Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
File:                     bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json)
Hash identifier:          A80eCkXc0NQEYoklTYdfBMmQddOd+LoLJp42V2Y9t5o=
Subject key identifier:   3F:9E:BA:3B:ED:51:75:0D:CD:DA:40:75:7E:95:BD:76:46:7E:24:8C
Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C
Certificate issuer:       /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
Certificate serial:       019D28F2D136EE3B3108E9590CBC319DE613
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
Manifest number:          06A6
Signing time:             Thu 26 Mar 2026 07:01:35 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:35 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:35 +0000
Files and hashes:         1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: BRdrUKOOGMTkphPXiN4OwviZddviUy0pNT75+FU7ky0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:d1:36:ee:3b:31:08:e9:59:0c:bc:31:9d:e6:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
        Validity
            Not Before: Mar 26 07:01:35 2026 GMT
            Not After : Mar 27 07:01:35 2026 GMT
        Subject: CN=3f9eba3bed51750dcdda40757e95bd76467e248c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b4:77:01:cc:32:47:b4:d0:9c:43:9a:05:b6:
                    3f:1e:a2:65:61:f0:92:a6:1a:04:86:ec:64:90:06:
                    08:68:52:12:92:20:f9:3c:ef:a2:72:f2:f8:5f:91:
                    ea:9c:08:d8:a4:0b:27:ca:e3:07:62:a3:76:6f:47:
                    b1:41:2b:cd:2d:8b:bc:a0:9e:25:bd:b9:e9:a8:75:
                    d7:a8:82:41:13:38:7a:f2:0f:6f:cd:92:8d:18:c4:
                    30:f9:71:10:d4:5d:39:7e:17:aa:24:0d:93:b1:8e:
                    93:12:f5:dc:f1:06:0a:b2:95:4c:04:29:14:b5:42:
                    e7:13:5d:24:a8:7e:ca:7e:83:d3:6e:ce:71:a8:ac:
                    d8:8b:ef:66:12:6a:33:67:7b:96:77:eb:e6:c9:91:
                    b0:dd:21:a8:ad:ea:d8:d1:8f:38:19:1d:45:be:ab:
                    0e:9e:a4:10:a7:c1:88:21:26:fd:96:12:29:66:33:
                    c3:7d:24:7e:6e:c1:46:a2:eb:bd:d4:f0:a7:07:f0:
                    0e:1d:f5:71:16:16:5a:be:31:2e:83:db:30:cb:d2:
                    91:ba:3e:dd:23:4d:e1:c1:a5:a4:67:f8:13:ef:13:
                    e3:35:dd:c3:e1:ac:e5:01:50:33:89:24:ec:2b:31:
                    60:b5:37:1e:42:28:7a:28:a3:85:fb:21:fa:0d:34:
                    5a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9E:BA:3B:ED:51:75:0D:CD:DA:40:75:7E:95:BD:76:46:7E:24:8C
            X509v3 Authority Key Identifier:
                keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:1d:4b:23:0e:ad:8f:a2:b1:fd:67:14:7f:d8:88:0e:29:cd:
         d9:99:ab:3c:a0:1f:28:af:31:89:60:d7:78:8b:bc:57:e1:d5:
         ee:15:24:84:7c:31:b2:37:31:f4:79:d4:34:1e:25:48:15:9d:
         b8:6d:85:48:e9:f0:67:51:51:6d:5e:94:ca:96:37:4e:8d:25:
         13:8e:62:92:07:8c:be:2d:c4:d0:39:08:e6:6c:70:29:f7:83:
         85:34:d6:44:19:ca:1a:11:a0:58:1a:56:0f:d1:ed:a3:f1:9f:
         31:1e:51:bb:fb:d1:a4:8c:ca:28:37:74:81:d8:b4:46:f2:9e:
         cf:5f:f1:52:c1:36:3a:35:39:e2:7f:f5:e7:65:8d:ed:76:0f:
         d5:6f:a8:09:2c:1a:84:fd:fb:29:6d:38:99:96:a0:86:f4:0e:
         78:9d:eb:28:c9:84:5a:76:9e:0c:47:26:c2:e7:bb:e7:a9:3c:
         c2:96:a1:b8:0e:66:79:72:de:2e:bb:3a:40:30:03:4c:c6:52:
         f0:88:51:3b:b1:e3:9d:37:b2:27:e1:94:80:b8:7a:31:a1:51:
         cc:09:2d:6b:1a:2f:3d:ea:fa:c3:6d:87:24:93:9b:f8:e3:c0:
         09:37:00:ec:2a:51:97:6a:98:47:b6:19:9d:76:75:27:34:ad:
         e4:d4:d7:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8tE27jsxCOlZDLwxneYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0
MmRmMWMwHhcNMjYwMzI2MDcwMTM1WhcNMjYwMzI3MDcwMTM1WjAzMTEwLwYDVQQD
EygzZjllYmEzYmVkNTE3NTBkY2RkYTQwNzU3ZTk1YmQ3NjQ2N2UyNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLR3AcwyR7TQnEOaBbY/HqJlYfCS
phoEhuxkkAYIaFISkiD5PO+icvL4X5HqnAjYpAsnyuMHYqN2b0exQSvNLYu8oJ4l
vbnpqHXXqIJBEzh68g9vzZKNGMQw+XEQ1F05fheqJA2TsY6TEvXc8QYKspVMBCkU
tULnE10kqH7KfoPTbs5xqKzYi+9mEmozZ3uWd+vmyZGw3SGorerY0Y84GR1FvqsO
nqQQp8GIISb9lhIpZjPDfSR+bsFGouu91PCnB/AOHfVxFhZavjEug9swy9KRuj7d
I03hwaWkZ/gT7xPjNd3D4azlAVAziSTsKzFgtTceQih6KKOF+yH6DTRaywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+eujvtUXUNzdpAdX6VvXZGfiSMMB8GA1UdIwQY
MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt
MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0
LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyR1LIw6t
j6Kx/WcUf9iIDinN2ZmrPKAfKK8xiWDXeIu8V+HV7hUkhHwxsjcx9HnUNB4lSBWd
uG2FSOnwZ1FRbV6UypY3To0lE45ikgeMvi3E0DkI5mxwKfeDhTTWRBnKGhGgWBpW
D9Hto/GfMR5Ru/vRpIzKKDd0gdi0RvKez1/xUsE2OjU54n/152WN7XYP1W+oCSwa
hP37KW04mZaghvQOeJ3rKMmEWnaeDEcmwue756k8wpahuA5meXLeLrs6QDADTMZS
8IhRO7HjnTeyJ+GUgLh6MaFRzAktaxovPer6w22HJJOb+OPACTcA7CpRl2qYR7YZ
nXZ1JzSt5NTXFw==
-----END CERTIFICATE-----