Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          sdtgjpyNQTVuVewYJ/gXOOnbomvSmAsyz+BT6YGSM8c=
Subject key identifier:   06:71:01:16:CE:D1:AC:5D:4B:3A:90:A1:CC:B0:6A:FB:D7:CE:B6:32
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019CAA58F9959FDCACF4956149E539763320
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          101C
Signing time:             Sun 01 Mar 2026 17:01:23 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:23 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:23 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: KDMu4X6DzxNzjtLnNKRt5t9HdFOi+gOQ8i+ZJQ+gloo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:f9:95:9f:dc:ac:f4:95:61:49:e5:39:76:33:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Mar  1 17:01:23 2026 GMT
            Not After : Mar  2 17:01:23 2026 GMT
        Subject: CN=06710116ced1ac5d4b3a90a1ccb06afbd7ceb632
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c1:32:d6:1b:34:e6:41:c1:38:c3:8d:74:95:
                    cd:38:57:27:cb:4b:b8:00:4a:b6:1c:4c:2b:25:dc:
                    ac:e7:cd:7d:2e:6f:dc:8f:c7:86:0d:fa:21:8b:bc:
                    e6:9f:99:74:fd:c5:e6:ce:8b:ce:c6:50:3a:73:69:
                    70:f7:fa:6a:d6:ff:7c:b4:23:cd:d8:92:aa:d1:30:
                    98:ed:a0:9d:fe:90:ab:00:ed:a3:b7:30:8d:1b:18:
                    33:b0:da:93:47:78:27:00:e6:62:86:f8:21:2f:a1:
                    8e:d6:bf:01:df:26:40:45:47:6d:72:e0:14:97:00:
                    1e:8a:13:a8:19:32:5d:47:3d:e4:86:65:6b:17:44:
                    d7:82:02:71:de:cd:35:d0:2a:ba:39:63:bb:d6:be:
                    50:b9:8c:76:0a:02:8c:17:e5:3a:07:c0:ed:e2:85:
                    4a:c1:53:1c:ce:5a:64:f8:db:dd:38:19:af:ca:e1:
                    d7:ad:80:89:77:87:fe:a6:e0:e7:07:57:bb:cf:a5:
                    77:8f:b6:b1:42:97:d5:55:0d:c4:c9:80:ca:c6:61:
                    05:35:0e:5e:c0:1e:04:35:f6:da:ca:f8:e1:f0:96:
                    be:30:a5:95:43:95:78:24:56:01:39:f1:12:8c:16:
                    5a:6e:b1:8b:7a:f4:60:ff:d1:e8:84:8d:3f:58:bd:
                    87:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:71:01:16:CE:D1:AC:5D:4B:3A:90:A1:CC:B0:6A:FB:D7:CE:B6:32
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:d5:d9:43:8c:9a:68:fa:b1:a6:10:0b:39:ce:67:1e:72:64:
         85:92:b5:f5:df:b1:7b:59:44:17:7d:f9:b3:ef:12:35:55:f4:
         aa:1a:62:db:8f:66:2c:6a:74:3c:0e:9f:bd:9f:9f:e7:71:36:
         df:a1:d2:7f:dd:04:45:15:97:a2:cb:a1:d3:48:b9:7e:5b:3f:
         a5:c7:c3:fb:37:2d:f8:1c:29:d3:fd:de:38:7a:c2:9b:15:60:
         a9:86:67:f0:b5:cf:68:79:3d:ad:a7:03:8b:33:2f:43:1c:18:
         91:63:5c:f8:df:d1:bd:e9:d6:67:e2:1a:2f:75:0d:ae:04:f4:
         20:f6:1c:94:c5:44:1d:72:bd:ac:77:49:c3:ea:cb:6c:f1:75:
         6f:19:47:78:96:e0:38:24:e7:08:58:db:e4:0f:fa:b4:fb:4f:
         82:9f:ed:6b:8a:e9:ae:bc:84:e3:3d:14:d3:bd:e9:42:d2:0c:
         a4:f8:ad:18:59:82:60:75:27:45:09:20:5e:68:46:2e:11:25:
         76:16:e8:78:8d:1a:96:08:3b:f9:6e:8b:fd:37:25:09:85:ef:
         45:24:42:06:f3:1b:eb:cb:24:e8:ef:eb:d5:e9:dc:c4:9c:7a:
         bf:e4:b1:bf:f2:2d:fc:b4:11:d7:12:c5:cd:8d:02:fb:8a:e2:
         c4:90:92:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWPmVn9ys9JVhSeU5djMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjYwMzAxMTcwMTIzWhcNMjYwMzAyMTcwMTIzWjAzMTEwLwYDVQQD
EygwNjcxMDExNmNlZDFhYzVkNGIzYTkwYTFjY2IwNmFmYmQ3Y2ViNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsEy1hs05kHBOMONdJXNOFcny0u4
AEq2HEwrJdys5819Lm/cj8eGDfohi7zmn5l0/cXmzovOxlA6c2lw9/pq1v98tCPN
2JKq0TCY7aCd/pCrAO2jtzCNGxgzsNqTR3gnAOZihvghL6GO1r8B3yZARUdtcuAU
lwAeihOoGTJdRz3khmVrF0TXggJx3s010Cq6OWO71r5QuYx2CgKMF+U6B8Dt4oVK
wVMczlpk+NvdOBmvyuHXrYCJd4f+puDnB1e7z6V3j7axQpfVVQ3EyYDKxmEFNQ5e
wB4ENfbayvjh8Ja+MKWVQ5V4JFYBOfESjBZabrGLevRg/9HohI0/WL2H1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZxARbO0axdSzqQocywavvXzrYyMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArNXZQ4ya
aPqxphALOc5nHnJkhZK19d+xe1lEF335s+8SNVX0qhpi249mLGp0PA6fvZ+f53E2
36HSf90ERRWXosuh00i5fls/pcfD+zct+Bwp0/3eOHrCmxVgqYZn8LXPaHk9racD
izMvQxwYkWNc+N/RvenWZ+IaL3UNrgT0IPYclMVEHXK9rHdJw+rLbPF1bxlHeJbg
OCTnCFjb5A/6tPtPgp/ta4rprryE4z0U073pQtIMpPitGFmCYHUnRQkgXmhGLhEl
dhboeI0algg7+W6L/TclCYXvRSRCBvMb68sk6O/r1encxJx6v+Sxv/It/LQR1xLF
zY0C+4rixJCSCg==
-----END CERTIFICATE-----