Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          ApRX9s5iDHAJuBFIZSAeSRDmvBS0tbmUZwruzUYwM0A=
Subject key identifier:   B4:3F:87:A5:5A:CB:FA:66:E5:75:E7:39:E1:64:D0:EF:2E:40:9E:13
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       01989C71BD3944E71E657DC568535A765A1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          1612
Signing time:             Tue 12 Aug 2025 04:02:36 +0000
Manifest this update:     Tue 12 Aug 2025 04:02:36 +0000
Manifest next update:     Wed 13 Aug 2025 04:02:36 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: xG3y1sif+DMkNaOxQZQa+g4KVfvGZOWAa0ChQ3DNI9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 04:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9c:71:bd:39:44:e7:1e:65:7d:c5:68:53:5a:76:5a:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Aug 12 04:02:36 2025 GMT
            Not After : Aug 13 04:02:36 2025 GMT
        Subject: CN=b43f87a55acbfa66e575e739e164d0ef2e409e13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b8:37:2b:20:fe:85:8d:ef:f3:3d:ad:51:00:
                    75:07:3d:da:ff:9c:18:c5:40:1d:28:ee:26:4f:c9:
                    4a:0a:b5:86:62:c7:fe:38:4d:3a:2c:8e:12:56:04:
                    dc:c6:e5:2d:32:ca:52:1c:9d:0c:47:cd:ab:60:29:
                    dd:de:af:1a:50:31:fb:3a:73:4f:8b:44:a3:0a:db:
                    59:ee:70:ea:e5:23:ae:b9:03:75:cd:3d:76:01:3b:
                    87:b1:8b:33:dc:01:c9:cb:38:f7:4e:d6:68:d9:94:
                    28:64:b5:32:5e:26:df:2a:27:11:e5:22:27:71:07:
                    48:5e:df:a6:25:17:b3:40:2d:45:44:56:2d:19:68:
                    69:d3:54:46:57:0c:d5:13:64:00:35:ee:53:34:db:
                    24:f8:7a:5e:d6:26:7c:48:ff:ab:aa:e1:be:6e:09:
                    43:db:cb:95:62:36:4c:7a:02:e4:29:75:a2:f8:23:
                    eb:b4:db:86:cc:4c:c1:a6:af:23:ad:e1:2d:93:65:
                    42:69:0f:f8:c6:c3:0a:48:1a:db:e4:be:d9:d2:2a:
                    9a:55:e9:cd:27:7a:95:10:f7:06:d0:b9:2c:9a:9c:
                    ae:94:4e:81:bb:73:56:13:f8:e9:d4:31:6a:70:8b:
                    13:70:d7:f6:c5:cc:a7:35:9f:02:77:6e:1b:cd:fc:
                    a5:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:3F:87:A5:5A:CB:FA:66:E5:75:E7:39:E1:64:D0:EF:2E:40:9E:13
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:e7:73:9e:f3:e5:64:65:3e:cf:59:27:a9:ed:13:ef:15:64:
         a9:b1:df:e8:6a:c1:42:71:a7:4e:9b:44:79:61:33:a0:79:21:
         aa:c6:ad:24:52:68:66:57:f1:db:a1:b8:51:2b:c1:5a:40:8a:
         6d:26:28:97:b4:3d:f3:6b:bf:63:f8:3b:34:41:10:08:a4:7d:
         e1:ab:2d:f0:73:d2:c9:a8:9f:21:24:be:0b:85:1f:2c:75:8a:
         9b:64:0d:1c:fd:aa:36:cc:3c:d5:c9:18:ee:a1:fc:96:43:ae:
         ac:dc:3e:5d:a2:42:8d:66:1c:da:d8:1c:39:a2:4f:35:7f:42:
         5c:70:a8:fc:f4:38:5c:b6:a2:a1:a9:cf:2e:5e:4e:8f:d7:dc:
         f2:2d:8c:84:42:0c:4b:f6:ab:8a:74:a1:0c:90:15:29:67:66:
         48:df:b6:b9:13:bc:5b:cf:77:5e:ac:96:a1:4a:f3:12:ba:c9:
         09:0c:3b:91:20:80:9a:f4:26:61:aa:cc:e2:88:59:47:a2:77:
         79:ad:8e:03:28:3f:d4:71:1d:00:40:0f:bd:f4:5c:0c:39:7e:
         b5:b5:52:0a:c5:f4:2f:f5:c9:24:a4:bd:92:95:ac:ca:2e:25:
         02:fa:b4:02:ad:da:d7:fc:0c:75:58:78:17:86:bb:e1:9f:c4:
         ac:c5:97:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiccb05ROceZX3FaFNadlobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjUwODEyMDQwMjM2WhcNMjUwODEzMDQwMjM2WjAzMTEwLwYDVQQD
EyhiNDNmODdhNTVhY2JmYTY2ZTU3NWU3MzllMTY0ZDBlZjJlNDA5ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbg3KyD+hY3v8z2tUQB1Bz3a/5wY
xUAdKO4mT8lKCrWGYsf+OE06LI4SVgTcxuUtMspSHJ0MR82rYCnd3q8aUDH7OnNP
i0SjCttZ7nDq5SOuuQN1zT12ATuHsYsz3AHJyzj3TtZo2ZQoZLUyXibfKicR5SIn
cQdIXt+mJRezQC1FRFYtGWhp01RGVwzVE2QANe5TNNsk+Hpe1iZ8SP+rquG+bglD
28uVYjZMegLkKXWi+CPrtNuGzEzBpq8jreEtk2VCaQ/4xsMKSBrb5L7Z0iqaVenN
J3qVEPcG0LksmpyulE6Bu3NWE/jp1DFqcIsTcNf2xcynNZ8Cd24bzfylUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQ/h6Vay/pm5XXnOeFk0O8uQJ4TMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiOdznvPl
ZGU+z1knqe0T7xVkqbHf6GrBQnGnTptEeWEzoHkhqsatJFJoZlfx26G4USvBWkCK
bSYol7Q982u/Y/g7NEEQCKR94ast8HPSyaifISS+C4UfLHWKm2QNHP2qNsw81ckY
7qH8lkOurNw+XaJCjWYc2tgcOaJPNX9CXHCo/PQ4XLaioanPLl5Oj9fc8i2MhEIM
S/arinShDJAVKWdmSN+2uRO8W893XqyWoUrzErrJCQw7kSCAmvQmYarM4ohZR6J3
ea2OAyg/1HEdAEAPvfRcDDl+tbVSCsX0L/XJJKS9kpWsyi4lAvq0Aq3a1/wMdVh4
F4a74Z/ErMWXcw==
-----END CERTIFICATE-----