Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          DSDR+OqL7sC4LVr3nIQ4Ct3cdROQMiA8BSch7h84hSE=
Subject key identifier:   C6:30:C4:B4:F9:15:D7:E4:F5:71:E2:47:91:E0:34:11:9B:52:C3:A6
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019CAD5A110C2C1B0AC5A0D5A63AEBE243BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          182D
Signing time:             Mon 02 Mar 2026 07:01:26 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:26 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:26 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: SKgVk/HSyx7/mnt34fVOoe2oIx06io655A2noN+pGS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:11:0c:2c:1b:0a:c5:a0:d5:a6:3a:eb:e2:43:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Mar  2 07:01:26 2026 GMT
            Not After : Mar  3 07:01:26 2026 GMT
        Subject: CN=c630c4b4f915d7e4f571e24791e034119b52c3a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:98:97:92:11:06:61:db:60:57:c3:44:7b:dd:
                    56:92:81:ea:22:07:cf:0b:cf:6e:2d:f2:ef:33:ab:
                    b0:ae:b0:ef:b0:61:bb:80:1f:a6:88:fb:4b:ea:30:
                    d3:b2:75:80:50:f2:37:6c:9c:2d:5a:09:8f:76:c2:
                    f8:b4:4f:61:7d:c8:b8:5d:ee:ca:1a:c2:ad:5d:c8:
                    b4:e0:ee:4b:47:5b:69:ff:ec:3c:7f:b5:4c:cc:74:
                    00:4e:43:ce:09:35:a6:cf:c3:66:56:93:83:4a:23:
                    7f:4c:57:01:45:02:c7:4d:91:99:6b:55:d4:53:28:
                    c3:83:ca:63:de:e6:d6:23:a6:44:ed:74:6a:c5:8e:
                    93:54:f7:a9:7d:28:76:7c:0d:c3:d1:86:0c:3e:af:
                    e6:30:42:a7:a9:13:4f:f5:4b:79:7d:59:5c:ae:04:
                    03:25:b6:8b:b5:78:db:13:a6:17:65:ed:17:1a:4c:
                    19:f8:eb:c5:30:e7:0c:e2:a9:8a:e1:06:69:a3:df:
                    f9:fa:b6:e0:bb:60:86:e2:bb:f6:ca:27:2f:aa:7b:
                    fb:5f:a2:7a:ba:62:45:a3:eb:29:93:46:61:ba:28:
                    80:fb:6d:b8:e3:f8:b5:63:f1:a2:34:c6:68:91:5a:
                    67:03:81:f8:26:52:f9:ed:c4:e1:70:d3:6f:c4:27:
                    04:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:30:C4:B4:F9:15:D7:E4:F5:71:E2:47:91:E0:34:11:9B:52:C3:A6
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:5d:44:10:e3:99:f8:b6:ab:c0:a2:9b:e4:d2:1d:4d:a7:92:
         01:8d:34:7d:77:6c:f7:7d:94:83:8c:d1:8e:5b:60:7a:92:d4:
         44:64:13:d9:bc:a9:f5:f6:a7:82:24:62:3a:ae:a0:0c:fc:c8:
         f1:a3:b7:12:fe:20:4c:a6:74:e0:2e:09:fd:b4:f4:cc:63:e4:
         46:7d:f8:c0:80:73:62:de:22:96:9a:69:d2:26:1f:4a:bc:36:
         55:de:19:bd:48:6a:41:2c:20:51:5e:66:67:dc:2b:82:1c:f1:
         00:64:50:99:90:b5:eb:be:ff:40:5c:5a:61:37:57:d4:a0:69:
         3a:5f:56:7a:58:62:29:26:c8:70:ed:38:19:64:8d:37:b3:85:
         73:22:80:22:dd:d6:6b:bf:80:25:b5:e9:34:30:4f:8b:d6:43:
         dc:89:00:96:7f:40:94:ac:ab:0a:33:85:80:04:60:62:c3:55:
         70:6e:0d:93:8c:70:5b:9b:3b:27:ae:72:cf:bb:0b:cd:45:cd:
         48:49:c1:82:41:aa:f4:38:32:a5:7a:62:7d:91:d2:9a:47:be:
         da:5b:4f:bf:51:02:59:f1:40:fc:98:fa:b6:03:ed:8f:75:2f:
         5f:fd:80:6d:f7:e4:dd:61:44:8d:49:ca:ae:39:e2:38:a6:f8:
         ff:a9:31:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWhEMLBsKxaDVpjrr4kO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjYwMzAyMDcwMTI2WhcNMjYwMzAzMDcwMTI2WjAzMTEwLwYDVQQD
EyhjNjMwYzRiNGY5MTVkN2U0ZjU3MWUyNDc5MWUwMzQxMTliNTJjM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupiXkhEGYdtgV8NEe91WkoHqIgfP
C89uLfLvM6uwrrDvsGG7gB+miPtL6jDTsnWAUPI3bJwtWgmPdsL4tE9hfci4Xe7K
GsKtXci04O5LR1tp/+w8f7VMzHQATkPOCTWmz8NmVpODSiN/TFcBRQLHTZGZa1XU
UyjDg8pj3ubWI6ZE7XRqxY6TVPepfSh2fA3D0YYMPq/mMEKnqRNP9Ut5fVlcrgQD
JbaLtXjbE6YXZe0XGkwZ+OvFMOcM4qmK4QZpo9/5+rbgu2CG4rv2yicvqnv7X6J6
umJFo+spk0ZhuiiA+2244/i1Y/GiNMZokVpnA4H4JlL57cThcNNvxCcEfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYwxLT5Fdfk9XHiR5HgNBGbUsOmMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoV1EEOOZ
+LarwKKb5NIdTaeSAY00fXds932Ug4zRjltgepLURGQT2byp9fangiRiOq6gDPzI
8aO3Ev4gTKZ04C4J/bT0zGPkRn34wIBzYt4ilppp0iYfSrw2Vd4ZvUhqQSwgUV5m
Z9wrghzxAGRQmZC1677/QFxaYTdX1KBpOl9WelhiKSbIcO04GWSNN7OFcyKAIt3W
a7+AJbXpNDBPi9ZD3IkAln9AlKyrCjOFgARgYsNVcG4Nk4xwW5s7J65yz7sLzUXN
SEnBgkGq9DgypXpifZHSmke+2ltPv1ECWfFA/Jj6tgPtj3UvX/2Abffk3WFEjUnK
rjniOKb4/6kxnw==
-----END CERTIFICATE-----