Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
File:                     BjnEhGuIwtcOMc5MD8y0z03qVDY.mft (raw, json)
Hash identifier:          ijv4e9QdnWnhhKnouZqHIztfas7Xi6fHZDYHVvvoHa8=
Subject key identifier:   1E:92:41:CF:1D:AC:8B:36:77:07:BB:4B:A8:8C:BE:11:BA:48:C9:83
Authority key identifier: 06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36
Certificate issuer:       /CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
Certificate serial:       0198D92B9151CFF7B769C9258D2D72FBBA4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
Manifest number:          1649
Signing time:             Sat 23 Aug 2025 23:02:47 +0000
Manifest this update:     Sat 23 Aug 2025 23:02:47 +0000
Manifest next update:     Sun 24 Aug 2025 23:02:47 +0000
Files and hashes:         1: BjnEhGuIwtcOMc5MD8y0z03qVDY.crl (hash: 5HuqkwQXY6x86LM7BcRt1O+EvrSlrwCm0aTJunxAJm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 23:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d9:2b:91:51:cf:f7:b7:69:c9:25:8d:2d:72:fb:ba:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
        Validity
            Not Before: Aug 23 23:02:47 2025 GMT
            Not After : Aug 24 23:02:47 2025 GMT
        Subject: CN=1e9241cf1dac8b367707bb4ba88cbe11ba48c983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f5:4b:ef:9d:8d:fb:bc:43:33:04:4a:3b:68:
                    67:5b:59:fa:ea:2a:46:f9:1a:1f:9e:bf:de:af:b5:
                    67:ca:75:47:36:b2:13:76:6a:44:df:f0:52:5f:e9:
                    6d:03:bc:86:d8:2f:0a:d5:18:42:be:04:b4:bd:39:
                    dc:fb:77:ad:2d:20:2b:2d:d2:93:e2:d3:e6:69:63:
                    68:d7:22:ba:8d:94:57:d1:94:26:b6:3c:99:4f:aa:
                    c4:4b:a0:ba:51:95:29:53:5e:47:43:b6:7f:72:3e:
                    94:24:ed:2c:e8:af:86:bd:35:32:a0:bc:85:7c:9e:
                    11:79:2a:d2:bb:74:1b:69:f6:dd:ad:84:73:12:fd:
                    8d:10:86:30:0c:0d:ee:ea:07:f4:12:08:28:b0:0f:
                    b0:31:e7:67:9a:96:62:58:bd:49:cd:38:be:fa:b0:
                    85:ba:00:20:e2:de:b4:cd:22:b0:19:57:f4:dc:4b:
                    6d:d2:97:a2:6d:8b:8f:eb:3b:3b:b1:1a:b2:36:1a:
                    81:cf:24:cb:ab:7d:bc:23:f9:2d:d1:5d:25:5c:2c:
                    b6:01:d5:3a:d7:09:35:58:09:42:e2:b3:11:f0:b6:
                    77:96:dd:d6:3a:5b:8b:99:35:90:38:84:5b:da:9d:
                    05:34:25:5e:21:1f:f6:4c:b7:6a:d2:73:74:35:6f:
                    28:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:92:41:CF:1D:AC:8B:36:77:07:BB:4B:A8:8C:BE:11:BA:48:C9:83
            X509v3 Authority Key Identifier:
                keyid:06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:94:4a:8f:41:56:ce:d6:68:80:cb:60:42:ef:b7:49:f4:cd:
         78:c3:e9:24:5d:87:5a:8a:23:1d:63:58:2d:46:f9:de:83:a9:
         a4:3c:89:ac:9e:b2:a8:ab:03:91:49:75:15:a1:6e:18:fd:44:
         97:7a:25:61:ff:2a:e5:32:20:cc:8e:5b:ab:ae:02:23:75:9f:
         e6:c3:d0:d7:77:32:7a:42:a1:cd:f6:64:a0:4a:52:17:ff:c8:
         7d:54:45:c9:7a:8f:00:0f:b8:ae:48:b6:8d:fe:a6:ee:37:f3:
         0b:3d:20:d2:a5:31:76:d9:7c:39:6a:6b:bb:d9:e4:88:b6:12:
         49:bf:0e:dc:82:75:65:ed:1f:70:dc:90:02:d1:a4:af:22:e0:
         a2:e8:9e:93:e7:fa:b7:ee:22:21:12:db:c1:64:84:6e:e8:fa:
         bd:bf:da:1a:5a:78:b5:fd:64:50:59:e3:ab:6f:96:3e:13:99:
         9f:77:cf:8a:d1:40:5e:06:76:c6:bf:e1:9a:8c:4d:b9:b1:c1:
         b6:a4:56:29:bc:fc:1f:c7:b5:92:a4:12:62:b5:33:b3:68:5a:
         14:ce:29:05:39:ee:48:54:27:4e:ac:db:8e:fa:f9:94:2a:f5:
         78:b6:11:f3:5f:09:85:a2:9b:f5:a8:5e:23:80:ca:02:0f:df:
         2e:df:d3:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjZK5FRz/e3ackljS1y+7pMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzljNDg0NmI4OGMyZDcwZTMxY2U0YzBmY2NiNGNmNGRl
YTU0MzYwHhcNMjUwODIzMjMwMjQ3WhcNMjUwODI0MjMwMjQ3WjAzMTEwLwYDVQQD
EygxZTkyNDFjZjFkYWM4YjM2NzcwN2JiNGJhODhjYmUxMWJhNDhjOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/VL752N+7xDMwRKO2hnW1n66ipG
+Rofnr/er7VnynVHNrITdmpE3/BSX+ltA7yG2C8K1RhCvgS0vTnc+3etLSArLdKT
4tPmaWNo1yK6jZRX0ZQmtjyZT6rES6C6UZUpU15HQ7Z/cj6UJO0s6K+GvTUyoLyF
fJ4ReSrSu3QbafbdrYRzEv2NEIYwDA3u6gf0EggosA+wMednmpZiWL1JzTi++rCF
ugAg4t60zSKwGVf03Ett0peibYuP6zs7sRqyNhqBzyTLq328I/kt0V0lXCy2AdU6
1wk1WAlC4rMR8LZ3lt3WOluLmTWQOIRb2p0FNCVeIR/2TLdq0nN0NW8oIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6SQc8drIs2dwe7S6iMvhG6SMmDMB8GA1UdIwQY
MBaAFAY5xIRriMLXDjHOTA/MtM9N6lQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAt
MTk0OWQ2YjgwNDkxLzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAtMTk0OWQ2YjgwNDkx
LzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIpRKj0FW
ztZogMtgQu+3SfTNeMPpJF2HWoojHWNYLUb53oOppDyJrJ6yqKsDkUl1FaFuGP1E
l3olYf8q5TIgzI5bq64CI3Wf5sPQ13cyekKhzfZkoEpSF//IfVRFyXqPAA+4rki2
jf6m7jfzCz0g0qUxdtl8OWpru9nkiLYSSb8O3IJ1Ze0fcNyQAtGkryLgouiek+f6
t+4iIRLbwWSEbuj6vb/aGlp4tf1kUFnjq2+WPhOZn3fPitFAXgZ2xr/hmoxNubHB
tqRWKbz8H8e1kqQSYrUzs2haFM4pBTnuSFQnTqzbjvr5lCr1eLYR818JhaKb9ahe
I4DKAg/fLt/Tgg==
-----END CERTIFICATE-----