Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          dEb1//OLmkN/wKyxEaeuFJKN9rMWOOM3N5rVyjSvDQs=
Subject key identifier:   6D:A7:DA:F2:5D:04:E7:60:B0:54:35:EF:E9:39:9C:BF:4C:EC:65:EE
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019EBF5AE9FD4F9B7DFF0D949BE9FDB7F17A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          1130
Signing time:             Sat 13 Jun 2026 05:01:06 +0000
Manifest this update:     Sat 13 Jun 2026 05:01:06 +0000
Manifest next update:     Sun 14 Jun 2026 05:01:06 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: WDSUTBOhqu5qmRcu9EAnUOBpIJxiM70fOzozys9fSuM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:5a:e9:fd:4f:9b:7d:ff:0d:94:9b:e9:fd:b7:f1:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Jun 13 05:01:06 2026 GMT
            Not After : Jun 14 05:01:06 2026 GMT
        Subject: CN=6da7daf25d04e760b05435efe9399cbf4cec65ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:18:c0:66:c7:d5:ef:91:ad:ce:2f:c1:32:f1:
                    66:26:e8:f7:51:fe:dc:7c:7c:3b:57:be:73:4f:0d:
                    f5:7a:83:b7:73:45:9c:7e:12:90:29:91:59:a6:73:
                    c7:9c:0e:ff:3e:54:16:7e:d1:8f:58:e8:c4:51:ad:
                    0a:ba:e7:c3:27:2c:63:bb:c0:58:1e:06:1b:da:db:
                    a8:19:0e:40:00:5d:b6:76:e9:53:f3:ef:66:15:e7:
                    86:85:05:9c:2c:40:74:97:44:45:75:a7:72:2e:a9:
                    41:f1:e7:1c:c2:44:4f:05:dc:55:b0:9d:a9:0a:fd:
                    06:eb:cb:c2:b0:cf:01:43:ed:f0:be:b3:0d:89:89:
                    1a:76:2e:f4:cf:cc:c2:dc:dc:de:a9:de:15:b5:d4:
                    8d:1c:19:7e:d3:97:4b:be:93:cc:dc:8e:89:00:fc:
                    77:db:aa:c1:36:04:58:6b:a7:cb:a5:28:50:41:bb:
                    02:d8:c5:94:e4:34:c6:d1:88:95:c8:a1:73:c6:d9:
                    69:15:1b:b9:8b:16:3c:99:1b:2a:ba:2e:5b:05:9c:
                    04:4d:88:a8:6e:4c:f1:7f:17:5c:71:dc:05:84:4a:
                    a7:dc:1c:8f:e0:fe:75:20:c9:f1:ab:86:4d:25:8e:
                    1b:5c:88:72:29:b7:56:73:65:d9:01:7a:bf:e8:00:
                    1b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:A7:DA:F2:5D:04:E7:60:B0:54:35:EF:E9:39:9C:BF:4C:EC:65:EE
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:be:42:da:f0:88:f5:d8:f6:f0:e5:18:19:1e:a3:82:d8:0b:
         d4:d9:98:8f:7f:25:c5:f5:bf:c2:3f:39:23:7a:9f:d7:4e:8b:
         5c:77:32:13:82:db:d6:93:75:e5:5d:0f:51:d8:a1:49:d6:ea:
         60:07:8e:a6:2f:2a:29:48:9f:37:9f:48:a7:12:34:c8:ff:03:
         97:af:49:bf:84:35:ac:28:c1:69:cd:46:de:d6:df:e0:df:0f:
         41:86:71:41:34:9f:e4:f9:6e:47:99:91:91:3f:69:06:01:f1:
         14:66:19:8b:f3:4c:ba:0c:75:44:73:68:e4:d6:96:09:9e:23:
         d3:4a:1c:c5:09:4a:76:be:fe:96:0e:2e:cf:a2:a9:b9:0f:ed:
         81:1b:20:15:7f:bc:26:95:b5:bd:c5:95:d2:bb:28:86:0e:a1:
         1b:71:bf:6c:33:c0:e1:ac:4d:59:80:91:76:09:92:76:46:ab:
         00:56:34:66:94:e3:9d:bb:19:bc:aa:58:00:b9:62:d0:07:55:
         26:49:37:08:4f:ba:42:01:95:0f:f9:d5:cf:cd:7b:c6:1c:0c:
         fa:f5:5a:2e:51:7b:ce:8b:d7:0d:08:42:a7:92:fa:22:96:9d:
         d3:1f:95:05:75:03:2b:88:23:d1:71:a9:95:e6:80:41:de:f4:
         4a:05:35:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/Wun9T5t9/w2Um+n9t/F6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjYwNjEzMDUwMTA2WhcNMjYwNjE0MDUwMTA2WjAzMTEwLwYDVQQD
Eyg2ZGE3ZGFmMjVkMDRlNzYwYjA1NDM1ZWZlOTM5OWNiZjRjZWM2NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BjAZsfV75Gtzi/BMvFmJuj3Uf7c
fHw7V75zTw31eoO3c0WcfhKQKZFZpnPHnA7/PlQWftGPWOjEUa0KuufDJyxju8BY
HgYb2tuoGQ5AAF22dulT8+9mFeeGhQWcLEB0l0RFdadyLqlB8eccwkRPBdxVsJ2p
Cv0G68vCsM8BQ+3wvrMNiYkadi70z8zC3Nzeqd4VtdSNHBl+05dLvpPM3I6JAPx3
26rBNgRYa6fLpShQQbsC2MWU5DTG0YiVyKFzxtlpFRu5ixY8mRsqui5bBZwETYio
bkzxfxdccdwFhEqn3ByP4P51IMnxq4ZNJY4bXIhyKbdWc2XZAXq/6AAbSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2n2vJdBOdgsFQ17+k5nL9M7GXuMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY75C2vCI
9dj28OUYGR6jgtgL1NmYj38lxfW/wj85I3qf106LXHcyE4Lb1pN15V0PUdihSdbq
YAeOpi8qKUifN59IpxI0yP8Dl69Jv4Q1rCjBac1G3tbf4N8PQYZxQTSf5PluR5mR
kT9pBgHxFGYZi/NMugx1RHNo5NaWCZ4j00ocxQlKdr7+lg4uz6KpuQ/tgRsgFX+8
JpW1vcWV0rsohg6hG3G/bDPA4axNWYCRdgmSdkarAFY0ZpTjnbsZvKpYALli0AdV
Jkk3CE+6QgGVD/nVz817xhwM+vVaLlF7zovXDQhCp5L6Ipad0x+VBXUDK4gj0XGp
leaAQd70SgU1Ew==
-----END CERTIFICATE-----