Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File:                     BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier:          MYK3BaCtAlpY88+SCgnHF/pauxmEHyfYlUn/QXe8IBs=
Subject key identifier:   BA:FC:32:93:AF:C1:39:C0:B3:70:23:D0:84:D4:12:68:53:02:B1:E2
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer:       /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial:       019A0147EBF1BD9E984450C4AF1DDB548448
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number:          B9
Signing time:             Mon 20 Oct 2025 11:01:21 +0000
Manifest this update:     Mon 20 Oct 2025 11:01:21 +0000
Manifest next update:     Tue 21 Oct 2025 11:01:21 +0000
Files and hashes:         1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: o8k3GiBT8bWbwukpvRypEjCpvshK8FOUMhxNaTWwCY0=)
                          2: SKma3lJH_nMIY0Jk_dGXIETBqnk.roa (hash: UvrsRqXxi0T7Fu2Z9LEfglN30LChbDf1sZ63pwOaTP8=)
                          3: YDrJUaM078njYLujsFOLBuJi-Ak.roa (hash: ynnnM4zonEkcKprGHH1eGlvVH9BFKbrOufYcESLz12A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:47:eb:f1:bd:9e:98:44:50:c4:af:1d:db:54:84:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
        Validity
            Not Before: Oct 20 11:01:21 2025 GMT
            Not After : Oct 21 11:01:21 2025 GMT
        Subject: CN=bafc3293afc139c0b37023d084d412685302b1e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0a:12:cb:4a:85:69:90:9f:9e:ee:39:d7:65:
                    0f:01:47:0a:b0:db:96:57:8a:3a:d4:4f:03:c7:18:
                    db:6f:11:ef:fe:e9:f6:14:1c:fb:07:21:8d:d6:c2:
                    e4:b6:10:ce:a7:9e:93:a0:5c:37:15:47:4a:5d:f1:
                    9e:a9:ae:a5:9f:37:02:6a:c3:ae:2d:3f:c4:72:cc:
                    97:f3:03:58:5e:bc:2f:a0:7c:8e:a1:f4:58:3f:f7:
                    9b:cc:3f:13:26:6e:be:8a:e2:23:ff:01:8f:3b:68:
                    28:bc:e8:a3:37:73:df:ff:f1:6a:a6:09:b3:63:15:
                    f4:cb:2f:33:7d:aa:c8:9e:b8:9e:15:7c:bc:3f:55:
                    fc:9e:3c:97:2f:2d:f4:88:a0:08:f3:57:f0:d3:7b:
                    c4:ee:f1:87:e8:39:e5:f2:e9:72:e4:a2:0e:04:90:
                    b4:98:07:3b:57:7a:9b:dd:24:13:fd:e7:c8:eb:02:
                    a3:b1:49:b1:e3:06:0d:53:f4:ef:dd:87:fd:e5:7a:
                    9e:b1:0c:7d:9e:f4:10:0b:b1:4b:3e:96:3d:57:14:
                    90:ab:61:02:04:82:a1:1c:01:8e:12:73:b2:d2:7f:
                    b7:f8:7e:0f:ab:ab:1a:b2:1d:1d:5f:86:ea:ae:bb:
                    76:76:9d:f4:02:f2:1c:c0:22:2f:28:78:08:dd:48:
                    ce:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FC:32:93:AF:C1:39:C0:B3:70:23:D0:84:D4:12:68:53:02:B1:E2
            X509v3 Authority Key Identifier:
                keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:3c:d2:39:8e:12:a8:d5:6a:e1:2e:b0:72:2a:cd:85:5d:bd:
         82:53:e7:e9:bb:72:6b:31:62:c1:7a:4a:50:27:af:d8:a0:00:
         1e:05:9e:c7:e1:30:49:29:1a:ec:d2:7a:f6:18:56:b9:84:f0:
         f7:95:b0:15:d5:cd:0d:81:d5:1f:e5:ed:94:80:e4:3f:37:b0:
         e8:2c:c2:48:9b:0b:7b:fb:68:a3:d5:e7:20:47:4d:72:eb:f0:
         2f:3c:ca:74:6f:f4:57:df:c9:79:1d:69:d5:64:2a:db:6b:55:
         6c:56:3e:d7:53:2f:2b:73:51:fd:aa:bf:13:6d:7d:1d:bd:99:
         89:f6:10:4c:ed:e5:e5:08:7b:d9:2c:b1:af:a5:a3:63:99:9b:
         d6:1f:09:fe:93:17:96:19:ee:c7:80:44:68:df:ae:32:1d:41:
         58:3c:fe:af:3d:31:09:f8:12:07:29:64:f2:51:1f:9e:3b:bb:
         16:9f:d0:54:a0:ed:bf:ea:82:d1:d6:3a:ee:5c:87:2f:e8:da:
         36:54:4b:b2:7b:d5:27:3f:0d:17:c1:48:c5:fd:3b:be:09:9f:
         ab:ac:0a:6c:9d:af:41:b0:78:2a:38:b8:30:f1:03:12:60:de:
         43:bd:60:95:7c:c3:44:50:ca:9e:00:47:1a:e1:16:b1:19:7a:
         38:aa:97:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR+vxvZ6YRFDErx3bVIRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUxMDIwMTEwMTIxWhcNMjUxMDIxMTEwMTIxWjAzMTEwLwYDVQQD
EyhiYWZjMzI5M2FmYzEzOWMwYjM3MDIzZDA4NGQ0MTI2ODUzMDJiMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAoSy0qFaZCfnu4512UPAUcKsNuW
V4o61E8DxxjbbxHv/un2FBz7ByGN1sLkthDOp56ToFw3FUdKXfGeqa6lnzcCasOu
LT/EcsyX8wNYXrwvoHyOofRYP/ebzD8TJm6+iuIj/wGPO2govOijN3Pf//Fqpgmz
YxX0yy8zfarInrieFXy8P1X8njyXLy30iKAI81fw03vE7vGH6Dnl8uly5KIOBJC0
mAc7V3qb3SQT/efI6wKjsUmx4wYNU/Tv3Yf95XqesQx9nvQQC7FLPpY9VxSQq2EC
BIKhHAGOEnOy0n+3+H4Pq6sash0dX4bqrrt2dp30AvIcwCIvKHgI3UjOBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLr8MpOvwTnAs3Aj0ITUEmhTArHiMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMDzSOY4S
qNVq4S6wcirNhV29glPn6btyazFiwXpKUCev2KAAHgWex+EwSSka7NJ69hhWuYTw
95WwFdXNDYHVH+XtlIDkPzew6CzCSJsLe/too9XnIEdNcuvwLzzKdG/0V9/JeR1p
1WQq22tVbFY+11MvK3NR/aq/E219Hb2ZifYQTO3l5Qh72Syxr6WjY5mb1h8J/pMX
lhnux4BEaN+uMh1BWDz+rz0xCfgSBylk8lEfnju7Fp/QVKDtv+qC0dY67lyHL+ja
NlRLsnvVJz8NF8FIxf07vgmfq6wKbJ2vQbB4Kji4MPEDEmDeQ71glXzDRFDKngBH
GuEWsRl6OKqXtw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:19:04 2025 by rpki-client