Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
File:                     BjnEhGuIwtcOMc5MD8y0z03qVDY.mft (raw, json)
Hash identifier:          EVPJeU1DKQp9dadavdH2vpehF914OATzhcFZbFNZBwg=
Subject key identifier:   FE:70:BD:6F:AD:89:4F:32:76:9B:B4:0F:16:DD:79:5B:D1:C8:9B:46
Authority key identifier: 06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36
Certificate issuer:       /CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
Certificate serial:       0199FEB4BF4F9124E68AFFF793766B931A04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 23:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:22 +0000
Files and hashes:         1: BjnEhGuIwtcOMc5MD8y0z03qVDY.crl (hash: lvc5Jzfjje6wzuOU5BQOQKZA40WZyjZ95c4sF1gUswA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 23:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:bf:4f:91:24:e6:8a:ff:f7:93:76:6b:93:1a:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
        Validity
            Not Before: Oct 19 23:01:22 2025 GMT
            Not After : Oct 20 23:01:22 2025 GMT
        Subject: CN=fe70bd6fad894f32769bb40f16dd795bd1c89b46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:86:ae:04:2a:82:32:16:b1:08:de:56:b4:eb:
                    0f:f8:0e:98:9f:6d:04:0a:54:5a:a0:cc:27:7f:18:
                    1a:d4:02:e3:35:76:57:ba:9a:f6:fe:67:6e:de:75:
                    f4:f3:7f:c6:cc:ee:91:72:f2:60:c5:69:d8:b1:66:
                    1f:5a:aa:23:ad:00:ed:b3:e6:54:3a:c6:1e:4c:3f:
                    ac:82:ad:7a:15:df:98:70:a0:96:10:fc:f5:da:b7:
                    eb:67:98:57:84:6b:9f:47:cc:ff:c0:df:6c:33:33:
                    6c:1d:9f:25:48:4a:86:07:33:73:63:1b:5a:00:7b:
                    33:23:54:d1:d9:a4:ab:98:7c:12:fb:b3:f7:69:28:
                    e1:91:35:17:6a:7c:1f:66:05:65:11:1e:1e:97:31:
                    cb:aa:e8:79:df:28:f1:f6:03:28:a6:81:af:2e:54:
                    ee:7d:61:65:bf:f3:07:38:5a:1b:60:da:1f:66:74:
                    a9:59:5e:d7:78:8c:62:21:dd:7d:b3:aa:20:53:9e:
                    4d:57:69:6a:5b:a4:fb:72:3b:fc:a8:bd:01:aa:c8:
                    eb:15:bc:ba:db:d7:be:4f:6a:08:91:b4:de:6d:70:
                    46:b9:22:81:2b:3d:af:16:fd:c8:44:3a:99:15:8a:
                    46:0b:84:69:6c:58:27:53:0a:15:97:64:7c:66:3d:
                    68:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:70:BD:6F:AD:89:4F:32:76:9B:B4:0F:16:DD:79:5B:D1:C8:9B:46
            X509v3 Authority Key Identifier:
                keyid:06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:3c:d9:5c:3e:e2:d0:ae:b9:37:c8:6d:f5:6d:ec:92:05:12:
         d2:45:21:f8:32:92:23:fe:3f:73:ed:f4:42:66:ec:bb:55:e4:
         94:12:1e:d8:39:ef:8f:50:3d:25:0b:23:90:aa:22:d3:15:2c:
         09:44:31:34:3f:84:c5:f6:ad:8a:60:de:4e:06:08:6c:65:43:
         f9:92:c4:a5:62:f1:1c:f7:1d:e5:d5:fa:64:d1:dc:9e:43:48:
         31:35:3b:18:e7:62:3d:7a:d3:73:29:55:da:cb:27:bd:e3:17:
         c8:d6:f0:4b:86:3d:1e:b0:1f:89:f6:1c:17:e9:2c:f0:a8:8f:
         fe:8f:df:ca:6c:77:b8:52:3f:1c:54:7e:90:76:ec:f4:6a:ec:
         b2:e6:58:97:60:e7:30:22:68:53:26:23:7f:bc:11:59:00:b0:
         4c:19:5e:d3:96:92:f0:94:2d:14:80:e7:1c:9a:60:3f:73:0e:
         43:f5:fb:11:3a:ed:39:2f:9c:9e:fd:85:45:53:cc:06:8f:19:
         0a:44:b2:e9:8d:13:9a:da:41:98:3a:5e:fa:33:66:ef:04:3d:
         57:bc:ca:ee:99:1c:c4:49:6b:8c:0c:af:eb:02:b8:07:d3:b5:
         0e:57:f7:fc:22:40:d0:d0:26:ca:46:8c:1a:b4:f7:8e:2b:0d:
         61:fd:dd:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tL9PkSTmiv/3k3ZrkxoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzljNDg0NmI4OGMyZDcwZTMxY2U0YzBmY2NiNGNmNGRl
YTU0MzYwHhcNMjUxMDE5MjMwMTIyWhcNMjUxMDIwMjMwMTIyWjAzMTEwLwYDVQQD
EyhmZTcwYmQ2ZmFkODk0ZjMyNzY5YmI0MGYxNmRkNzk1YmQxYzg5YjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IauBCqCMhaxCN5WtOsP+A6Yn20E
ClRaoMwnfxga1ALjNXZXupr2/mdu3nX083/GzO6RcvJgxWnYsWYfWqojrQDts+ZU
OsYeTD+sgq16Fd+YcKCWEPz12rfrZ5hXhGufR8z/wN9sMzNsHZ8lSEqGBzNzYxta
AHszI1TR2aSrmHwS+7P3aSjhkTUXanwfZgVlER4elzHLquh53yjx9gMopoGvLlTu
fWFlv/MHOFobYNofZnSpWV7XeIxiId19s6ogU55NV2lqW6T7cjv8qL0BqsjrFby6
29e+T2oIkbTebXBGuSKBKz2vFv3IRDqZFYpGC4RpbFgnUwoVl2R8Zj1oOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5wvW+tiU8ydpu0DxbdeVvRyJtGMB8GA1UdIwQY
MBaAFAY5xIRriMLXDjHOTA/MtM9N6lQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAt
MTk0OWQ2YjgwNDkxLzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAtMTk0OWQ2YjgwNDkx
LzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljzZXD7i
0K65N8ht9W3skgUS0kUh+DKSI/4/c+30Qmbsu1XklBIe2Dnvj1A9JQsjkKoi0xUs
CUQxND+ExfatimDeTgYIbGVD+ZLEpWLxHPcd5dX6ZNHcnkNIMTU7GOdiPXrTcylV
2ssnveMXyNbwS4Y9HrAfifYcF+ks8KiP/o/fymx3uFI/HFR+kHbs9GrssuZYl2Dn
MCJoUyYjf7wRWQCwTBle05aS8JQtFIDnHJpgP3MOQ/X7ETrtOS+cnv2FRVPMBo8Z
CkSy6Y0TmtpBmDpe+jNm7wQ9V7zK7pkcxElrjAyv6wK4B9O1Dlf3/CJA0NAmykaM
GrT3jisNYf3dLA==
-----END CERTIFICATE-----