Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft
File:                     BvPXAJgq-awbr-TyqnGEStAHWR0.mft (raw, json)
Hash identifier:          Z89Vh3fWMPFvANaOGCa2dUPIFanK36S7P9gOu4I/5Vc=
Subject key identifier:   72:1D:55:AC:7C:E5:19:85:04:13:52:0D:87:A1:76:0B:26:AF:90:8F
Authority key identifier: 06:F3:D7:00:98:2A:F9:AC:1B:AF:E4:F2:AA:71:84:4A:D0:07:59:1D
Certificate issuer:       /CN=06f3d700982af9ac1bafe4f2aa71844ad007591d
Certificate serial:       019D9AE2A94D17BF71194B031777E43EB7B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BvPXAJgq-awbr-TyqnGEStAHWR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft
Manifest number:          0BF4
Signing time:             Fri 17 Apr 2026 10:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:38 +0000
Files and hashes:         1: BvPXAJgq-awbr-TyqnGEStAHWR0.crl (hash: /jmbsibTGEAFxPXP4Tx8+7V+P0pS9R9XHpHMucDQpuU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BvPXAJgq-awbr-TyqnGEStAHWR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:a9:4d:17:bf:71:19:4b:03:17:77:e4:3e:b7:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06f3d700982af9ac1bafe4f2aa71844ad007591d
        Validity
            Not Before: Apr 17 10:00:38 2026 GMT
            Not After : Apr 18 10:00:38 2026 GMT
        Subject: CN=721d55ac7ce519850413520d87a1760b26af908f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e6:08:f3:cd:ff:97:0b:ec:84:df:38:32:fb:
                    e0:80:2c:16:76:38:19:37:7d:30:47:e5:11:91:57:
                    02:c0:ed:9d:8c:b5:b5:0c:29:27:3e:e9:13:ec:7d:
                    0f:78:da:52:7e:58:83:a7:e3:99:11:c8:8c:35:03:
                    e9:be:4a:5e:cf:49:16:26:82:b7:aa:66:ad:bd:96:
                    43:11:b1:e5:d0:d2:3f:86:93:34:c2:26:ef:6f:04:
                    74:1d:6a:37:f1:42:44:86:b4:fe:5d:c7:49:11:23:
                    e7:5a:a1:ad:23:81:01:8e:19:fd:3e:aa:d3:8d:52:
                    75:e7:a9:63:72:be:8a:ff:d3:4c:a5:2d:ac:2e:92:
                    5d:c5:c8:bb:f2:32:ed:ba:c1:fd:05:97:db:ba:17:
                    fb:2d:a4:10:3b:06:cd:f0:65:76:73:f8:93:61:fd:
                    a4:0d:cf:7b:91:88:bd:e2:64:6d:24:cd:9b:a4:f7:
                    38:70:68:27:ad:b4:8b:14:58:29:15:b1:28:d7:62:
                    82:94:a5:03:6c:2a:e6:88:99:70:14:63:26:64:15:
                    62:12:c2:a3:6b:b9:f6:53:7a:aa:f7:e1:f3:04:a3:
                    85:2d:6c:06:ae:10:2f:83:70:fb:13:f3:a3:62:04:
                    57:5e:cc:e2:e2:f2:c7:b9:7a:f4:6a:f7:77:ae:4b:
                    de:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:1D:55:AC:7C:E5:19:85:04:13:52:0D:87:A1:76:0B:26:AF:90:8F
            X509v3 Authority Key Identifier:
