Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          f2FLeHPLbcBJdb7co5usVWy/RnNDfL3cWReGbKPhkIk=
Subject key identifier:   A0:0A:96:4F:84:0E:C7:2F:13:76:44:E9:4A:BB:D4:66:E6:06:FF:3F
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       0199FBEACC036194C5B7EA7F21BD3991A32B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          0E1A
Signing time:             Sun 19 Oct 2025 10:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:32 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: lYPLanJOCJHfUuS1ZSglBtHB12zYEMVMzq0YSrVlrPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:cc:03:61:94:c5:b7:ea:7f:21:bd:39:91:a3:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Oct 19 10:01:32 2025 GMT
            Not After : Oct 20 10:01:32 2025 GMT
        Subject: CN=a00a964f840ec72f137644e94abbd466e606ff3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8a:5a:63:fa:1c:31:5f:3b:96:b1:1e:fb:10:
                    bb:74:31:06:0c:93:11:a1:76:76:fa:19:ef:66:cf:
                    83:f4:eb:d0:79:d3:0e:dc:ff:34:d3:0b:24:94:ee:
                    7f:35:76:23:ed:04:bf:2c:1a:87:1a:e4:bd:f7:47:
                    40:d9:7a:3b:ad:f8:2b:83:12:93:cc:23:54:87:33:
                    67:1e:9f:fc:e6:ff:1a:5d:12:0a:0f:3c:7f:ed:d8:
                    08:39:7d:86:40:c8:c4:dc:c3:90:85:0c:2b:17:5c:
                    ce:d4:81:3a:bb:29:ba:84:d0:0b:54:da:30:7c:75:
                    c8:85:d2:2b:20:d8:2e:7f:b8:c8:ba:a9:75:cf:e3:
                    61:4b:c1:14:9c:94:84:ac:39:ed:d0:96:51:ca:63:
                    42:a8:a7:15:22:33:a7:68:71:18:7f:2a:a7:5b:34:
                    c6:57:99:d0:61:4c:f2:de:95:d8:78:c9:a2:f6:57:
                    60:f1:47:16:35:a2:b7:a0:f3:ee:03:cb:c8:5b:3c:
                    71:eb:71:91:de:1f:32:90:22:f9:36:c6:2b:40:b7:
                    b5:ab:47:88:38:18:8f:ef:0a:af:03:1d:29:c0:d7:
                    3b:b6:40:90:cb:ed:05:4c:a9:c1:e6:2a:d0:81:d9:
                    c5:df:d6:c6:e7:5c:1d:42:8d:f5:41:17:ae:f1:0a:
                    1f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:0A:96:4F:84:0E:C7:2F:13:76:44:E9:4A:BB:D4:66:E6:06:FF:3F
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:75:c8:ad:00:f0:9b:39:1f:1d:c8:47:e1:51:a0:4a:1d:89:
         d7:96:e1:be:08:ef:08:c3:f1:0c:4e:74:0e:f0:f8:6a:2e:75:
         a5:f5:8e:c7:3a:4b:bb:f0:08:35:bc:9c:f1:9a:61:63:01:91:
         cd:37:3f:d3:9a:76:09:59:e9:47:d4:ed:ba:24:68:99:34:75:
         7b:b2:c4:53:41:f1:ba:eb:5b:95:28:2f:58:35:ba:58:49:ca:
         ff:ab:bd:ba:7e:04:85:27:5b:f3:73:40:c7:40:d1:dc:c8:a4:
         e6:62:65:d6:ec:3b:6c:0f:a9:97:8d:98:37:5b:4b:23:2c:2b:
         60:d3:bb:b9:c7:1a:c6:60:e4:36:38:dd:3e:9d:e4:5f:27:9f:
         e4:de:82:f9:3a:6f:c7:de:77:7a:e8:d5:26:ad:6d:05:f2:75:
         a6:c5:d8:5d:0c:c1:0a:14:9a:1e:29:9e:2b:46:ac:17:e3:3d:
         cb:0c:64:16:f1:15:04:d1:bf:0b:b7:0b:8c:4f:91:4e:c1:01:
         dd:1a:59:e2:3e:71:1b:ac:66:de:92:7f:05:7e:a8:d6:e2:da:
         14:3d:c2:bc:dc:6b:05:f4:e8:19:6f:c7:3b:cd:43:47:be:ca:
         b7:1a:f8:d0:cf:d8:3a:d7:4e:36:56:83:c6:c4:53:fd:85:e3:
         17:76:01:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76swDYZTFt+p/Ib05kaMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjUxMDE5MTAwMTMyWhcNMjUxMDIwMTAwMTMyWjAzMTEwLwYDVQQD
EyhhMDBhOTY0Zjg0MGVjNzJmMTM3NjQ0ZTk0YWJiZDQ2NmU2MDZmZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsopaY/ocMV87lrEe+xC7dDEGDJMR
oXZ2+hnvZs+D9OvQedMO3P800wsklO5/NXYj7QS/LBqHGuS990dA2Xo7rfgrgxKT
zCNUhzNnHp/85v8aXRIKDzx/7dgIOX2GQMjE3MOQhQwrF1zO1IE6uym6hNALVNow
fHXIhdIrINguf7jIuql1z+NhS8EUnJSErDnt0JZRymNCqKcVIjOnaHEYfyqnWzTG
V5nQYUzy3pXYeMmi9ldg8UcWNaK3oPPuA8vIWzxx63GR3h8ykCL5NsYrQLe1q0eI
OBiP7wqvAx0pwNc7tkCQy+0FTKnB5irQgdnF39bG51wdQo31QReu8Qof6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAKlk+EDscvE3ZE6Uq71GbmBv8/MB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABHXIrQDw
mzkfHchH4VGgSh2J15bhvgjvCMPxDE50DvD4ai51pfWOxzpLu/AINbyc8ZphYwGR
zTc/05p2CVnpR9TtuiRomTR1e7LEU0HxuutblSgvWDW6WEnK/6u9un4EhSdb83NA
x0DR3Mik5mJl1uw7bA+pl42YN1tLIywrYNO7uccaxmDkNjjdPp3kXyef5N6C+Tpv
x953eujVJq1tBfJ1psXYXQzBChSaHimeK0asF+M9ywxkFvEVBNG/C7cLjE+RTsEB
3RpZ4j5xG6xm3pJ/BX6o1uLaFD3CvNxrBfToGW/HO81DR77Ktxr40M/YOtdONlaD
xsRT/YXjF3YBqw==
-----END CERTIFICATE-----