Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          fJ5TXR+WNkVg8ggrQgEprulXM3pfWhF0wFH2lFLpJYY=
Subject key identifier:   C7:6D:BC:0E:1C:39:08:7B:AB:6B:34:18:BD:23:9A:48:11:E4:AD:6A
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       019D27042DD5372BF735FA22821201B4E59B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          05B0
Signing time:             Wed 25 Mar 2026 22:01:18 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:18 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:18 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: Qm6ASGNAYmxTXIYuIo5eywYSaR4ZoHxldEN1hNEg8t4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:2d:d5:37:2b:f7:35:fa:22:82:12:01:b4:e5:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: Mar 25 22:01:18 2026 GMT
            Not After : Mar 26 22:01:18 2026 GMT
        Subject: CN=c76dbc0e1c39087bab6b3418bd239a4811e4ad6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:6b:b0:87:3f:ce:70:93:86:35:0d:a5:d7:69:
                    30:1b:8d:20:14:04:c8:f9:71:f6:b3:1b:ae:37:2b:
                    45:94:12:c1:cb:04:5f:88:3f:2e:40:3b:72:6d:03:
                    91:06:3d:ca:48:0d:bf:28:91:48:49:3d:15:10:88:
                    8b:2a:fc:0a:e2:3e:41:2a:bf:73:61:d6:02:47:e7:
                    75:81:8a:1b:ea:7a:73:db:a6:31:81:31:cd:92:d0:
                    65:4e:55:5e:c2:2d:03:f6:b3:4a:ca:e3:bb:52:f1:
                    89:a0:b6:80:93:c2:91:3b:2e:99:8a:9d:c3:8e:a9:
                    5b:fa:90:4e:ca:2d:51:e1:48:a6:5d:ed:1c:75:b7:
                    fa:00:27:a9:ec:67:e5:de:ab:11:4b:f3:f2:ed:fb:
                    09:2b:96:97:3e:29:10:bc:93:d2:6f:59:06:5f:b8:
                    53:40:7b:e9:f7:c9:64:1c:a1:7d:fd:f7:c0:5a:29:
                    3a:65:ec:85:be:98:c0:e4:b2:37:e6:2d:1a:5f:b1:
                    6e:e8:ec:60:06:b7:3c:1f:71:0b:32:9e:15:ac:e6:
                    73:e3:7a:bf:87:bf:49:ef:89:81:9a:29:c4:1b:87:
                    ac:c2:a9:0f:c5:14:67:3f:5a:d8:ae:36:eb:e0:5a:
                    51:ff:28:b9:d5:53:17:b2:31:d1:57:46:a9:df:48:
                    cc:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:6D:BC:0E:1C:39:08:7B:AB:6B:34:18:BD:23:9A:48:11:E4:AD:6A
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:a3:27:54:b5:56:58:82:97:c3:ce:08:fb:ae:4f:ff:8c:db:
         4a:0b:19:d9:c2:76:c2:b9:f6:59:ed:23:81:92:8a:38:a9:ce:
         98:3c:e2:f7:9d:d9:0c:3d:a0:ed:d3:86:cc:aa:5d:0a:30:e7:
         d1:36:69:34:1b:12:54:53:97:fd:29:fb:87:d4:c2:0d:63:be:
         ce:52:ec:3e:b4:a2:4e:6b:f1:eb:1b:c1:d7:6c:a4:1a:0e:04:
         3b:67:cb:70:c4:2b:95:99:15:75:77:9e:34:85:14:f3:aa:f0:
         29:48:4c:3a:f9:6d:e8:6f:26:e7:4f:d3:34:62:4a:c2:20:43:
         61:10:f3:5c:05:03:d7:74:1b:33:31:f5:74:f3:ba:d8:10:cb:
         0a:05:b1:0f:90:25:d1:bf:88:db:c4:21:27:33:d7:aa:15:1a:
         d9:ab:17:08:57:72:37:3d:f5:82:ea:5c:c6:9c:6f:82:a0:6c:
         e0:ff:96:65:64:08:51:56:6f:24:1c:3d:47:1c:6b:66:95:88:
         4b:fb:f9:89:b8:76:d2:fd:cb:62:4a:5e:48:f3:a8:91:14:86:
         d2:47:50:15:36:28:9e:fe:88:dd:b0:86:d9:a3:d4:e0:5b:f5:
         6e:a1:ab:ce:6f:b6:14:fc:2b:6e:0d:10:50:7f:43:3b:bb:84:
         24:95:c6:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBC3VNyv3NfoighIBtOWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjYwMzI1MjIwMTE4WhcNMjYwMzI2MjIwMTE4WjAzMTEwLwYDVQQD
EyhjNzZkYmMwZTFjMzkwODdiYWI2YjM0MThiZDIzOWE0ODExZTRhZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Wuwhz/OcJOGNQ2l12kwG40gFATI
+XH2sxuuNytFlBLBywRfiD8uQDtybQORBj3KSA2/KJFIST0VEIiLKvwK4j5BKr9z
YdYCR+d1gYob6npz26YxgTHNktBlTlVewi0D9rNKyuO7UvGJoLaAk8KROy6Zip3D
jqlb+pBOyi1R4UimXe0cdbf6ACep7Gfl3qsRS/Py7fsJK5aXPikQvJPSb1kGX7hT
QHvp98lkHKF9/ffAWik6ZeyFvpjA5LI35i0aX7Fu6OxgBrc8H3ELMp4VrOZz43q/
h79J74mBminEG4eswqkPxRRnP1rYrjbr4FpR/yi51VMXsjHRV0ap30jMGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMdtvA4cOQh7q2s0GL0jmkgR5K1qMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr6MnVLVW
WIKXw84I+65P/4zbSgsZ2cJ2wrn2We0jgZKKOKnOmDzi953ZDD2g7dOGzKpdCjDn
0TZpNBsSVFOX/Sn7h9TCDWO+zlLsPrSiTmvx6xvB12ykGg4EO2fLcMQrlZkVdXee
NIUU86rwKUhMOvlt6G8m50/TNGJKwiBDYRDzXAUD13QbMzH1dPO62BDLCgWxD5Al
0b+I28QhJzPXqhUa2asXCFdyNz31gupcxpxvgqBs4P+WZWQIUVZvJBw9RxxrZpWI
S/v5ibh20v3LYkpeSPOokRSG0kdQFTYonv6I3bCG2aPU4Fv1bqGrzm+2FPwrbg0Q
UH9DO7uEJJXGog==
-----END CERTIFICATE-----