                keyid:06:F3:D7:00:98:2A:F9:AC:1B:AF:E4:F2:AA:71:84:4A:D0:07:59:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BvPXAJgq-awbr-TyqnGEStAHWR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:01:0e:64:1f:e0:48:55:48:83:69:d4:14:63:26:35:f3:71:
         04:c4:b7:52:c4:25:85:68:ff:8a:78:9a:64:52:55:2b:28:23:
         b4:82:dd:74:ab:40:23:22:b0:a5:59:b6:d5:5f:94:7c:2d:2b:
         3a:3e:1c:e6:c1:6c:b4:6c:ae:ce:b1:22:7d:1f:44:b2:aa:c9:
         05:e6:a8:76:29:08:bc:fe:7c:ba:cc:fb:af:3b:8c:52:91:97:
         25:69:e9:57:b5:05:ee:9e:18:f8:4c:df:97:3c:61:95:c0:c4:
         e3:6a:db:e8:b4:bb:85:f7:69:6a:32:27:ee:34:cf:da:25:7c:
         9f:1f:68:17:ac:d4:24:21:a9:87:a7:ac:aa:dd:7a:80:47:9f:
         2c:96:55:0a:e8:16:cc:9f:32:69:34:2c:4d:da:66:a1:14:48:
         98:ea:30:14:31:5e:80:73:1a:54:75:3b:a5:d1:18:10:f7:5e:
         bc:74:67:b0:24:96:cb:c9:f8:92:00:48:0b:2c:8c:51:fd:27:
         79:46:da:86:51:ea:d8:2d:9d:53:ce:ad:39:7c:a7:ef:e1:a9:
         d6:ad:d5:be:b8:42:af:3d:87:1a:61:22:8b:06:b0:6d:b0:cc:
         d0:26:da:a9:33:f0:71:a1:24:78:1f:29:8f:ec:31:b7:c4:7b:
         3d:89:c9:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4qlNF79xGUsDF3fkPrexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZjNkNzAwOTgyYWY5YWMxYmFmZTRmMmFhNzE4NDRhZDAw
NzU5MWQwHhcNMjYwNDE3MTAwMDM4WhcNMjYwNDE4MTAwMDM4WjAzMTEwLwYDVQQD
Eyg3MjFkNTVhYzdjZTUxOTg1MDQxMzUyMGQ4N2ExNzYwYjI2YWY5MDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+YI883/lwvshN84MvvggCwWdjgZ
N30wR+URkVcCwO2djLW1DCknPukT7H0PeNpSfliDp+OZEciMNQPpvkpez0kWJoK3
qmatvZZDEbHl0NI/hpM0wibvbwR0HWo38UJEhrT+XcdJESPnWqGtI4EBjhn9PqrT
jVJ156ljcr6K/9NMpS2sLpJdxci78jLtusH9BZfbuhf7LaQQOwbN8GV2c/iTYf2k
Dc97kYi94mRtJM2bpPc4cGgnrbSLFFgpFbEo12KClKUDbCrmiJlwFGMmZBViEsKj
a7n2U3qq9+HzBKOFLWwGrhAvg3D7E/OjYgRXXszi4vLHuXr0avd3rkverQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIdVax85RmFBBNSDYehdgsmr5CPMB8GA1UdIwQY
MBaAFAbz1wCYKvmsG6/k8qpxhErQB1kdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnZQWEFKZ3EtYXdici1UeXFuR0VTdEFIV1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy85N2ViMDMtMGQ2ZS00ZDdjLTgyZjEt
ZDNiM2U3N2JkOTkzLzEvQnZQWEFKZ3EtYXdici1UeXFuR0VTdEFIV1IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy85N2ViMDMtMGQ2ZS00ZDdjLTgyZjEtZDNiM2U3N2JkOTkz
LzEvQnZQWEFKZ3EtYXdici1UeXFuR0VTdEFIV1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQEOZB/g
SFVIg2nUFGMmNfNxBMS3UsQlhWj/iniaZFJVKygjtILddKtAIyKwpVm21V+UfC0r
Oj4c5sFstGyuzrEifR9EsqrJBeaodikIvP58usz7rzuMUpGXJWnpV7UF7p4Y+Ezf
lzxhlcDE42rb6LS7hfdpajIn7jTP2iV8nx9oF6zUJCGph6esqt16gEefLJZVCugW
zJ8yaTQsTdpmoRRImOowFDFegHMaVHU7pdEYEPdevHRnsCSWy8n4kgBICyyMUf0n
eUbahlHq2C2dU86tOXyn7+Gp1q3VvrhCrz2HGmEiiwawbbDM0CbaqTPwcaEkeB8p
j+wxt8R7PYnJrA==
-----END CERTIFICATE-----