Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft
File:                     BvPXAJgq-awbr-TyqnGEStAHWR0.mft (raw, json)
Hash identifier:          GWNdft/F3/FhzejbjrbbPCqOK+KvIhnI/u1chH52lcs=
Subject key identifier:   B6:23:82:F2:15:3C:BA:2C:FB:E2:EE:B7:7C:E0:80:24:93:90:17:EB
Authority key identifier: 06:F3:D7:00:98:2A:F9:AC:1B:AF:E4:F2:AA:71:84:4A:D0:07:59:1D
Certificate issuer:       /CN=06f3d700982af9ac1bafe4f2aa71844ad007591d
Certificate serial:       019A4D06B4AE3593F60F1D754DB30C707503
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BvPXAJgq-awbr-TyqnGEStAHWR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft
Manifest number:          0A3E
Signing time:             Tue 04 Nov 2025 04:01:16 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:16 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:16 +0000
Files and hashes:         1: BvPXAJgq-awbr-TyqnGEStAHWR0.crl (hash: lLwbX/b+IicGGIHi+VhlG3Obk0nypIL0eZEgCMbh1ko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BvPXAJgq-awbr-TyqnGEStAHWR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:b4:ae:35:93:f6:0f:1d:75:4d:b3:0c:70:75:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06f3d700982af9ac1bafe4f2aa71844ad007591d
        Validity
            Not Before: Nov  4 04:01:16 2025 GMT
            Not After : Nov  5 04:01:16 2025 GMT
        Subject: CN=b62382f2153cba2cfbe2eeb77ce08024939017eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:18:9f:36:13:f2:ba:1a:c6:c1:69:42:32:8f:
                    49:ef:54:e5:a8:33:7d:9c:68:3a:d2:60:3b:67:bb:
                    9f:6c:f0:f2:fc:13:fb:2e:f2:46:d2:a9:ba:e3:2d:
                    44:99:c2:ba:ec:3f:37:b2:9d:bd:04:02:0b:6c:fe:
                    75:a9:68:50:ea:44:54:92:87:9e:4b:a3:e2:d8:35:
                    5e:0e:71:b4:f3:b0:13:f6:c2:70:1e:15:f2:10:b6:
                    01:1d:49:87:69:37:c0:ea:4c:2a:70:23:f0:fd:e0:
                    99:a8:32:d7:91:a9:8b:10:67:35:43:85:c8:f9:24:
                    4b:38:73:1a:34:55:45:23:fe:a6:c2:6f:8b:f3:11:
                    b7:6e:7e:e6:df:88:54:e3:6d:f7:e8:c2:84:eb:84:
                    03:15:b2:83:8f:63:79:a6:f8:8b:6c:59:66:62:5b:
                    0e:87:cf:51:2c:4f:b7:89:d3:05:26:84:24:25:d8:
                    3a:51:4b:ed:3e:60:64:74:00:49:85:26:85:7c:4a:
                    59:17:e5:21:cb:5e:86:b5:5f:9c:4f:55:46:e0:06:
                    3c:bb:35:3e:7d:1b:0b:fb:4d:ea:ce:b2:30:59:20:
                    be:8e:5b:80:08:68:85:5d:0d:4f:48:b4:c6:02:d9:
                    58:5c:d1:a3:f1:ef:b6:9d:9c:d9:c8:b7:07:c8:42:
                    99:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:23:82:F2:15:3C:BA:2C:FB:E2:EE:B7:7C:E0:80:24:93:90:17:EB
            X509v3 Authority Key Identifier:
