Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
File:                     bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json)
Hash identifier:          re6doborXlwUblS1rcdG6EoJz9UPVGWWN9N1MSuzp6E=
Subject key identifier:   0F:4D:02:72:3C:E1:F0:45:53:A6:3D:56:84:BF:B9:64:33:37:15:BC
Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C
Certificate issuer:       /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
Certificate serial:       0199FBEC151C6D421B270B174FA1F1C246B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
Manifest number:          0501
Signing time:             Sun 19 Oct 2025 10:02:57 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:57 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:57 +0000
Files and hashes:         1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: 3IxjoSKeu9P9Bhkb/7NcJiXPsgViHKLU/z45ZgZFc1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:15:1c:6d:42:1b:27:0b:17:4f:a1:f1:c2:46:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
        Validity
            Not Before: Oct 19 10:02:57 2025 GMT
            Not After : Oct 20 10:02:57 2025 GMT
        Subject: CN=0f4d02723ce1f04553a63d5684bfb964333715bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:10:c4:27:94:da:e0:67:77:7e:18:c2:01:9b:
                    0a:e4:16:4e:ff:4a:a0:97:95:97:6b:f0:e1:b8:b6:
                    43:7e:40:37:49:bb:f3:ab:32:0b:24:a4:78:21:63:
                    f8:a8:16:c7:0a:ab:d7:0c:29:b3:b8:0f:bc:72:1a:
                    88:0c:95:e3:08:c1:5b:5b:e9:93:14:af:7f:d3:12:
                    bb:ec:34:cf:93:18:3e:35:ff:63:46:8c:ce:a1:6a:
                    19:f6:46:01:da:69:58:97:0f:c6:2f:0e:db:57:a4:
                    04:c1:ea:87:b2:bb:f2:fd:56:d2:b8:8c:2a:b0:ed:
                    d9:07:61:59:8a:e5:91:3d:e2:9b:fd:1e:c2:e1:6d:
                    33:a3:15:72:b2:cd:e9:45:d6:db:02:76:4a:6f:ae:
                    eb:bd:c8:d4:75:3b:d3:d0:b5:fe:5a:a1:9b:79:7a:
                    30:c5:32:2a:1f:e7:78:fc:45:94:44:e6:c7:1b:df:
                    81:b0:5d:b2:31:88:91:dc:43:cd:0f:56:7d:56:92:
                    12:53:2f:74:1c:ed:f4:1f:40:2f:5b:13:90:b0:2b:
                    a1:66:e2:96:59:1b:b9:b1:42:6d:41:00:bb:6a:af:
                    ff:6e:fd:fa:54:28:f3:35:4f:a3:a5:c8:90:f7:5a:
                    c6:5c:91:c5:fc:ab:a8:20:40:15:45:4c:49:64:bc:
                    cf:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:4D:02:72:3C:E1:F0:45:53:A6:3D:56:84:BF:B9:64:33:37:15:BC
            X509v3 Authority Key Identifier:
                keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:74:e1:6e:43:2e:27:fa:e9:76:73:42:62:a5:ee:09:5f:cd:
         93:1d:91:b1:bd:50:2d:f1:bb:f1:82:cc:ab:90:d3:e1:01:a2:
         1c:47:fd:a3:38:41:9f:2e:2c:a0:14:10:1e:af:79:cf:e1:2a:
         17:fc:bb:01:2c:d1:7e:a1:59:57:0c:84:64:59:8b:96:63:e6:
         ca:2c:35:12:a1:38:f8:4f:a9:2a:51:60:62:61:12:97:9e:63:
         15:c4:1f:c0:29:57:bb:ce:bf:30:9c:2b:a0:f9:46:95:51:33:
         ce:7f:73:e5:94:2f:02:86:6f:c5:9e:90:5d:2e:9d:96:4d:a9:
         a1:22:8e:98:a3:87:93:a9:17:84:27:db:98:df:ae:fa:7f:d5:
         24:78:2d:7f:6b:51:6c:30:a6:cf:44:84:dd:f6:68:d2:8c:a5:
         c6:fe:b3:17:49:f3:31:27:da:3f:07:bf:5b:c6:00:e1:34:c8:
         c8:fc:68:e3:05:47:3b:f1:7e:e6:2c:65:21:4c:64:9c:3a:14:
         5a:cd:9f:5a:87:a8:04:5d:bd:a8:67:0b:75:68:db:0b:99:27:
         ce:81:26:ac:5b:25:13:88:e1:de:18:3c:5d:68:6d:f4:6b:c6:
         a3:0d:a9:62:29:d0:f0:e6:46:25:0a:44:2c:30:4d:bd:d1:71:
         1e:c1:cb:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77BUcbUIbJwsXT6Hxwka0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0
MmRmMWMwHhcNMjUxMDE5MTAwMjU3WhcNMjUxMDIwMTAwMjU3WjAzMTEwLwYDVQQD
EygwZjRkMDI3MjNjZTFmMDQ1NTNhNjNkNTY4NGJmYjk2NDMzMzcxNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhDEJ5Ta4Gd3fhjCAZsK5BZO/0qg
l5WXa/DhuLZDfkA3SbvzqzILJKR4IWP4qBbHCqvXDCmzuA+8chqIDJXjCMFbW+mT
FK9/0xK77DTPkxg+Nf9jRozOoWoZ9kYB2mlYlw/GLw7bV6QEweqHsrvy/VbSuIwq
sO3ZB2FZiuWRPeKb/R7C4W0zoxVyss3pRdbbAnZKb67rvcjUdTvT0LX+WqGbeXow
xTIqH+d4/EWURObHG9+BsF2yMYiR3EPND1Z9VpISUy90HO30H0AvWxOQsCuhZuKW
WRu5sUJtQQC7aq//bv36VCjzNU+jpciQ91rGXJHF/KuoIEAVRUxJZLzPtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9NAnI84fBFU6Y9VoS/uWQzNxW8MB8GA1UdIwQY
MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt
MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0
LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3ThbkMu
J/rpdnNCYqXuCV/Nkx2Rsb1QLfG78YLMq5DT4QGiHEf9ozhBny4soBQQHq95z+Eq
F/y7ASzRfqFZVwyEZFmLlmPmyiw1EqE4+E+pKlFgYmESl55jFcQfwClXu86/MJwr
oPlGlVEzzn9z5ZQvAoZvxZ6QXS6dlk2poSKOmKOHk6kXhCfbmN+u+n/VJHgtf2tR
bDCmz0SE3fZo0oylxv6zF0nzMSfaPwe/W8YA4TTIyPxo4wVHO/F+5ixlIUxknDoU
Ws2fWoeoBF29qGcLdWjbC5knzoEmrFslE4jh3hg8XWht9GvGow2pYinQ8OZGJQpE
LDBNvdFxHsHLHA==
-----END CERTIFICATE-----