Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          Eudwoy65Q3WALOTkalmKwcA9gJ7Eeri/c17t4myJrb0=
Subject key identifier:   9D:9B:B1:C1:7C:20:9C:C2:D9:38:43:10:48:BA:CC:F4:60:7F:42:52
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019CA9EB1ADABCC69279ABB71413BB5250CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0CD3
Signing time:             Sun 01 Mar 2026 15:01:23 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:23 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:23 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: iITEqm7GG7GFfsXfhDDPzqqQvhuFy2+dTWgJLGe2l6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:1a:da:bc:c6:92:79:ab:b7:14:13:bb:52:50:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Mar  1 15:01:23 2026 GMT
            Not After : Mar  2 15:01:23 2026 GMT
        Subject: CN=9d9bb1c17c209cc2d938431048baccf4607f4252
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2c:fd:26:3a:ed:47:51:10:01:61:d4:1e:23:
                    16:19:83:ed:f4:20:8f:5c:5d:c0:a1:b4:e0:f3:93:
                    3c:21:6a:6f:f1:6e:23:53:e6:46:8b:47:83:f2:fd:
                    4c:f2:4b:e4:c4:61:03:a9:43:70:cd:9a:0d:d4:66:
                    75:2a:9b:3d:79:a2:25:6a:8a:c9:58:05:41:d2:b9:
                    5c:be:ad:3c:67:f0:6a:43:3f:96:82:6e:8f:38:07:
                    77:0f:93:43:6e:c3:bd:ad:27:f0:9c:db:7a:c8:b4:
                    b1:b8:18:f2:dd:b6:1c:fc:8f:ab:07:a0:5e:91:84:
                    66:cc:51:bd:47:9f:b5:5b:56:a4:19:79:92:b2:6c:
                    57:2d:f1:16:fd:fd:f7:9c:3b:8b:bf:94:9c:80:09:
                    88:7c:66:4b:41:b5:b7:42:1d:dd:9c:b8:4e:d7:f0:
                    e0:c9:14:be:43:17:69:68:71:34:7b:fd:e2:30:be:
                    52:21:4d:3e:1c:e8:3a:28:7a:0c:f2:94:57:95:f6:
                    cf:f8:e2:89:74:27:43:55:2e:86:c1:b7:1c:0b:57:
                    ef:e0:62:07:9a:0d:41:fa:74:96:ec:22:a3:c3:6d:
                    5c:f5:a1:9c:93:9a:81:c1:5e:91:55:60:4f:c2:0e:
                    3d:a2:63:2d:b6:fc:a6:71:1b:cb:da:07:ce:56:24:
                    82:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:9B:B1:C1:7C:20:9C:C2:D9:38:43:10:48:BA:CC:F4:60:7F:42:52
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:68:c2:15:c5:07:8c:5a:9a:f6:20:78:14:c1:71:de:db:1c:
         21:25:be:2c:fc:f4:64:f6:4e:7f:c4:63:c8:7f:4e:a5:87:4c:
         1b:ee:55:2d:39:17:0a:eb:ba:0d:51:ee:b8:d2:3d:a8:1a:52:
         5e:89:7d:09:13:2e:26:d4:35:cb:05:bb:9d:63:37:6e:67:ad:
         9a:c2:8a:5d:8a:da:1a:f0:37:8d:ec:c7:87:af:ee:7f:9d:d1:
         03:63:d7:49:35:a8:2c:92:a2:d1:65:2f:a2:77:c2:41:26:22:
         19:ee:a9:cd:f6:52:39:1d:d0:11:db:a6:35:9d:17:b5:59:12:
         40:c1:5d:02:ed:11:ea:92:49:0c:7f:d4:18:e4:eb:29:3a:08:
         c7:69:0f:ea:fa:31:a4:87:64:13:a5:89:60:be:e2:91:65:90:
         af:4c:e2:09:cf:ef:ec:26:76:03:10:60:3b:e6:e4:b3:a0:d9:
         d2:dc:73:fc:fc:d3:5f:70:f8:c2:02:74:99:ab:0e:ac:de:be:
         6c:c5:ff:c9:ec:7f:9e:09:aa:d6:4d:b5:1c:60:ee:c5:8b:17:
         35:e0:d1:ce:d4:6c:16:67:6c:19:ce:f4:68:6b:39:3d:00:79:
         a9:74:54:10:63:94:6e:ac:72:6b:f1:f1:b3:7d:2a:9a:cb:4f:
         8c:4d:1e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6xravMaSeau3FBO7UlDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjYwMzAxMTUwMTIzWhcNMjYwMzAyMTUwMTIzWjAzMTEwLwYDVQQD
Eyg5ZDliYjFjMTdjMjA5Y2MyZDkzODQzMTA0OGJhY2NmNDYwN2Y0MjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyz9JjrtR1EQAWHUHiMWGYPt9CCP
XF3AobTg85M8IWpv8W4jU+ZGi0eD8v1M8kvkxGEDqUNwzZoN1GZ1Kps9eaIlaorJ
WAVB0rlcvq08Z/BqQz+Wgm6POAd3D5NDbsO9rSfwnNt6yLSxuBjy3bYc/I+rB6Be
kYRmzFG9R5+1W1akGXmSsmxXLfEW/f33nDuLv5ScgAmIfGZLQbW3Qh3dnLhO1/Dg
yRS+QxdpaHE0e/3iML5SIU0+HOg6KHoM8pRXlfbP+OKJdCdDVS6GwbccC1fv4GIH
mg1B+nSW7CKjw21c9aGck5qBwV6RVWBPwg49omMttvymcRvL2gfOViSCzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2bscF8IJzC2ThDEEi6zPRgf0JSMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvWjCFcUH
jFqa9iB4FMFx3tscISW+LPz0ZPZOf8RjyH9OpYdMG+5VLTkXCuu6DVHuuNI9qBpS
Xol9CRMuJtQ1ywW7nWM3bmetmsKKXYraGvA3jezHh6/uf53RA2PXSTWoLJKi0WUv
onfCQSYiGe6pzfZSOR3QEdumNZ0XtVkSQMFdAu0R6pJJDH/UGOTrKToIx2kP6vox
pIdkE6WJYL7ikWWQr0ziCc/v7CZ2AxBgO+bks6DZ0txz/PzTX3D4wgJ0masOrN6+
bMX/yex/ngmq1k21HGDuxYsXNeDRztRsFmdsGc70aGs5PQB5qXRUEGOUbqxya/Hx
s30qmstPjE0ekg==
-----END CERTIFICATE-----