Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          z0QJul8OAgGIsRz82Us4wFfMba7OUyLwR0ucFPkLNN0=
Subject key identifier:   17:EF:82:F5:FE:83:42:BC:B1:CB:CB:11:D7:C4:97:77:3D:D1:10:ED
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019D97E1E880F52CA9EAB177D1A5035E5D07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          1097
Signing time:             Thu 16 Apr 2026 20:00:57 +0000
Manifest this update:     Thu 16 Apr 2026 20:00:57 +0000
Manifest next update:     Fri 17 Apr 2026 20:00:57 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: 11Jh8xA1uWid9KvGYlPE6zL8yS2JBBze7GdxpDlyAXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e1:e8:80:f5:2c:a9:ea:b1:77:d1:a5:03:5e:5d:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Apr 16 20:00:57 2026 GMT
            Not After : Apr 17 20:00:57 2026 GMT
        Subject: CN=17ef82f5fe8342bcb1cbcb11d7c497773dd110ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:95:aa:2b:f0:02:a3:4e:69:0c:74:e8:94:8c:
                    dd:a4:b9:d3:ef:94:04:72:98:c2:ae:f4:26:35:24:
                    3a:de:66:df:05:2c:26:41:30:59:cf:4c:16:de:32:
                    85:ab:50:27:c3:6a:4b:ac:7f:e6:78:03:1e:d6:e3:
                    cc:cd:7c:60:33:75:2d:43:90:c4:9a:23:85:43:b8:
                    c5:f1:49:2c:f0:30:11:d2:af:cf:3c:f2:11:2c:cd:
                    c5:e0:c7:53:5f:1c:5f:89:49:1f:64:e5:2a:56:a6:
                    47:e6:7f:27:95:b9:07:f8:cb:43:37:e0:37:21:f3:
                    ca:65:38:2b:9e:25:fb:df:78:40:18:b0:a8:de:26:
                    ec:bc:ca:1f:09:41:cb:63:bc:be:8a:d1:4c:b2:5e:
                    74:9f:e1:82:ba:d4:94:67:ce:74:3b:93:ac:a4:3b:
                    d0:51:80:a9:e9:03:0d:6d:69:11:82:df:4d:c7:fe:
                    24:99:26:d7:be:4f:b4:79:86:f8:da:09:00:42:9e:
                    7c:d2:b8:27:fa:7b:a8:e4:5a:03:3f:04:cd:0e:29:
                    f8:d1:92:67:99:03:ee:f3:14:2d:ff:34:ff:44:78:
                    c2:2f:5d:a3:ba:39:08:b4:7c:66:37:81:9a:07:6d:
                    c0:fa:51:4e:70:fd:d9:c3:af:36:39:52:5d:3c:37:
                    28:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:EF:82:F5:FE:83:42:BC:B1:CB:CB:11:D7:C4:97:77:3D:D1:10:ED
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:64:63:00:42:10:bf:25:32:f3:9c:95:d9:28:40:5f:39:64:
         bf:d7:ef:35:1e:eb:c3:c3:ff:e1:ce:98:e2:d0:a0:c2:9c:51:
         fd:c9:e7:c0:1e:f9:9f:41:58:f3:59:1c:41:ad:57:9e:38:1b:
         b5:10:19:c8:25:c9:99:93:7b:af:2a:09:2a:db:68:23:67:57:
         28:ad:ad:37:a8:b9:bc:92:bc:34:23:aa:c9:33:f7:d4:f4:d1:
         d7:6d:20:e6:b9:47:87:c9:4a:fa:7b:e6:5b:d9:2a:1c:f2:2a:
         d3:43:d3:14:ee:2e:bd:99:ae:8a:28:1b:65:bd:96:63:70:95:
         59:31:81:ab:73:39:43:33:e7:7a:6f:25:0e:8f:07:ea:d1:fc:
         a1:bc:bc:a8:82:f0:db:cb:9c:98:4c:5c:21:bb:e0:3e:cc:ba:
         31:1e:cc:8e:46:9a:5e:c1:84:57:f9:4e:7e:fb:2c:e8:12:4d:
         43:36:f7:0d:de:45:5c:37:45:2e:42:c6:1b:49:86:ae:81:35:
         7d:6c:97:82:04:8f:51:c6:18:ad:e1:bf:3e:f7:53:82:4c:b8:
         76:3a:ae:d8:1f:0d:2b:83:40:fa:8c:23:2b:75:0a:b8:6d:e2:
         ff:35:b3:01:3b:a3:84:c0:b8:89:31:cf:6f:c3:48:ed:f1:0e:
         0b:39:fe:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4eiA9Syp6rF30aUDXl0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjYwNDE2MjAwMDU3WhcNMjYwNDE3MjAwMDU3WjAzMTEwLwYDVQQD
EygxN2VmODJmNWZlODM0MmJjYjFjYmNiMTFkN2M0OTc3NzNkZDExMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZWqK/ACo05pDHTolIzdpLnT75QE
cpjCrvQmNSQ63mbfBSwmQTBZz0wW3jKFq1Anw2pLrH/meAMe1uPMzXxgM3UtQ5DE
miOFQ7jF8Uks8DAR0q/PPPIRLM3F4MdTXxxfiUkfZOUqVqZH5n8nlbkH+MtDN+A3
IfPKZTgrniX733hAGLCo3ibsvMofCUHLY7y+itFMsl50n+GCutSUZ850O5OspDvQ
UYCp6QMNbWkRgt9Nx/4kmSbXvk+0eYb42gkAQp580rgn+nuo5FoDPwTNDin40ZJn
mQPu8xQt/zT/RHjCL12jujkItHxmN4GaB23A+lFOcP3Zw682OVJdPDcopQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfvgvX+g0K8scvLEdfEl3c90RDtMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmRjAEIQ
vyUy85yV2ShAXzlkv9fvNR7rw8P/4c6Y4tCgwpxR/cnnwB75n0FY81kcQa1Xnjgb
tRAZyCXJmZN7ryoJKttoI2dXKK2tN6i5vJK8NCOqyTP31PTR120g5rlHh8lK+nvm
W9kqHPIq00PTFO4uvZmuiigbZb2WY3CVWTGBq3M5QzPnem8lDo8H6tH8oby8qILw
28ucmExcIbvgPsy6MR7MjkaaXsGEV/lOfvss6BJNQzb3Dd5FXDdFLkLGG0mGroE1
fWyXggSPUcYYreG/PvdTgky4djqu2B8NK4NA+owjK3UKuG3i/zWzATujhMC4iTHP
b8NI7fEOCzn+QQ==
-----END CERTIFICATE-----