9dFzjpZT34xb
LGLPzqCbtjJ1ue1rqun6qfoqMQMhvZHyvpfrRSZ2GWkf6SbRnNDKghRFXNBLhFaA
BMJXn2X0BJmZHN61wFEaGHwgRIKScN1e7xePXCUGOpwV+MihNCdHD8pJM2YC6QDo
5joQo1Zb9heIpuGfqZUmx1oau7kXdY059kBm9ypaZtI5dCa9bzCbglD1TPl5vt8d
UwZZgVBSbckuYeCSXU5xGyQWxn/LeCJM28IC2dkXQ6tECzjb3TGScoaZKxmpmr0+
VaSoG31/x0IRlAL8RsOqBshoeEH9CmN9L+XxxOjADiar9BXs10GbGY5fDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZJ8WeKBrhzhvYkz/Kz3sjIEAmPMB8GA1UdIwQY
MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt
MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0
LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH33MJBNN
vRfu5dEI3Jf6wkUuJMjHdkBBCrbJZXzUEI4hmROhyIhet3JXRA9bq/Z/sOmVrfXN
TZM2C5HKGFw1av7rjCJGJVsLlzObOUMWwf8p7pWzX+J3r3u/2RUJ6l6HOB1Hwbun
7qPuejNYFXnS7ybixPTQZF86zkvUOB7q4JjT90GNncg/vyjTTSMsW/xlEz3VCudx
4TbuFUmhe9k36dDvG7+XN3Wt5OYlrk8xcsySgsrkGNTDJLgFlAisuARdu6uefepf
TThYpxQtLVE5FFQr1a8oRX4cHZFhz0K+wQWMmQNmCGM8GVMzhseolKjI/TL05RXZ
mxia0C4mZD4fPw==
-----END CERTIFICATE-----