                keyid:06:F3:D7:00:98:2A:F9:AC:1B:AF:E4:F2:AA:71:84:4A:D0:07:59:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BvPXAJgq-awbr-TyqnGEStAHWR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/97eb03-0d6e-4d7c-82f1-d3b3e77bd993/1/BvPXAJgq-awbr-TyqnGEStAHWR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:91:96:28:8d:9a:85:1a:de:7a:56:06:88:3f:f7:09:7a:a1:
         9a:28:9e:ba:0d:69:4d:1d:01:18:fe:a6:63:42:9d:9d:b9:3c:
         1d:48:d4:c3:2d:fd:1e:6e:e7:70:93:3e:43:b0:4a:ea:a8:58:
         16:93:77:c6:6a:7a:a5:5f:23:fd:fb:64:3e:d4:8d:05:79:7f:
         87:87:0c:d7:b0:9f:3a:5f:84:21:da:ff:63:e7:54:39:08:1a:
         60:d3:df:27:1f:38:c5:09:95:e2:1a:a6:6f:71:87:b7:92:79:
         7d:36:e5:fd:8d:05:e1:f4:b2:0d:a3:c8:2c:2c:15:12:e1:98:
         af:57:28:51:45:05:f4:dd:eb:e3:ea:7a:ec:4b:6d:64:3a:40:
         f6:64:c3:24:18:00:9f:4b:38:58:6a:2b:ac:de:48:f7:81:76:
         a0:38:69:fc:8c:68:34:3d:4e:93:69:ce:b3:fb:79:b1:5a:f0:
         a6:9b:30:db:1a:e6:10:34:1c:0d:ef:83:a3:cf:e5:5b:9f:56:
         51:57:d6:65:c5:53:f6:09:53:ae:36:67:9e:40:9f:af:31:7e:
         96:15:8b:8d:b2:54:4f:0d:3f:05:64:c4:19:77:9e:fd:06:18:
         25:d1:39:74:d7:7c:41:30:8c:79:5f:9f:1a:a0:70:08:66:b2:
         11:2d:8c:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBrSuNZP2Dx11TbMMcHUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZjNkNzAwOTgyYWY5YWMxYmFmZTRmMmFhNzE4NDRhZDAw
NzU5MWQwHhcNMjUxMTA0MDQwMTE2WhcNMjUxMTA1MDQwMTE2WjAzMTEwLwYDVQQD
EyhiNjIzODJmMjE1M2NiYTJjZmJlMmVlYjc3Y2UwODAyNDkzOTAxN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RifNhPyuhrGwWlCMo9J71TlqDN9
nGg60mA7Z7ufbPDy/BP7LvJG0qm64y1EmcK67D83sp29BAILbP51qWhQ6kRUkoee
S6Pi2DVeDnG087AT9sJwHhXyELYBHUmHaTfA6kwqcCPw/eCZqDLXkamLEGc1Q4XI
+SRLOHMaNFVFI/6mwm+L8xG3bn7m34hU42336MKE64QDFbKDj2N5pviLbFlmYlsO
h89RLE+3idMFJoQkJdg6UUvtPmBkdABJhSaFfEpZF+Uhy16GtV+cT1VG4AY8uzU+
fRsL+03qzrIwWSC+jluACGiFXQ1PSLTGAtlYXNGj8e+2nZzZyLcHyEKZHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYjgvIVPLos++Lut3zggCSTkBfrMB8GA1UdIwQY
MBaAFAbz1wCYKvmsG6/k8qpxhErQB1kdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnZQWEFKZ3EtYXdici1UeXFuR0VTdEFIV1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy85N2ViMDMtMGQ2ZS00ZDdjLTgyZjEt
ZDNiM2U3N2JkOTkzLzEvQnZQWEFKZ3EtYXdici1UeXFuR0VTdEFIV1IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy85N2ViMDMtMGQ2ZS00ZDdjLTgyZjEtZDNiM2U3N2JkOTkz
LzEvQnZQWEFKZ3EtYXdici1UeXFuR0VTdEFIV1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpGWKI2a
hRreelYGiD/3CXqhmiieug1pTR0BGP6mY0Kdnbk8HUjUwy39Hm7ncJM+Q7BK6qhY
FpN3xmp6pV8j/ftkPtSNBXl/h4cM17CfOl+EIdr/Y+dUOQgaYNPfJx84xQmV4hqm
b3GHt5J5fTbl/Y0F4fSyDaPILCwVEuGYr1coUUUF9N3r4+p67EttZDpA9mTDJBgA
n0s4WGorrN5I94F2oDhp/IxoND1Ok2nOs/t5sVrwppsw2xrmEDQcDe+Do8/lW59W
UVfWZcVT9glTrjZnnkCfrzF+lhWLjbJUTw0/BWTEGXee/QYYJdE5dNd8QTCMeV+f
GqBwCGayES2MXA==
-----END CERTIFICATE-----