Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
File:                     BjnEhGuIwtcOMc5MD8y0z03qVDY.mft (raw, json)
Hash identifier:          /GD8nCCuR5hqVMN9E4XMiBt+TJKUvJPV5vlEdIPVTh4=
Subject key identifier:   7A:35:FA:24:99:A1:73:08:99:54:5E:54:33:2E:34:78:20:CA:6C:94
Authority key identifier: 06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36
Certificate issuer:       /CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
Certificate serial:       019D27E007B954BBDEDA573DEB814DC441A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 02:01:26 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:26 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:26 +0000
Files and hashes:         1: BjnEhGuIwtcOMc5MD8y0z03qVDY.crl (hash: SmdZ1tfIHy4PwwAiY4H84NMonIuAEQXw38qqaQkVecI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:07:b9:54:bb:de:da:57:3d:eb:81:4d:c4:41:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0639c4846b88c2d70e31ce4c0fccb4cf4dea5436
        Validity
            Not Before: Mar 26 02:01:26 2026 GMT
            Not After : Mar 27 02:01:26 2026 GMT
        Subject: CN=7a35fa2499a1730899545e54332e347820ca6c94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:e1:0f:38:3e:ed:ba:61:d3:a7:cf:4e:b8:12:
                    75:6d:46:9c:cb:b4:ae:d8:83:b9:47:45:c5:51:90:
                    8c:8e:48:0c:14:43:e1:ed:d3:e5:4d:37:96:11:86:
                    f3:4d:67:01:da:df:cd:99:ca:0c:f9:27:91:18:45:
                    27:e2:3e:ea:f9:8e:19:6e:c1:31:8c:12:25:4a:00:
                    03:4c:de:b1:64:c5:a3:b4:f0:22:3f:f5:d8:07:69:
                    77:23:8b:20:64:4c:d7:3b:21:52:80:a8:c3:74:a8:
                    81:8a:6d:92:45:f3:42:28:91:09:f7:15:f0:9a:fa:
                    af:a6:f3:b5:40:69:b2:3a:d9:b7:8e:fe:1a:c4:a0:
                    f6:b6:b2:12:5e:62:92:c1:80:86:8d:ac:68:30:6b:
                    9a:11:5d:c5:3e:9b:67:62:bb:a6:d8:ad:10:3c:20:
                    f4:74:55:4a:27:0e:ad:e5:5e:2c:88:42:32:59:c7:
                    6f:ae:27:14:48:bd:16:1e:5d:e6:d7:0f:87:c1:92:
                    2f:a5:62:9f:9f:aa:f2:cd:9b:c1:45:67:d6:2c:23:
                    f4:6f:af:6b:6b:06:09:e3:54:9c:14:6e:25:d2:23:
                    1a:7a:9e:27:8d:66:99:61:b7:68:80:d3:25:d5:38:
                    7d:d4:64:70:e1:9f:da:aa:3d:6c:7d:8a:a2:64:b5:
                    b3:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:35:FA:24:99:A1:73:08:99:54:5E:54:33:2E:34:78:20:CA:6C:94
            X509v3 Authority Key Identifier:
