Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
File:                     bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft (raw, json)
Hash identifier:          TEkkcBBy7aqMRosE5c1fdJsHWdGkqieLlSjA+fBq8zc=
Subject key identifier:   94:40:D3:03:D8:98:CA:58:DC:2D:6F:38:38:9F:49:67:CD:62:15:43
Authority key identifier: 6E:68:C1:B9:0E:45:F9:1B:AB:8D:60:78:8E:ED:25:CB:4A:01:0F:E8
Certificate issuer:       /CN=6e68c1b90e45f91bab8d60788eed25cb4a010fe8
Certificate serial:       019D992BA5EA80343C04A1E7BA424DA2155B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
Manifest number:          080D
Signing time:             Fri 17 Apr 2026 02:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 02:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 02:01:07 +0000
Files and hashes:         1: bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl (hash: qzmgtwvgdn/Zv77vHfTRfIXZw0Mv1KbHmYh9iNyvoGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 02:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:a5:ea:80:34:3c:04:a1:e7:ba:42:4d:a2:15:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e68c1b90e45f91bab8d60788eed25cb4a010fe8
        Validity
            Not Before: Apr 17 02:01:07 2026 GMT
            Not After : Apr 18 02:01:07 2026 GMT
        Subject: CN=9440d303d898ca58dc2d6f38389f4967cd621543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b9:4f:15:9c:b7:2e:52:22:2f:88:e4:f7:d3:
                    31:67:05:dc:dd:27:e7:ca:62:15:7e:47:52:7e:aa:
                    a5:b7:f1:55:52:1e:b8:a1:0d:49:a1:49:60:21:35:
                    cb:a6:01:cc:72:06:fb:85:fc:09:a2:70:8e:88:ee:
                    4f:16:51:5e:fb:29:96:69:51:37:70:13:fe:39:3d:
                    42:b8:de:d5:0b:0c:0a:a7:ef:94:ce:66:13:b2:7b:
                    16:0e:e0:0a:9f:bf:05:9e:27:c1:ce:c1:b5:12:e8:
                    07:28:41:0d:05:09:bb:58:44:9c:c8:72:a7:30:0f:
                    ab:ed:f7:7c:55:8f:3b:a2:f8:1e:51:c5:9d:6f:24:
                    4c:9e:c7:ed:be:7c:74:9e:5b:93:f7:1b:d2:dd:b0:
                    54:6b:01:a8:8c:16:94:44:21:72:96:96:b2:97:bd:
                    c0:98:06:74:0e:3e:db:88:d3:79:86:11:cb:42:a9:
                    df:01:fb:d3:de:a0:3c:a2:d4:8f:43:65:ca:fa:07:
                    99:fd:ee:f9:6b:5b:22:cb:ad:db:f2:58:05:0a:f9:
                    e6:41:a7:cc:a3:e6:7a:36:d8:53:bc:b6:ee:7a:77:
                    d3:c6:d6:b2:a5:60:6b:ae:9b:4f:9d:09:85:6f:cb:
                    47:4f:79:1d:a7:29:74:61:12:98:04:ef:37:8a:1d:
                    b0:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:40:D3:03:D8:98:CA:58:DC:2D:6F:38:38:9F:49:67:CD:62:15:43
            X509v3 Authority Key Identifier:
