Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          V1lv7rcsptKQzujE2LPF7xij0xL+siyUvwWSaGh2QCc=
Subject key identifier:   32:99:4C:D8:3B:12:E9:22:47:99:E5:0D:60:3A:98:E3:90:F2:06:80
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       019DA309F047FE78091839E2D4515B94D5D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          0B11
Signing time:             Sun 19 Apr 2026 00:00:30 +0000
Manifest this update:     Sun 19 Apr 2026 00:00:30 +0000
Manifest next update:     Mon 20 Apr 2026 00:00:30 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: Y8zlM+SS15fF9VANOUU/ZZreh2eCWgzIB6BY9pRLbms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:09:f0:47:fe:78:09:18:39:e2:d4:51:5b:94:d5:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: Apr 19 00:00:30 2026 GMT
            Not After : Apr 20 00:00:30 2026 GMT
        Subject: CN=32994cd83b12e9224799e50d603a98e390f20680
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:34:c8:17:f3:7c:0d:38:80:87:5c:f0:9a:22:
                    c5:ad:7a:51:15:2a:22:3e:24:5f:ad:a4:11:fb:bc:
                    fc:fc:bb:d0:1d:12:ea:2f:92:56:17:39:fa:7b:31:
                    3f:7a:33:cb:b6:e7:26:87:84:d2:10:6a:7d:32:bb:
                    69:04:f0:fb:82:68:95:f3:04:58:ff:8b:80:47:72:
                    fb:3e:58:ff:21:5f:47:13:09:dd:27:f8:63:f8:c1:
                    a9:85:df:e8:a0:4e:f6:5b:e7:38:67:e3:c3:88:34:
                    4d:f2:de:62:6a:8e:92:69:ea:1c:ae:79:36:ef:1d:
                    a5:5c:27:96:7f:c6:b3:e3:8b:43:72:2b:b4:c4:10:
                    59:40:52:0d:8d:6f:8c:2a:6b:50:56:8e:40:a4:a4:
                    72:67:21:05:4c:f8:d1:27:93:cc:8e:01:54:9f:29:
                    93:b4:bf:af:21:42:d2:57:f0:5d:32:86:8f:05:f2:
                    4e:53:97:ba:35:92:38:4e:c7:f8:49:63:51:18:de:
                    e1:b4:64:44:a9:6c:95:5d:2e:ae:66:34:e7:ba:74:
                    84:0e:c9:10:69:f1:26:52:c4:74:5b:e4:18:7a:a3:
                    ee:9f:78:88:cb:95:88:2e:90:af:6e:2e:b2:90:8a:
                    0a:91:e6:61:19:5a:dd:bc:2a:2d:f9:f2:3f:d1:65:
                    e9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:99:4C:D8:3B:12:E9:22:47:99:E5:0D:60:3A:98:E3:90:F2:06:80
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:22:d7:66:89:6a:f5:88:0c:ef:10:34:87:23:65:94:62:53:
         5a:7a:ae:3d:2b:4d:c5:ca:af:26:fc:23:0e:f9:aa:08:5b:5f:
         5c:a5:d2:4b:a3:db:e8:58:03:c1:0e:ac:21:31:78:9a:55:3c:
         a6:b3:10:58:05:c5:fe:40:49:1b:2c:34:7a:fb:08:c7:d7:36:
         48:05:2c:38:43:b6:43:9c:3f:3d:72:6e:78:96:03:72:f2:8c:
         72:13:cc:21:b5:3b:fe:79:f5:92:5d:f4:98:77:db:fd:b3:09:
         32:89:23:b8:68:51:c9:56:93:f8:41:41:02:ce:e3:75:0f:a4:
         18:dd:9c:cc:bf:f7:d9:c0:c1:3f:fc:ad:74:56:0d:f6:a5:d5:
         ac:02:ad:92:a1:dc:de:92:c7:7b:ba:2c:4b:33:5d:8e:5a:ce:
         f2:ce:14:28:0c:56:56:22:94:9b:64:ac:4e:14:1c:ed:7b:c9:
         71:47:72:63:8a:e3:10:86:04:f1:33:02:37:2b:1b:12:b7:61:
         cd:e4:c5:39:65:41:be:34:26:0a:fd:9d:20:47:88:5e:9f:dc:
         18:a2:1d:79:68:6d:b1:9f:3c:ce:43:f6:5f:8d:d5:03:ff:9e:
         d8:fb:65:ab:27:2f:08:4a:5a:1c:cf:6d:8a:8d:5e:54:f9:91:
         35:b7:4d:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCfBH/ngJGDni1FFblNXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjYwNDE5MDAwMDMwWhcNMjYwNDIwMDAwMDMwWjAzMTEwLwYDVQQD
EygzMjk5NGNkODNiMTJlOTIyNDc5OWU1MGQ2MDNhOThlMzkwZjIwNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TTIF/N8DTiAh1zwmiLFrXpRFSoi
PiRfraQR+7z8/LvQHRLqL5JWFzn6ezE/ejPLtucmh4TSEGp9MrtpBPD7gmiV8wRY
/4uAR3L7Plj/IV9HEwndJ/hj+MGphd/ooE72W+c4Z+PDiDRN8t5iao6Saeocrnk2
7x2lXCeWf8az44tDciu0xBBZQFINjW+MKmtQVo5ApKRyZyEFTPjRJ5PMjgFUnymT
tL+vIULSV/BdMoaPBfJOU5e6NZI4Tsf4SWNRGN7htGREqWyVXS6uZjTnunSEDskQ
afEmUsR0W+QYeqPun3iIy5WILpCvbi6ykIoKkeZhGVrdvCot+fI/0WXp0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKZTNg7EukiR5nlDWA6mOOQ8gaAMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgSLXZolq
9YgM7xA0hyNllGJTWnquPStNxcqvJvwjDvmqCFtfXKXSS6Pb6FgDwQ6sITF4mlU8
prMQWAXF/kBJGyw0evsIx9c2SAUsOEO2Q5w/PXJueJYDcvKMchPMIbU7/nn1kl30
mHfb/bMJMokjuGhRyVaT+EFBAs7jdQ+kGN2czL/32cDBP/ytdFYN9qXVrAKtkqHc
3pLHe7osSzNdjlrO8s4UKAxWViKUm2SsThQc7XvJcUdyY4rjEIYE8TMCNysbErdh
zeTFOWVBvjQmCv2dIEeIXp/cGKIdeWhtsZ88zkP2X43VA/+e2PtlqycvCEpaHM9t
io1eVPmRNbdNuQ==
-----END CERTIFICATE-----