Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
File:                     BjnEhGuIwtcOMc5MD8y0z03qVDY.mft (raw, json)
Hash identifier:          lcMMO2OHzu8cZEDzus0Bo3huC8tPaH626lXL6kz2Yk0=
Subject key identifier:   DE:09:28:FC:3D:7E:66:FC:14:AA:71:16:FB:A7:87:79:A0:B4:E2:B2
Authority key identifier: 06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36
Certificate issuer:       /CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
Certificate serial:       019E1F11A582C09F69918625DAF1336788AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
Manifest number:          1904
Signing time:             Wed 13 May 2026 02:01:50 +0000
Manifest this update:     Wed 13 May 2026 02:01:50 +0000
Manifest next update:     Thu 14 May 2026 02:01:50 +0000
Files and hashes:         1: BjnEhGuIwtcOMc5MD8y0z03qVDY.crl (hash: T8jY0SBc70FkSUAIeiMR1+ikZhxJeTzGh4CadxAV6VQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:11:a5:82:c0:9f:69:91:86:25:da:f1:33:67:88:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
        Validity
            Not Before: May 13 02:01:50 2026 GMT
            Not After : May 14 02:01:50 2026 GMT
        Subject: CN=de0928fc3d7e66fc14aa7116fba78779a0b4e2b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4b:7c:4a:1b:da:cc:79:9f:90:33:8a:b6:3a:
                    fa:02:0a:a3:93:71:63:10:5b:59:4f:f3:ed:e0:ae:
                    91:67:3c:97:a1:8f:5a:fe:7b:ea:1e:a7:ee:b3:76:
                    ba:d2:e7:d8:13:81:4f:09:12:be:c5:12:fc:36:0f:
                    3a:84:d1:e1:fb:9b:ea:cf:b1:3a:20:88:3b:30:2e:
                    9e:e7:c6:de:9e:ac:d2:7e:cb:25:3b:33:2d:4d:bc:
                    ab:f0:cc:23:61:29:fe:80:38:7f:6a:9c:b2:0d:21:
                    a7:90:89:3e:2b:5d:c8:dd:bc:bc:16:f3:1c:17:f8:
                    72:8f:31:a1:08:b6:d6:03:14:c7:2d:2e:82:60:85:
                    83:86:7f:ef:a6:2c:4d:1b:c4:78:0a:f2:8b:9b:9e:
                    02:b6:79:76:13:a5:c3:d0:0d:2a:15:41:c2:e8:d1:
                    0f:46:35:cf:af:b6:58:ad:78:d7:0e:3f:27:7d:46:
                    f0:15:bc:73:27:c2:dd:80:e7:f2:96:c9:73:18:00:
                    84:49:62:e7:72:49:32:ca:23:53:b5:9b:68:08:39:
                    fb:2b:28:8f:9d:4a:e8:dd:64:5a:ee:a3:44:73:03:
                    75:b5:40:cf:ab:90:86:5e:15:1a:e4:2a:cb:81:cb:
                    2e:68:31:d3:c6:6b:3d:51:73:df:02:ee:67:34:37:
                    a9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:09:28:FC:3D:7E:66:FC:14:AA:71:16:FB:A7:87:79:A0:B4:E2:B2
            X509v3 Authority Key Identifier:
                keyid:06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:8b:34:1c:ad:18:20:47:c1:fc:36:87:6c:ec:b0:45:37:eb:
         6c:3b:f0:85:0f:5d:52:e6:4a:1e:da:f5:c8:75:85:c2:3e:95:
         7b:02:e3:c0:05:dc:1d:aa:c8:ca:d8:49:e6:aa:49:7b:96:25:
         8e:43:18:7e:b8:93:4f:f6:e8:2b:47:d1:bd:84:aa:da:fd:42:
         8d:77:a6:d8:a2:24:b6:e7:0a:e7:6e:22:8f:5f:f5:0d:e4:8f:
         63:4f:b2:86:77:4c:8d:41:4b:84:b3:c0:b0:a6:38:3f:10:2e:
         c5:da:73:f4:b8:8a:87:15:b5:80:9a:c9:56:88:d5:e2:93:ea:
         ab:3b:62:1e:e8:38:8d:8f:23:e8:b4:af:d2:25:7c:36:e6:d1:
         e7:f5:e2:f6:02:6c:c1:b4:fa:be:00:f3:0b:52:7a:b3:37:f1:
         7d:ae:8f:c8:3b:87:99:1e:99:35:d9:10:9f:ab:74:7c:d1:a8:
         13:84:8e:70:5c:b4:c8:32:b1:fe:5a:ad:f1:1e:93:8c:cf:da:
         86:f6:fa:c3:1a:39:fa:7c:05:90:18:32:2a:83:e0:34:33:04:
         65:b5:c2:05:79:17:94:12:9f:af:05:5a:69:07:ce:a8:63:66:
         ac:4f:12:f0:14:59:bc:f2:ca:ce:e2:b9:19:e0:5d:6d:b0:f7:
         04:e9:c4:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fEaWCwJ9pkYYl2vEzZ4isMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzljNDg0NmI4OGMyZDcwZTMxY2U0YzBmY2NiNGNmNGRl
YTU0MzYwHhcNMjYwNTEzMDIwMTUwWhcNMjYwNTE0MDIwMTUwWjAzMTEwLwYDVQQD
EyhkZTA5MjhmYzNkN2U2NmZjMTRhYTcxMTZmYmE3ODc3OWEwYjRlMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUt8ShvazHmfkDOKtjr6Agqjk3Fj
EFtZT/Pt4K6RZzyXoY9a/nvqHqfus3a60ufYE4FPCRK+xRL8Ng86hNHh+5vqz7E6
IIg7MC6e58benqzSfsslOzMtTbyr8MwjYSn+gDh/apyyDSGnkIk+K13I3by8FvMc
F/hyjzGhCLbWAxTHLS6CYIWDhn/vpixNG8R4CvKLm54Ctnl2E6XD0A0qFUHC6NEP
RjXPr7ZYrXjXDj8nfUbwFbxzJ8LdgOfylslzGACESWLnckkyyiNTtZtoCDn7KyiP
nUro3WRa7qNEcwN1tUDPq5CGXhUa5CrLgcsuaDHTxms9UXPfAu5nNDepRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4JKPw9fmb8FKpxFvunh3mgtOKyMB8GA1UdIwQY
MBaAFAY5xIRriMLXDjHOTA/MtM9N6lQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAt
MTk0OWQ2YjgwNDkxLzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAtMTk0OWQ2YjgwNDkx
LzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu4s0HK0Y
IEfB/DaHbOywRTfrbDvwhQ9dUuZKHtr1yHWFwj6VewLjwAXcHarIythJ5qpJe5Yl
jkMYfriTT/boK0fRvYSq2v1CjXem2KIktucK524ij1/1DeSPY0+yhndMjUFLhLPA
sKY4PxAuxdpz9LiKhxW1gJrJVojV4pPqqztiHug4jY8j6LSv0iV8NubR5/Xi9gJs
wbT6vgDzC1J6szfxfa6PyDuHmR6ZNdkQn6t0fNGoE4SOcFy0yDKx/lqt8R6TjM/a
hvb6wxo5+nwFkBgyKoPgNDMEZbXCBXkXlBKfrwVaaQfOqGNmrE8S8BRZvPLKzuK5
GeBdbbD3BOnE8w==
-----END CERTIFICATE-----