Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
File:                     BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft (raw, json)
Hash identifier:          KeuxQdSKz8/MbvPm6134C9KiTA2LvGpuNpNCPRHysjY=
Subject key identifier:   99:48:99:BD:81:F8:21:37:49:A3:E9:DB:1D:92:FE:D1:DB:72:A8:B9
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Certificate issuer:       /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial:       0199FF5984AB2FE00C5528588CB65C8203A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
Manifest number:          B8
Signing time:             Mon 20 Oct 2025 02:01:20 +0000
Manifest this update:     Mon 20 Oct 2025 02:01:20 +0000
Manifest next update:     Tue 21 Oct 2025 02:01:20 +0000
Files and hashes:         1: BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl (hash: zyz5XBCSQjxNbJDBBLGcZ6M9qZ9cYUm7IR+JjP08Wuo=)
                          2: SKma3lJH_nMIY0Jk_dGXIETBqnk.roa (hash: UvrsRqXxi0T7Fu2Z9LEfglN30LChbDf1sZ63pwOaTP8=)
                          3: YDrJUaM078njYLujsFOLBuJi-Ak.roa (hash: ynnnM4zonEkcKprGHH1eGlvVH9BFKbrOufYcESLz12A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:59:84:ab:2f:e0:0c:55:28:58:8c:b6:5c:82:03:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
        Validity
            Not Before: Oct 20 02:01:20 2025 GMT
            Not After : Oct 21 02:01:20 2025 GMT
        Subject: CN=994899bd81f8213749a3e9db1d92fed1db72a8b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:4f:a4:d2:35:47:cc:a2:62:cb:00:1a:a3:35:
                    7c:e8:fb:f5:2e:98:62:4b:ff:95:ca:67:3f:5d:09:
                    c3:15:6d:24:a2:86:99:c2:30:e2:b4:92:c7:f7:20:
                    fc:6c:3d:99:c5:52:1f:6e:65:5c:be:f6:f2:43:4c:
                    dd:b0:de:29:84:a8:0e:7f:60:e0:91:f8:71:52:1d:
                    90:59:7a:a8:6e:80:87:3a:a5:19:cf:41:81:9f:f7:
                    6e:49:6a:37:fd:4a:51:4b:9f:82:2a:cb:c7:63:73:
                    ba:bb:6c:29:3d:e6:27:0b:71:5d:e8:a5:fd:e4:62:
                    9b:6a:54:94:80:7c:7d:de:29:21:60:e4:f9:0c:4c:
                    7c:3f:85:35:a8:91:5d:74:97:97:34:71:00:b7:65:
                    7d:55:b9:41:0e:db:97:f2:15:57:d0:b0:35:3f:de:
                    46:54:ca:98:28:30:4c:1a:da:b4:71:20:2b:a3:a5:
                    59:7d:98:cc:73:39:d6:15:9b:a8:57:57:5f:c8:91:
                    26:a5:6b:c8:8a:a9:81:02:84:2f:aa:8c:15:14:0b:
                    02:8f:00:ab:21:75:bd:0f:ab:ae:e5:9f:07:e3:c8:
                    97:2e:b6:f4:6b:26:01:1b:47:c7:30:b3:57:04:c5:
                    16:7b:49:e6:d0:9c:29:56:c0:1d:5f:bb:99:e2:f8:
                    94:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:48:99:BD:81:F8:21:37:49:A3:E9:DB:1D:92:FE:D1:DB:72:A8:B9
            X509v3 Authority Key Identifier:
                keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:c1:42:e5:b8:f6:d1:ac:7d:59:48:41:e3:80:85:4a:5e:a7:
         b2:09:fa:61:96:52:16:e3:0f:a9:13:d9:49:6b:93:d5:70:8b:
         30:b4:20:6a:7c:d3:4c:b9:46:f4:04:f9:e9:92:25:ec:f5:50:
         83:bb:db:9d:02:99:ba:5a:f1:b5:33:72:0f:f0:66:35:e8:39:
         cd:76:87:57:58:18:24:04:4b:79:e1:dd:8a:c3:f7:72:b3:cb:
         9e:37:10:19:84:6c:0c:26:9a:18:fa:9a:4b:e3:ca:bc:e6:b7:
         d8:fc:e4:f1:1a:9f:db:78:f0:34:04:dd:3b:76:86:ed:07:db:
         8a:52:e1:36:fe:e8:78:e2:ee:85:76:cb:c9:41:b5:d5:2a:06:
         7f:93:72:76:ad:45:6d:b1:d1:8c:48:3e:9d:e4:76:a6:0b:e7:
         ea:c8:6e:6e:63:52:89:3f:3f:a0:58:10:53:72:69:a3:a1:bd:
         fd:bd:c0:70:09:c7:4d:ee:af:b1:57:ff:6a:0b:b7:ff:54:48:
         13:5b:dc:bc:b7:ce:04:82:95:3d:0e:22:fe:80:9f:b4:63:6c:
         ee:1a:0f:30:88:ec:17:d9:e0:d1:30:cc:71:37:39:35:12:d9:
         3b:01:f9:ae:2c:5c:71:70:fa:b3:f6:f7:24:6c:2a:08:35:86:
         bf:d3:f7:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WYSrL+AMVShYjLZcggOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUxMDIwMDIwMTIwWhcNMjUxMDIxMDIwMTIwWjAzMTEwLwYDVQQD
Eyg5OTQ4OTliZDgxZjgyMTM3NDlhM2U5ZGIxZDkyZmVkMWRiNzJhOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6k+k0jVHzKJiywAaozV86Pv1Lphi
S/+Vymc/XQnDFW0kooaZwjDitJLH9yD8bD2ZxVIfbmVcvvbyQ0zdsN4phKgOf2Dg
kfhxUh2QWXqoboCHOqUZz0GBn/duSWo3/UpRS5+CKsvHY3O6u2wpPeYnC3Fd6KX9
5GKbalSUgHx93ikhYOT5DEx8P4U1qJFddJeXNHEAt2V9VblBDtuX8hVX0LA1P95G
VMqYKDBMGtq0cSAro6VZfZjMcznWFZuoV1dfyJEmpWvIiqmBAoQvqowVFAsCjwCr
IXW9D6uu5Z8H48iXLrb0ayYBG0fHMLNXBMUWe0nm0JwpVsAdX7uZ4viUtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlImb2B+CE3SaPp2x2S/tHbcqi5MB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxMFC5bj2
0ax9WUhB44CFSl6nsgn6YZZSFuMPqRPZSWuT1XCLMLQganzTTLlG9AT56ZIl7PVQ
g7vbnQKZulrxtTNyD/BmNeg5zXaHV1gYJARLeeHdisP3crPLnjcQGYRsDCaaGPqa
S+PKvOa32Pzk8Rqf23jwNATdO3aG7QfbilLhNv7oeOLuhXbLyUG11SoGf5Nydq1F
bbHRjEg+neR2pgvn6shubmNSiT8/oFgQU3Jpo6G9/b3AcAnHTe6vsVf/agu3/1RI
E1vcvLfOBIKVPQ4i/oCftGNs7hoPMIjsF9ng0TDMcTc5NRLZOwH5rixccXD6s/b3
JGwqCDWGv9P3jg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:27:30 2025 by rpki-client