Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
File:                     BkwamGxZM6O5EIToo_8IBm05jhk.mft (raw, json)
Hash identifier:          ake7fiLKbbO4otUsJwAw6JzBPBTCew6cF3dLtJeLcGg=
Subject key identifier:   36:82:2D:4A:1C:86:DB:22:84:4E:F8:59:F7:F8:42:E8:81:DF:8D:43
Authority key identifier: 06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
Certificate issuer:       /CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Certificate serial:       019CAB6ACC4C4FEFC94FA8C5A7E42A4B2E94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
Manifest number:          0C56
Signing time:             Sun 01 Mar 2026 22:00:28 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:28 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:28 +0000
Files and hashes:         1: BkwamGxZM6O5EIToo_8IBm05jhk.crl (hash: /7wqfmpYtz5EOIi86Phc1Me6LFHDJ8DUebuGbieMyls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:cc:4c:4f:ef:c9:4f:a8:c5:a7:e4:2a:4b:2e:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064c1a986c5933a3b91084e8a3ff08066d398e19
        Validity
            Not Before: Mar  1 22:00:28 2026 GMT
            Not After : Mar  2 22:00:28 2026 GMT
        Subject: CN=36822d4a1c86db22844ef859f7f842e881df8d43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d9:50:89:20:dc:97:5e:81:d9:85:62:c9:4b:
                    ee:b3:14:e0:87:65:4f:1a:63:f2:70:87:95:9d:a1:
                    44:89:4f:74:c6:d4:2e:41:6e:cb:6c:c5:32:9c:bc:
                    19:e4:bd:56:f8:7a:2b:c0:d1:2c:23:2d:d9:cb:eb:
                    ae:47:fe:15:cc:21:e9:72:c7:45:a9:f4:27:95:30:
                    e8:1c:f3:6d:55:8d:bb:36:95:ab:b6:5e:0a:72:b3:
                    b4:37:85:30:14:6c:f3:60:c7:28:6e:65:55:e6:54:
                    a5:ee:78:d5:c8:56:9a:e9:76:17:b3:dc:76:8d:a3:
                    23:03:2e:97:70:f2:6c:82:9d:e0:ae:8f:f4:37:af:
                    1d:2a:51:1d:cf:a2:86:ae:5a:69:b1:d4:68:23:ca:
                    42:41:36:25:77:2c:79:e5:9c:c3:21:76:86:4b:1f:
                    ab:ec:2a:4f:07:c2:a3:70:0b:cf:33:42:39:5b:f9:
                    56:78:bb:e4:9a:48:bb:1b:6b:49:42:0b:7f:76:23:
                    3d:1f:c3:0b:21:a9:0b:ad:dc:15:8d:b4:59:a1:bf:
                    59:a9:f5:e6:3e:17:0c:64:c0:e2:25:fd:53:7c:0d:
                    a8:bd:d1:78:6b:0d:d3:cf:51:3d:5e:df:29:57:f8:
                    76:7b:a0:24:ec:76:0a:f2:64:36:f9:00:f7:7e:8d:
                    84:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:82:2D:4A:1C:86:DB:22:84:4E:F8:59:F7:F8:42:E8:81:DF:8D:43
            X509v3 Authority Key Identifier:
                keyid:06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:ad:db:f1:62:a5:f0:db:78:52:44:be:01:f5:eb:86:97:44:
         74:e1:59:20:fd:a4:95:f6:14:3c:2d:38:63:ee:ee:68:a3:16:
         0c:12:26:27:3f:16:8b:63:f5:14:30:14:aa:9a:a6:1c:d4:f7:
         03:34:a6:d6:7f:08:8a:28:dc:e0:30:08:fe:a5:02:51:a3:41:
         de:8b:fa:ee:47:e6:7e:e7:b1:c2:04:cc:87:e5:36:00:b2:90:
         a9:26:76:2d:b2:b0:b7:b9:35:bb:4a:ac:68:b9:80:1d:6a:5f:
         f7:81:20:54:cc:cf:1d:43:53:ee:07:80:b9:e6:3e:d9:f7:b3:
         dc:6a:d5:86:7e:a0:59:a8:d2:06:ac:88:93:df:0a:81:2e:d6:
         de:15:68:06:ed:88:f8:88:53:dd:87:53:ec:87:c2:81:4d:2c:
         b2:98:d0:25:9f:9a:3a:d1:c9:f8:52:96:85:79:c1:a6:68:e7:
         7f:11:a3:e8:2c:18:69:46:b8:0b:6c:d7:77:b0:bc:0a:9a:95:
         06:05:6c:3c:6f:1a:c9:74:bc:d3:13:16:7d:c4:4d:b6:24:f9:
         a9:0c:1a:17:7c:63:99:8c:03:df:c2:d5:70:fc:eb:d8:d7:ea:
         44:58:9f:2b:45:cb:dc:46:10:65:bf:68:55:1a:49:ff:71:82:
         26:08:2d:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrasxMT+/JT6jFp+QqSy6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGMxYTk4NmM1OTMzYTNiOTEwODRlOGEzZmYwODA2NmQz
OThlMTkwHhcNMjYwMzAxMjIwMDI4WhcNMjYwMzAyMjIwMDI4WjAzMTEwLwYDVQQD
EygzNjgyMmQ0YTFjODZkYjIyODQ0ZWY4NTlmN2Y4NDJlODgxZGY4ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09lQiSDcl16B2YViyUvusxTgh2VP
GmPycIeVnaFEiU90xtQuQW7LbMUynLwZ5L1W+HorwNEsIy3Zy+uuR/4VzCHpcsdF
qfQnlTDoHPNtVY27NpWrtl4KcrO0N4UwFGzzYMcobmVV5lSl7njVyFaa6XYXs9x2
jaMjAy6XcPJsgp3gro/0N68dKlEdz6KGrlppsdRoI8pCQTYldyx55ZzDIXaGSx+r
7CpPB8KjcAvPM0I5W/lWeLvkmki7G2tJQgt/diM9H8MLIakLrdwVjbRZob9ZqfXm
PhcMZMDiJf1TfA2ovdF4aw3Tz1E9Xt8pV/h2e6Ak7HYK8mQ2+QD3fo2EGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDaCLUochtsihE74Wff4QuiB341DMB8GA1UdIwQY
MBaAFAZMGphsWTOjuRCE6KP/CAZtOY4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgt
N2Y2YTY1NWZkNzg4LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgtN2Y2YTY1NWZkNzg4
LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkq3b8WKl
8Nt4UkS+AfXrhpdEdOFZIP2klfYUPC04Y+7uaKMWDBImJz8Wi2P1FDAUqpqmHNT3
AzSm1n8Iiijc4DAI/qUCUaNB3ov67kfmfuexwgTMh+U2ALKQqSZ2LbKwt7k1u0qs
aLmAHWpf94EgVMzPHUNT7geAueY+2fez3GrVhn6gWajSBqyIk98KgS7W3hVoBu2I
+IhT3YdT7IfCgU0sspjQJZ+aOtHJ+FKWhXnBpmjnfxGj6CwYaUa4C2zXd7C8CpqV
BgVsPG8ayXS80xMWfcRNtiT5qQwaF3xjmYwD38LVcPzr2NfqRFifK0XL3EYQZb9o
VRpJ/3GCJggtEQ==
-----END CERTIFICATE-----