Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          +f9gqBiVq1QkWMojtH2TnDshWQWxKDgFmGb0sn/RESs=
Subject key identifier:   1E:C1:BB:4B:B7:34:39:12:22:BD:E8:42:09:3C:F0:68:C9:D7:1A:50
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019EBEEC4A528E587AA8CE968F69D84B02EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0DE7
Signing time:             Sat 13 Jun 2026 03:00:16 +0000
Manifest this update:     Sat 13 Jun 2026 03:00:16 +0000
Manifest next update:     Sun 14 Jun 2026 03:00:16 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: PdS/wJflNLq2N5/ztE1og9kkXttdE5IALYPsXBg7fPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ec:4a:52:8e:58:7a:a8:ce:96:8f:69:d8:4b:02:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Jun 13 03:00:16 2026 GMT
            Not After : Jun 14 03:00:16 2026 GMT
        Subject: CN=1ec1bb4bb734391222bde842093cf068c9d71a50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2b:7f:3e:1f:d9:da:fa:d1:80:64:7f:d2:fb:
                    45:67:82:ef:1c:b8:a1:5e:9a:e5:df:50:da:29:26:
                    1f:72:62:6c:1f:b4:29:06:e1:1b:3b:14:06:9e:7a:
                    80:b5:ed:57:2d:f1:4c:a7:f9:35:81:cb:f8:1e:66:
                    80:8c:58:54:a0:fa:06:5d:53:f2:dc:3a:2d:c9:b7:
                    ed:18:d2:c2:59:95:64:2f:ac:43:a6:20:5c:c8:13:
                    c4:6b:a2:75:ae:33:43:60:13:fb:cd:14:88:ad:87:
                    6e:e6:3b:3e:67:e9:de:1b:d7:6f:74:44:57:cd:0c:
                    59:e7:90:a7:61:34:a1:34:b0:9e:a3:51:71:0d:a7:
                    9a:13:80:c8:bc:cc:11:f4:b5:38:12:1c:8a:80:56:
                    2d:5f:6b:c4:30:cd:ee:a4:58:46:fd:a3:2d:ea:38:
                    d9:f7:5d:9b:28:6f:a1:28:56:f2:55:06:06:9c:55:
                    c7:46:f9:5c:3c:83:0f:f6:38:b9:b0:ba:e7:77:58:
                    dd:dd:e7:c1:91:aa:3f:54:3a:3a:11:bf:76:b7:fe:
                    73:3f:ca:47:9c:a9:69:57:d8:65:d2:52:20:7d:21:
                    6b:6c:52:26:67:f4:1c:a4:f4:be:b3:a0:0c:0d:fc:
                    e5:2b:95:24:bf:3d:c6:18:90:65:4b:ef:94:49:bc:
                    2a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C1:BB:4B:B7:34:39:12:22:BD:E8:42:09:3C:F0:68:C9:D7:1A:50
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:f0:8e:68:92:93:c2:63:4b:71:96:86:f2:20:17:e1:de:95:
         42:83:76:04:98:42:6d:b2:a0:38:c5:39:59:57:3c:21:4b:98:
         e8:5b:37:4a:36:78:1d:a5:2b:92:98:e1:b0:7c:4b:4f:10:23:
         03:92:16:01:b0:4a:9d:4b:69:c8:f0:e6:b4:05:50:4e:3b:4c:
         8e:e0:2b:06:49:47:f2:4b:05:6d:af:e6:64:a3:ef:17:90:06:
         20:0c:fd:fe:f7:62:14:a9:8d:f0:92:2f:4b:4e:c5:51:57:c8:
         22:6e:d0:7e:0d:d9:91:49:6f:4c:27:1c:68:22:d1:3c:0c:cc:
         0e:b6:06:7e:cc:6a:9e:be:24:38:14:2f:ce:88:e2:bf:d3:99:
         d4:2a:9c:be:84:13:16:7f:4d:e6:1e:c5:23:b2:66:44:40:89:
         10:04:cb:38:df:18:ae:84:3e:8c:85:e7:bc:0b:c1:b1:f7:0f:
         f5:ba:2b:d3:3e:21:f1:20:de:c8:da:b7:79:32:5f:b3:27:a5:
         80:e2:42:97:9b:12:2b:69:b0:d0:66:d3:d3:e9:11:fd:4e:26:
         8d:58:d4:0f:19:f6:0a:42:9a:fe:7c:5b:10:14:7f:72:8e:69:
         eb:1e:6f:de:cd:7b:cb:ae:c3:a8:a7:f3:78:fa:aa:af:22:38:
         ab:8a:61:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7EpSjlh6qM6Wj2nYSwLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjYwNjEzMDMwMDE2WhcNMjYwNjE0MDMwMDE2WjAzMTEwLwYDVQQD
EygxZWMxYmI0YmI3MzQzOTEyMjJiZGU4NDIwOTNjZjA2OGM5ZDcxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSt/Ph/Z2vrRgGR/0vtFZ4LvHLih
Xprl31DaKSYfcmJsH7QpBuEbOxQGnnqAte1XLfFMp/k1gcv4HmaAjFhUoPoGXVPy
3DotybftGNLCWZVkL6xDpiBcyBPEa6J1rjNDYBP7zRSIrYdu5js+Z+neG9dvdERX
zQxZ55CnYTShNLCeo1FxDaeaE4DIvMwR9LU4EhyKgFYtX2vEMM3upFhG/aMt6jjZ
912bKG+hKFbyVQYGnFXHRvlcPIMP9ji5sLrnd1jd3efBkao/VDo6Eb92t/5zP8pH
nKlpV9hl0lIgfSFrbFImZ/QcpPS+s6AMDfzlK5Ukvz3GGJBlS++USbwqoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7Bu0u3NDkSIr3oQgk88GjJ1xpQMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvvCOaJKT
wmNLcZaG8iAX4d6VQoN2BJhCbbKgOMU5WVc8IUuY6Fs3SjZ4HaUrkpjhsHxLTxAj
A5IWAbBKnUtpyPDmtAVQTjtMjuArBklH8ksFba/mZKPvF5AGIAz9/vdiFKmN8JIv
S07FUVfIIm7Qfg3ZkUlvTCccaCLRPAzMDrYGfsxqnr4kOBQvzojiv9OZ1CqcvoQT
Fn9N5h7FI7JmRECJEATLON8YroQ+jIXnvAvBsfcP9bor0z4h8SDeyNq3eTJfsyel
gOJCl5sSK2mw0GbT0+kR/U4mjVjUDxn2CkKa/nxbEBR/co5p6x5v3s17y67DqKfz
ePqqryI4q4phhg==
-----END CERTIFICATE-----