Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          dZXDHfSGceRceXk35Ed6e9deJhyshHlwNzZYGfKTrqI=
Subject key identifier:   D8:08:5A:82:02:32:73:B1:47:9D:BF:4A:4B:4A:EB:40:69:35:96:6E
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       0198744FCAB8F0ED7CC1709CF6C2A31D9163
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          0862
Signing time:             Mon 04 Aug 2025 09:00:42 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:42 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:42 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: CjXjMn7hNY1RdqxF01MzrCPS+Rc2ZIs5R7xK1DFDDoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:ca:b8:f0:ed:7c:c1:70:9c:f6:c2:a3:1d:91:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Aug  4 09:00:42 2025 GMT
            Not After : Aug  5 09:00:42 2025 GMT
        Subject: CN=d8085a82023273b1479dbf4a4b4aeb406935966e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d2:49:81:0e:b9:11:c7:17:7e:5f:cc:e6:13:
                    0a:54:43:eb:ee:65:5c:5f:32:3b:c7:dc:5e:4c:0b:
                    af:61:dc:ec:75:0d:f9:30:4c:32:c5:27:b1:3a:a6:
                    c6:9e:0a:dc:d9:52:92:48:e2:59:57:7a:26:3e:de:
                    00:29:e0:a4:c5:4f:05:72:d3:e6:61:87:ae:76:f6:
                    61:d1:b6:02:59:1a:9f:25:15:b4:d6:b0:b1:18:ad:
                    d1:a1:1f:55:8f:9a:6f:79:4b:fe:e6:df:80:cc:fe:
                    6d:ed:9e:19:d8:69:6d:16:24:c3:c9:6f:54:6d:71:
                    8c:59:29:92:9d:2e:be:07:7b:c8:d0:20:e7:38:c0:
                    c7:e1:7e:42:be:a1:9c:e4:06:0a:91:68:b0:20:7d:
                    1e:d4:68:d3:c3:e5:54:3f:be:a2:45:54:1d:9c:b7:
                    01:8a:e8:7c:02:7d:8a:96:e6:64:7b:cd:fc:37:bf:
                    43:a9:55:5e:31:6f:31:bc:80:3b:da:cd:48:dd:06:
                    a0:5f:8c:35:ea:24:2f:4e:ed:7d:ff:28:23:37:25:
                    e7:a4:2b:5b:de:a8:4b:b0:cd:20:e0:e0:16:d4:e0:
                    16:fd:4c:f7:df:93:45:a4:b3:87:a5:b4:3f:65:57:
                    1a:3d:f8:91:59:6a:14:b3:50:a6:aa:98:ba:e6:cd:
                    ed:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:08:5A:82:02:32:73:B1:47:9D:BF:4A:4B:4A:EB:40:69:35:96:6E
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:20:ff:e8:12:e6:fe:b2:25:22:44:9c:a2:27:98:26:e3:77:
         70:11:d4:b2:eb:89:53:44:26:d5:f3:8b:2d:4b:d6:05:cc:dd:
         c2:66:50:27:96:f7:5c:34:df:fc:f4:b8:85:ea:80:d6:0f:1f:
         4a:38:b8:90:45:9e:a5:48:10:42:ff:fa:82:de:83:6e:ba:d3:
         95:ff:32:db:18:22:c4:72:85:99:01:1f:ca:4a:0b:a4:8c:16:
         ed:bd:82:46:d8:7f:2a:98:36:3c:d5:14:e8:ed:5f:f1:c3:0b:
         bb:2c:ff:4c:b2:91:87:20:3d:9e:2c:e3:b7:9a:5b:15:a8:a4:
         68:68:67:ae:4d:28:d5:34:27:3e:f9:92:6c:28:e7:74:39:1e:
         46:2c:c1:e1:75:66:9e:c7:c3:70:de:53:d0:e6:bd:33:cf:b4:
         49:0c:69:a4:7f:37:a8:5e:13:94:32:96:30:ad:da:fa:1d:87:
         54:61:c8:45:03:e3:61:88:a8:4b:52:de:4f:c2:de:65:18:74:
         fe:c6:75:e3:9d:0d:62:bd:8c:bf:66:7f:87:0c:e8:02:13:d6:
         c3:a2:b0:3d:fb:0f:ad:53:1b:e6:7d:c1:d5:31:f6:c6:4f:1c:
         21:2d:38:25:d8:7f:18:b9:2f:8f:01:43:2c:07:da:2a:c4:97:
         8d:ab:0b:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T8q48O18wXCc9sKjHZFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjUwODA0MDkwMDQyWhcNMjUwODA1MDkwMDQyWjAzMTEwLwYDVQQD
EyhkODA4NWE4MjAyMzI3M2IxNDc5ZGJmNGE0YjRhZWI0MDY5MzU5NjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutJJgQ65EccXfl/M5hMKVEPr7mVc
XzI7x9xeTAuvYdzsdQ35MEwyxSexOqbGngrc2VKSSOJZV3omPt4AKeCkxU8FctPm
YYeudvZh0bYCWRqfJRW01rCxGK3RoR9Vj5pveUv+5t+AzP5t7Z4Z2GltFiTDyW9U
bXGMWSmSnS6+B3vI0CDnOMDH4X5CvqGc5AYKkWiwIH0e1GjTw+VUP76iRVQdnLcB
iuh8An2KluZke838N79DqVVeMW8xvIA72s1I3QagX4w16iQvTu19/ygjNyXnpCtb
3qhLsM0g4OAW1OAW/Uz335NFpLOHpbQ/ZVcaPfiRWWoUs1Cmqpi65s3t8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgIWoICMnOxR52/SktK60BpNZZuMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjyD/6BLm
/rIlIkScoieYJuN3cBHUsuuJU0Qm1fOLLUvWBczdwmZQJ5b3XDTf/PS4heqA1g8f
Sji4kEWepUgQQv/6gt6DbrrTlf8y2xgixHKFmQEfykoLpIwW7b2CRth/Kpg2PNUU
6O1f8cMLuyz/TLKRhyA9nizjt5pbFaikaGhnrk0o1TQnPvmSbCjndDkeRizB4XVm
nsfDcN5T0Oa9M8+0SQxppH83qF4TlDKWMK3a+h2HVGHIRQPjYYioS1LeT8LeZRh0
/sZ1450NYr2Mv2Z/hwzoAhPWw6KwPfsPrVMb5n3B1TH2xk8cIS04Jdh/GLkvjwFD
LAfaKsSXjasLXg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:42 2025 by rpki-client