Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          l4k0vzzlVDFfBz9su7NweJoi9k0Ay/BECeFfRJmdMKQ=
Subject key identifier:   B9:62:A9:20:F5:11:EC:36:73:30:32:70:50:F3:A1:B1:3B:71:D6:49
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       019D2704480DFC35CFAF7F76079C46CD75A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          0FBE
Signing time:             Wed 25 Mar 2026 22:01:25 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:25 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:25 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: 38QQUbVihmM0H+HBqcz9xkNZZsAyMlSrp7v3aABGcBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:48:0d:fc:35:cf:af:7f:76:07:9c:46:cd:75:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Mar 25 22:01:25 2026 GMT
            Not After : Mar 26 22:01:25 2026 GMT
        Subject: CN=b962a920f511ec367330327050f3a1b13b71d649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6d:7c:8e:d7:3a:30:6f:0c:30:b7:08:f7:53:
                    d6:74:d0:45:de:ee:98:a3:91:f9:59:e5:13:85:48:
                    3e:a5:fa:8e:e2:91:4f:a7:90:e5:fc:01:ff:44:7f:
                    2e:5d:25:eb:d0:8c:cd:54:68:e7:dc:9b:a6:07:9c:
                    d1:2f:b3:6b:ca:f7:af:6d:a1:e7:a9:8f:3b:32:25:
                    2b:fb:6a:2e:0b:69:c8:08:a8:21:92:6f:94:6d:fe:
                    5c:d3:81:46:c5:22:8b:f6:72:04:88:45:0c:cb:b0:
                    47:be:02:6b:fb:9b:ef:53:9b:fe:1e:e5:e7:b2:26:
                    72:36:30:0a:43:47:33:22:1e:44:73:f0:c1:74:ac:
                    da:b8:6c:0b:a3:34:91:21:6e:14:9f:ea:b8:b1:7c:
                    4f:13:d3:b3:2d:d0:73:bf:97:40:32:71:a2:89:ab:
                    3b:07:03:6e:22:21:f2:07:8b:e5:a9:4a:b3:d0:8d:
                    eb:12:a9:a2:c3:e0:6f:c6:2a:15:e0:0d:c5:c0:5e:
                    d6:81:a2:21:90:71:33:2c:4e:a6:e6:e8:0d:ea:a7:
                    20:29:62:b9:e7:22:93:24:3e:99:39:aa:b4:3f:6f:
                    ee:ef:50:3e:64:38:bb:cd:8f:77:5f:e1:14:9f:fb:
                    ef:8e:79:27:f5:9b:2b:bc:6c:98:63:a3:54:6c:42:
                    93:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:62:A9:20:F5:11:EC:36:73:30:32:70:50:F3:A1:B1:3B:71:D6:49
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:d9:31:bb:33:dd:9e:70:e3:b4:5d:3e:03:9d:98:3f:50:df:
         3f:00:62:12:c8:63:1f:40:c8:2e:d7:6f:ab:a1:fd:21:79:f4:
         65:79:2d:97:d3:e2:14:4e:84:89:25:2b:25:71:d5:c2:e2:58:
         d8:8a:25:ad:67:a9:06:6d:1d:8a:21:f3:6f:b7:43:a4:29:b9:
         0f:3b:eb:23:e2:f4:34:7b:dd:b4:14:7d:48:8a:0a:09:9a:da:
         0c:8e:f2:4a:de:44:5e:f5:a0:a8:77:48:15:b2:69:ef:c5:cb:
         0c:15:3f:59:86:9c:4c:6c:2d:d4:69:c7:84:77:a2:6c:1c:71:
         48:d7:20:49:00:3d:0b:3d:ec:aa:ba:57:93:84:29:0b:c6:de:
         ad:94:a5:1d:e7:2b:00:9f:fe:33:72:b6:f3:23:dc:3d:0b:ae:
         26:a2:91:20:be:99:9e:28:ca:3a:8b:5d:82:7e:f4:ba:9c:c1:
         80:9f:c8:2b:4f:e0:7a:59:e9:7a:35:80:75:c6:52:89:ef:ea:
         50:02:f7:c8:1d:25:e6:07:bc:3f:68:80:0c:5e:d5:e3:5d:3b:
         4c:f3:3b:9e:c5:3c:12:6e:57:bc:58:27:54:95:e4:a3:b9:4a:
         e2:ca:64:93:cc:ff:12:d7:4d:45:01:38:77:ac:03:4a:e2:68:
         45:aa:94:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBEgN/DXPr392B5xGzXWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjYwMzI1MjIwMTI1WhcNMjYwMzI2MjIwMTI1WjAzMTEwLwYDVQQD
EyhiOTYyYTkyMGY1MTFlYzM2NzMzMDMyNzA1MGYzYTFiMTNiNzFkNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW18jtc6MG8MMLcI91PWdNBF3u6Y
o5H5WeUThUg+pfqO4pFPp5Dl/AH/RH8uXSXr0IzNVGjn3JumB5zRL7NryvevbaHn
qY87MiUr+2ouC2nICKghkm+Ubf5c04FGxSKL9nIEiEUMy7BHvgJr+5vvU5v+HuXn
siZyNjAKQ0czIh5Ec/DBdKzauGwLozSRIW4Un+q4sXxPE9OzLdBzv5dAMnGiias7
BwNuIiHyB4vlqUqz0I3rEqmiw+BvxioV4A3FwF7WgaIhkHEzLE6m5ugN6qcgKWK5
5yKTJD6ZOaq0P2/u71A+ZDi7zY93X+EUn/vvjnkn9ZsrvGyYY6NUbEKTGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLliqSD1Eew2czAycFDzobE7cdZJMB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUdkxuzPd
nnDjtF0+A52YP1DfPwBiEshjH0DILtdvq6H9IXn0ZXktl9PiFE6EiSUrJXHVwuJY
2IolrWepBm0diiHzb7dDpCm5DzvrI+L0NHvdtBR9SIoKCZraDI7ySt5EXvWgqHdI
FbJp78XLDBU/WYacTGwt1GnHhHeibBxxSNcgSQA9Cz3sqrpXk4QpC8berZSlHecr
AJ/+M3K28yPcPQuuJqKRIL6ZnijKOotdgn70upzBgJ/IK0/gelnpejWAdcZSie/q
UAL3yB0l5ge8P2iADF7V4107TPM7nsU8Em5XvFgnVJXko7lK4spkk8z/EtdNRQE4
d6wDSuJoRaqUBg==
-----END CERTIFICATE-----