Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          YrgfSnhmqdy2mxGVrFUeIEAvfk0q8kdTlc5CPqZe1M8=
Subject key identifier:   F9:65:8F:E4:47:52:47:14:16:2F:A5:26:BD:F2:89:4F:A5:A7:CD:E4
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       019A4F623765DACB23EA97F0E5CCB266ADA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          0958
Signing time:             Tue 04 Nov 2025 15:00:28 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:28 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:28 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: uiuQqCPvJoVGvI4KYHrksOLJdvxTgJ/k20GLw60BV5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:37:65:da:cb:23:ea:97:f0:e5:cc:b2:66:ad:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Nov  4 15:00:28 2025 GMT
            Not After : Nov  5 15:00:28 2025 GMT
        Subject: CN=f9658fe447524714162fa526bdf2894fa5a7cde4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:67:12:f9:33:b0:e0:c1:43:b7:8e:5e:fd:9a:
                    1e:6e:fb:72:d8:b1:a9:f6:62:59:91:aa:09:82:da:
                    90:68:2f:df:4c:7a:19:64:1f:b8:76:cf:2b:2d:9e:
                    b7:3f:ae:53:1e:9c:55:50:34:b4:0f:f1:89:42:3f:
                    0b:a3:c5:22:62:71:fb:d5:1a:b1:a4:0e:a4:17:aa:
                    06:19:c9:47:92:68:f7:3f:3e:5f:2b:06:dc:0d:e4:
                    b6:6a:c3:ec:55:ea:72:27:cb:6b:4a:1a:d0:96:8d:
                    18:8f:82:b4:84:6b:a8:fd:e2:04:3a:2d:ae:f2:ed:
                    cb:17:d7:5c:46:54:0a:e4:d1:8d:0f:ad:ea:19:57:
                    98:80:a5:b2:8d:65:4e:72:c1:1f:c2:96:7b:86:9f:
                    4f:59:ef:b2:68:7e:ec:76:39:8d:3f:85:7c:79:51:
                    bc:bb:60:99:7d:ca:4c:2d:08:4b:12:b8:0a:a5:15:
                    3e:41:f8:4d:e3:23:cf:9a:be:2c:80:ff:61:69:7a:
                    d9:3a:48:66:45:ba:a7:d0:f8:d7:f3:e4:95:98:a0:
                    ab:e5:69:e4:cb:4d:e3:1d:0f:01:ec:e6:c7:22:51:
                    10:3c:0f:93:71:c5:9b:7b:0b:7a:4e:aa:00:89:a1:
                    7b:d3:7c:fd:be:64:c2:de:d3:a7:5d:7e:c0:3b:0f:
                    5c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:65:8F:E4:47:52:47:14:16:2F:A5:26:BD:F2:89:4F:A5:A7:CD:E4
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:d5:15:cb:ab:1a:54:f7:b3:43:bb:0d:56:11:f4:8c:82:43:
         5c:fb:41:82:4e:88:e4:3b:69:65:9c:68:9f:ad:1d:97:4d:c3:
         c9:b0:46:ea:1a:1f:fb:da:a6:5f:96:82:d2:9f:b3:42:53:f9:
         9b:46:2b:9d:98:46:6b:1f:d8:d6:3e:36:6d:28:0a:56:4c:f5:
         90:7d:87:3e:6e:90:3d:48:8d:14:d8:7e:0c:9e:e1:1e:34:d2:
         0c:b4:a7:18:03:ed:af:3a:34:50:55:ef:51:84:51:9c:c3:67:
         9e:e3:1a:c7:60:78:ca:c4:58:ba:2e:17:09:ee:df:c5:23:36:
         f5:3b:05:87:0a:47:9b:72:60:ef:8e:0f:be:8a:bd:08:b4:2e:
         31:50:c9:63:d4:b0:5e:83:0e:e6:57:7c:42:05:2b:29:f7:36:
         64:34:37:88:79:f4:0f:8b:7d:72:ce:94:04:9c:ad:19:63:b8:
         57:ab:60:d6:83:4c:e7:d9:bf:81:42:82:34:70:76:81:a8:10:
         9f:06:d3:da:40:5e:37:21:d9:1a:f2:00:ea:c2:b0:d4:65:cb:
         26:88:f8:14:f9:d8:20:75:4e:d6:fb:ad:ee:3b:70:9a:4e:14:
         fe:b3:b0:5b:63:f9:c8:68:a2:a5:f5:4a:64:bf:1b:57:84:c0:
         db:46:c1:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYjdl2ssj6pfw5cyyZq2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjUxMTA0MTUwMDI4WhcNMjUxMTA1MTUwMDI4WjAzMTEwLwYDVQQD
EyhmOTY1OGZlNDQ3NTI0NzE0MTYyZmE1MjZiZGYyODk0ZmE1YTdjZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WcS+TOw4MFDt45e/Zoebvty2LGp
9mJZkaoJgtqQaC/fTHoZZB+4ds8rLZ63P65THpxVUDS0D/GJQj8Lo8UiYnH71Rqx
pA6kF6oGGclHkmj3Pz5fKwbcDeS2asPsVepyJ8trShrQlo0Yj4K0hGuo/eIEOi2u
8u3LF9dcRlQK5NGND63qGVeYgKWyjWVOcsEfwpZ7hp9PWe+yaH7sdjmNP4V8eVG8
u2CZfcpMLQhLErgKpRU+QfhN4yPPmr4sgP9haXrZOkhmRbqn0PjX8+SVmKCr5Wnk
y03jHQ8B7ObHIlEQPA+TccWbewt6TqoAiaF703z9vmTC3tOnXX7AOw9crwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPllj+RHUkcUFi+lJr3yiU+lp83kMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatUVy6sa
VPezQ7sNVhH0jIJDXPtBgk6I5DtpZZxon60dl03DybBG6hof+9qmX5aC0p+zQlP5
m0YrnZhGax/Y1j42bSgKVkz1kH2HPm6QPUiNFNh+DJ7hHjTSDLSnGAPtrzo0UFXv
UYRRnMNnnuMax2B4ysRYui4XCe7fxSM29TsFhwpHm3Jg744Pvoq9CLQuMVDJY9Sw
XoMO5ld8QgUrKfc2ZDQ3iHn0D4t9cs6UBJytGWO4V6tg1oNM59m/gUKCNHB2gagQ
nwbT2kBeNyHZGvIA6sKw1GXLJoj4FPnYIHVO1vut7jtwmk4U/rOwW2P5yGiipfVK
ZL8bV4TA20bBWA==
-----END CERTIFICATE-----