Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          RtgxPHQwteGR4/LugTSdHBL7XC7eNXKJcKadvFXwIJA=
Subject key identifier:   B6:8C:1A:3E:B1:CB:24:E6:FD:8D:55:5C:8E:FA:67:7A:EE:15:40:82
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       019E1E35966134CD091AF23AE6FBA037DE1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          0630
Signing time:             Tue 12 May 2026 22:01:28 +0000
Manifest this update:     Tue 12 May 2026 22:01:28 +0000
Manifest next update:     Wed 13 May 2026 22:01:28 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: lvdLKqTlVbiIG37MZMoV+l1B0bcxKUID7WJoiqdDWpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:96:61:34:cd:09:1a:f2:3a:e6:fb:a0:37:de:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: May 12 22:01:28 2026 GMT
            Not After : May 13 22:01:28 2026 GMT
        Subject: CN=b68c1a3eb1cb24e6fd8d555c8efa677aee154082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:38:6b:03:a8:f8:e6:f7:02:72:34:3c:f5:75:
                    88:12:6d:05:83:e4:de:13:db:fa:6a:f9:67:e5:47:
                    c3:3d:c8:ed:57:31:38:c3:8e:84:9f:1d:d8:f2:09:
                    50:dc:0c:aa:9c:8e:79:a9:ca:bf:cd:cd:0b:3c:31:
                    90:f2:82:19:86:00:7f:4f:ef:c4:24:2e:88:8f:4d:
                    c2:a8:0f:f6:a0:a8:d5:f1:b2:7b:20:c4:40:e5:c8:
                    d7:28:97:9f:5b:d3:69:5a:4c:cf:1e:eb:76:50:5e:
                    e2:19:76:7d:5e:90:3a:30:7e:5b:eb:27:72:bc:2a:
                    e3:b7:be:e3:a8:5d:63:9d:f7:f1:2c:0e:d9:20:49:
                    92:3c:54:8e:5d:02:54:a3:9c:4b:17:62:df:06:75:
                    14:c8:0d:10:1a:29:c7:ef:7d:09:d7:8c:05:b7:4a:
                    5a:79:79:03:59:d3:b8:3f:f9:0f:ec:3a:92:6f:25:
                    ca:c9:53:9c:46:8c:9c:7d:89:77:0b:60:e2:61:f9:
                    9c:46:af:16:aa:4e:d4:0a:68:ae:7d:7a:d4:18:b6:
                    69:59:68:d9:8c:98:c9:e4:c7:26:7a:d2:70:db:08:
                    0f:c7:f0:78:d9:c8:19:47:8b:a8:d3:62:05:c9:a7:
                    6e:37:ab:a6:8e:aa:5c:d9:12:84:bd:80:b6:45:3e:
                    00:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:8C:1A:3E:B1:CB:24:E6:FD:8D:55:5C:8E:FA:67:7A:EE:15:40:82
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:44:f2:1e:53:d9:68:4b:21:6c:7f:a2:46:ab:bf:bf:17:d4:
         cf:5f:f3:45:39:13:67:83:d4:16:32:9d:3f:8a:61:08:35:47:
         1d:db:b4:7d:d6:ba:4e:11:ee:24:3f:b2:aa:3d:98:07:89:61:
         d6:a6:fe:d3:78:c4:5a:15:21:a2:46:d6:b7:23:89:14:1b:ab:
         d7:ac:69:f0:90:2d:60:a0:ac:9a:1e:ba:96:6f:73:c3:b9:23:
         46:79:5a:3f:2c:0f:29:2b:28:3b:7e:1b:70:3e:c9:c4:cd:24:
         5f:94:b1:c6:94:f6:1a:6a:00:17:a9:85:aa:d5:a0:22:cf:af:
         91:79:27:8b:cd:2f:a3:5d:10:d9:7c:a0:2a:89:fb:1d:77:da:
         be:6f:1f:fa:7d:a8:f1:e5:f7:b7:ac:d9:22:1b:96:72:38:db:
         ac:f1:6f:7f:e3:3f:5d:03:ed:a2:4b:15:61:92:92:4a:b9:4c:
         42:42:b6:c6:f1:d8:74:b6:e2:57:13:16:54:41:27:dc:15:33:
         ac:bd:d7:6d:f8:18:26:64:84:f0:ae:30:f8:5d:aa:ee:a3:be:
         77:2a:fe:7a:7f:61:e3:b0:be:06:68:c7:6b:45:88:a6:ea:dc:
         6f:fa:76:a5:f2:61:ad:81:c5:d9:27:57:15:26:63:2a:8d:66:
         55:33:1f:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNZZhNM0JGvI65vugN94cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjYwNTEyMjIwMTI4WhcNMjYwNTEzMjIwMTI4WjAzMTEwLwYDVQQD
EyhiNjhjMWEzZWIxY2IyNGU2ZmQ4ZDU1NWM4ZWZhNjc3YWVlMTU0MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDhrA6j45vcCcjQ89XWIEm0Fg+Te
E9v6avln5UfDPcjtVzE4w46Enx3Y8glQ3AyqnI55qcq/zc0LPDGQ8oIZhgB/T+/E
JC6Ij03CqA/2oKjV8bJ7IMRA5cjXKJefW9NpWkzPHut2UF7iGXZ9XpA6MH5b6ydy
vCrjt77jqF1jnffxLA7ZIEmSPFSOXQJUo5xLF2LfBnUUyA0QGinH730J14wFt0pa
eXkDWdO4P/kP7DqSbyXKyVOcRoycfYl3C2DiYfmcRq8Wqk7UCmiufXrUGLZpWWjZ
jJjJ5McmetJw2wgPx/B42cgZR4uo02IFyaduN6umjqpc2RKEvYC2RT4AhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaMGj6xyyTm/Y1VXI76Z3ruFUCCMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUTyHlPZ
aEshbH+iRqu/vxfUz1/zRTkTZ4PUFjKdP4phCDVHHdu0fda6ThHuJD+yqj2YB4lh
1qb+03jEWhUhokbWtyOJFBur16xp8JAtYKCsmh66lm9zw7kjRnlaPywPKSsoO34b
cD7JxM0kX5SxxpT2GmoAF6mFqtWgIs+vkXkni80vo10Q2XygKon7HXfavm8f+n2o
8eX3t6zZIhuWcjjbrPFvf+M/XQPtoksVYZKSSrlMQkK2xvHYdLbiVxMWVEEn3BUz
rL3XbfgYJmSE8K4w+F2q7qO+dyr+en9h47C+BmjHa0WIpurcb/p2pfJhrYHF2SdX
FSZjKo1mVTMf5g==
-----END CERTIFICATE-----