                keyid:6E:68:C1:B9:0E:45:F9:1B:AB:8D:60:78:8E:ED:25:CB:4A:01:0F:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmjBuQ5F-RurjWB4ju0ly0oBD-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bbaca1-f557-4104-b5fa-1740630fcc45/1/bmjBuQ5F-RurjWB4ju0ly0oBD-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:31:c0:76:1f:c6:9d:d1:86:8d:5a:16:c2:d3:d9:0d:11:ab:
         1a:6a:a8:d2:d9:62:61:d4:c6:28:d9:f0:0f:e6:8a:24:00:f8:
         d4:be:c7:c2:ad:d1:32:cf:ea:41:33:c5:82:5a:f1:99:6c:97:
         a0:2a:ce:a9:48:2a:a1:d4:13:d5:23:54:7b:78:a6:fd:d4:37:
         91:ad:6a:db:a8:6a:6f:8c:0e:e4:25:5d:bc:40:fd:7d:06:e9:
         66:11:c0:65:60:ac:d6:0b:da:d3:f0:17:c0:82:71:7e:23:38:
         da:94:9a:84:68:7c:f0:1e:af:be:8e:e9:5a:33:24:98:76:de:
         0f:d1:18:72:3e:f8:38:9c:e7:cb:0d:af:8d:21:0b:f2:76:38:
         82:3d:35:b6:c6:86:0e:e6:71:49:9c:37:cf:f8:ce:63:8d:17:
         6d:3e:8e:3d:34:84:dc:ee:f2:4f:8e:6e:9a:ab:9d:00:99:7a:
         5c:c4:41:02:13:0c:0c:3a:17:a6:c7:c1:7e:90:d7:ee:3d:2d:
         98:c0:77:7a:fc:c9:cb:ea:46:c6:3b:f9:b3:ce:a2:51:b7:b1:
         ec:3b:e9:b3:6d:ae:32:68:2a:64:2e:f5:d5:c8:af:54:b0:4a:
         b4:7b:32:fc:f4:71:69:56:e3:3c:1f:49:6d:a9:2c:23:f6:0f:
         e8:56:fb:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK6XqgDQ8BKHnukJNohVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjhjMWI5MGU0NWY5MWJhYjhkNjA3ODhlZWQyNWNiNGEw
MTBmZTgwHhcNMjYwNDE3MDIwMTA3WhcNMjYwNDE4MDIwMTA3WjAzMTEwLwYDVQQD
Eyg5NDQwZDMwM2Q4OThjYTU4ZGMyZDZmMzgzODlmNDk2N2NkNjIxNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxblPFZy3LlIiL4jk99MxZwXc3Sfn
ymIVfkdSfqqlt/FVUh64oQ1JoUlgITXLpgHMcgb7hfwJonCOiO5PFlFe+ymWaVE3
cBP+OT1CuN7VCwwKp++UzmYTsnsWDuAKn78FnifBzsG1EugHKEENBQm7WEScyHKn
MA+r7fd8VY87ovgeUcWdbyRMnsftvnx0nluT9xvS3bBUawGojBaURCFylpayl73A
mAZ0Dj7biNN5hhHLQqnfAfvT3qA8otSPQ2XK+geZ/e75a1siy63b8lgFCvnmQafM
o+Z6NthTvLbuenfTxtaypWBrrptPnQmFb8tHT3kdpyl0YRKYBO83ih2wvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRA0wPYmMpY3C1vODifSWfNYhVDMB8GA1UdIwQY
MBaAFG5owbkORfkbq41geI7tJctKAQ/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmFjYTEtZjU1Ny00MTA0LWI1ZmEt
MTc0MDYzMGZjYzQ1LzEvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmFjYTEtZjU1Ny00MTA0LWI1ZmEtMTc0MDYzMGZjYzQ1
LzEvYm1qQnVRNUYtUnVyaldCNGp1MGx5MG9CRC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiDHAdh/G
ndGGjVoWwtPZDRGrGmqo0tliYdTGKNnwD+aKJAD41L7Hwq3RMs/qQTPFglrxmWyX
oCrOqUgqodQT1SNUe3im/dQ3ka1q26hqb4wO5CVdvED9fQbpZhHAZWCs1gva0/AX
wIJxfiM42pSahGh88B6vvo7pWjMkmHbeD9EYcj74OJznyw2vjSEL8nY4gj01tsaG
DuZxSZw3z/jOY40XbT6OPTSE3O7yT45umqudAJl6XMRBAhMMDDoXpsfBfpDX7j0t
mMB3evzJy+pGxjv5s86iUbex7Dvps22uMmgqZC711civVLBKtHsy/PRxaVbjPB9J
baksI/YP6Fb7Hw==
-----END CERTIFICATE-----