Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          a+BZE/OfSpX++N+yEcOiK+ktoqDm0RleZOkrCxWlODc=
Subject key identifier:   C1:67:00:51:37:0A:2B:D4:09:05:C0:A1:BD:E5:BB:E9:47:9E:79:80
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       0199FE4723ED9AD99CBC76F82FF41E78995D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0B71
Signing time:             Sun 19 Oct 2025 21:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:39 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: OZMx3IFffIJWNdhfpvldI4n7es7Es/MvbHiY0QuZMtU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:23:ed:9a:d9:9c:bc:76:f8:2f:f4:1e:78:99:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Oct 19 21:01:39 2025 GMT
            Not After : Oct 20 21:01:39 2025 GMT
        Subject: CN=c1670051370a2bd40905c0a1bde5bbe9479e7980
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:60:15:00:fe:11:e8:30:8d:b6:b6:de:aa:52:
                    d1:3a:5a:2e:c9:15:17:98:46:1c:24:9a:0e:57:1a:
                    eb:97:b7:79:2c:1e:1e:fb:f7:ea:f2:2e:6c:c5:38:
                    e2:85:9a:f3:b1:b6:74:a8:a4:26:f0:f2:2e:17:7f:
                    3b:46:87:1d:d4:59:bf:22:e7:19:49:e7:be:99:94:
                    ad:7a:2a:08:d5:d5:b9:36:ad:e1:1d:2d:ce:c0:cb:
                    36:f3:0d:d1:7b:73:a2:86:3b:e5:5c:69:1e:05:ff:
                    f2:36:e2:10:64:94:68:f1:86:08:d7:10:a0:ba:3c:
                    58:6e:c5:0e:91:dc:82:e3:70:aa:70:0d:24:e5:00:
                    fa:b2:65:90:78:a4:b3:3c:a5:bd:dc:ed:57:28:42:
                    34:6d:e2:6e:4b:e6:05:80:65:06:4c:c4:6d:e7:2d:
                    f8:a9:a7:45:60:6f:44:1e:4f:e2:2e:f7:64:c0:f8:
                    33:10:dd:58:ef:8a:fb:56:9d:76:65:c8:16:f6:93:
                    7f:5f:2e:f7:a1:82:7d:01:d4:de:ee:2a:cc:d9:08:
                    45:49:60:b6:4d:9d:08:69:e7:3a:f5:a1:33:f4:10:
                    26:29:1a:88:64:5c:29:07:a0:ac:24:ea:ba:a5:00:
                    57:8b:bf:db:05:eb:7c:61:f3:13:14:b5:1c:f7:8c:
                    b9:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:67:00:51:37:0A:2B:D4:09:05:C0:A1:BD:E5:BB:E9:47:9E:79:80
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:68:26:70:97:80:c5:87:a9:19:23:56:99:3f:30:5d:fb:2d:
         42:33:78:0e:41:91:aa:02:02:1a:44:a7:0f:83:f8:a4:0e:8a:
         52:e0:71:ae:e3:ed:68:41:15:6a:6e:d4:81:7e:3b:a7:8b:76:
         32:ea:d2:a3:1b:1c:59:d6:2a:b5:82:33:0e:14:8a:a0:02:eb:
         d1:fe:9d:d3:04:2c:cd:2b:3b:a2:29:b0:34:42:f6:0d:71:48:
         44:85:b9:97:21:d4:80:8b:f9:cc:33:44:a1:ec:48:73:bd:db:
         38:47:bd:d8:17:62:1c:09:7b:71:28:ac:e5:e8:70:6b:3c:8c:
         c0:14:c5:47:cb:ed:c6:b1:8a:1a:99:3f:bd:13:eb:cc:a3:88:
         58:4e:7c:25:ce:98:3f:d3:ab:98:0c:50:92:ea:a3:a8:13:43:
         92:52:91:80:e8:59:48:a9:bf:d1:b5:8d:ef:1e:c8:7a:12:8d:
         ed:49:a8:89:23:df:82:a0:00:37:13:e2:5e:69:fa:39:23:0c:
         63:c3:67:50:24:85:87:e7:60:22:34:08:0e:e5:16:0a:3e:bc:
         36:af:0f:9f:dc:9b:e6:50:e2:58:e0:80:c9:e4:78:2d:5a:19:
         91:bf:ca:a8:9c:8d:46:fc:8c:49:18:b3:18:db:40:e5:b6:0b:
         e0:d4:ee:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RyPtmtmcvHb4L/QeeJldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjUxMDE5MjEwMTM5WhcNMjUxMDIwMjEwMTM5WjAzMTEwLwYDVQQD
EyhjMTY3MDA1MTM3MGEyYmQ0MDkwNWMwYTFiZGU1YmJlOTQ3OWU3OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WAVAP4R6DCNtrbeqlLROlouyRUX
mEYcJJoOVxrrl7d5LB4e+/fq8i5sxTjihZrzsbZ0qKQm8PIuF387Rocd1Fm/IucZ
See+mZSteioI1dW5Nq3hHS3OwMs28w3Re3OihjvlXGkeBf/yNuIQZJRo8YYI1xCg
ujxYbsUOkdyC43CqcA0k5QD6smWQeKSzPKW93O1XKEI0beJuS+YFgGUGTMRt5y34
qadFYG9EHk/iLvdkwPgzEN1Y74r7Vp12ZcgW9pN/Xy73oYJ9AdTe7irM2QhFSWC2
TZ0Iaec69aEz9BAmKRqIZFwpB6CsJOq6pQBXi7/bBet8YfMTFLUc94y5lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFnAFE3CivUCQXAob3lu+lHnnmAMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ2gmcJeA
xYepGSNWmT8wXfstQjN4DkGRqgICGkSnD4P4pA6KUuBxruPtaEEVam7UgX47p4t2
MurSoxscWdYqtYIzDhSKoALr0f6d0wQszSs7oimwNEL2DXFIRIW5lyHUgIv5zDNE
oexIc73bOEe92BdiHAl7cSis5ehwazyMwBTFR8vtxrGKGpk/vRPrzKOIWE58Jc6Y
P9OrmAxQkuqjqBNDklKRgOhZSKm/0bWN7x7IehKN7UmoiSPfgqAANxPiXmn6OSMM
Y8NnUCSFh+dgIjQIDuUWCj68Nq8Pn9yb5lDiWOCAyeR4LVoZkb/KqJyNRvyMSRiz
GNtA5bYL4NTuzQ==
-----END CERTIFICATE-----