                keyid:06:39:C4:84:6B:88:C2:D7:0E:31:CE:4C:0F:CC:B4:CF:4D:EA:54:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjnEhGuIwtcOMc5MD8y0z03qVDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/cf0254-2b88-4b3f-8d30-1949d6b80491/1/BjnEhGuIwtcOMc5MD8y0z03qVDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:fd:42:57:17:d3:7c:ec:2a:6b:53:bc:4f:64:fd:a2:e8:d3:
         26:df:a2:7c:9d:b5:25:be:a3:a6:74:1c:dc:bf:19:05:1c:8f:
         20:c7:80:e7:65:a3:3c:91:e4:7a:d1:fa:91:c1:1b:92:57:4b:
         ee:00:d6:ee:e0:83:91:a3:83:a1:09:b0:98:c3:b5:e7:f7:3a:
         82:49:76:2c:05:5c:30:d7:64:b3:a4:0e:ab:65:56:25:73:b8:
         9d:fa:20:5b:66:d6:8f:ca:c1:16:1d:47:61:cf:cf:f8:9a:be:
         62:08:6b:b9:d2:aa:b8:dd:3c:99:3f:c3:78:04:d6:cf:d1:ed:
         0c:46:91:1f:38:79:a5:90:eb:35:b8:e5:a8:fc:81:af:9f:eb:
         2e:51:6c:76:e7:94:60:b6:19:21:1b:0d:d8:58:d1:8b:eb:3f:
         7f:5b:3c:5d:8a:f2:69:bb:8f:ee:c3:40:75:2b:71:c0:ba:1d:
         27:12:48:e0:cf:cf:dc:cb:55:6f:37:d7:dc:5e:d6:ed:7a:a2:
         1f:6d:72:9b:42:43:08:c8:06:b2:4d:6d:4b:e5:3a:9c:7d:47:
         89:4d:dc:fe:00:25:c5:5b:6c:c8:b3:5a:14:c9:f4:29:20:c8:
         0f:8e:c1:3d:5a:82:f1:87:0b:55:8d:11:be:54:17:bc:1d:f5:
         0f:79:ac:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4Ae5VLve2lc964FNxEGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzljNDg0NmI4OGMyZDcwZTMxY2U0YzBmY2NiNGNmNGRl
YTU0MzYwHhcNMjYwMzI2MDIwMTI2WhcNMjYwMzI3MDIwMTI2WjAzMTEwLwYDVQQD
Eyg3YTM1ZmEyNDk5YTE3MzA4OTk1NDVlNTQzMzJlMzQ3ODIwY2E2Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uEPOD7tumHTp89OuBJ1bUacy7Su
2IO5R0XFUZCMjkgMFEPh7dPlTTeWEYbzTWcB2t/NmcoM+SeRGEUn4j7q+Y4ZbsEx
jBIlSgADTN6xZMWjtPAiP/XYB2l3I4sgZEzXOyFSgKjDdKiBim2SRfNCKJEJ9xXw
mvqvpvO1QGmyOtm3jv4axKD2trISXmKSwYCGjaxoMGuaEV3FPptnYrum2K0QPCD0
dFVKJw6t5V4siEIyWcdvricUSL0WHl3m1w+HwZIvpWKfn6ryzZvBRWfWLCP0b69r
awYJ41ScFG4l0iMaep4njWaZYbdogNMl1Th91GRw4Z/aqj1sfYqiZLWzlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHo1+iSZoXMImVReVDMuNHggymyUMB8GA1UdIwQY
MBaAFAY5xIRriMLXDjHOTA/MtM9N6lQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAt
MTk0OWQ2YjgwNDkxLzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jZjAyNTQtMmI4OC00YjNmLThkMzAtMTk0OWQ2YjgwNDkx
LzEvQmpuRWhHdUl3dGNPTWM1TUQ4eTB6MDNxVkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwP1CVxfT
fOwqa1O8T2T9oujTJt+ifJ21Jb6jpnQc3L8ZBRyPIMeA52WjPJHketH6kcEbkldL
7gDW7uCDkaODoQmwmMO15/c6gkl2LAVcMNdks6QOq2VWJXO4nfogW2bWj8rBFh1H
Yc/P+Jq+YghrudKquN08mT/DeATWz9HtDEaRHzh5pZDrNbjlqPyBr5/rLlFsdueU
YLYZIRsN2FjRi+s/f1s8XYryabuP7sNAdStxwLodJxJI4M/P3MtVbzfX3F7W7Xqi
H21ym0JDCMgGsk1tS+U6nH1HiU3c/gAlxVtsyLNaFMn0KSDID47BPVqC8YcLVY0R
vlQXvB31D3msig==
-----END CERTIFICATE-----