Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          ipW1hRjhvAMpYMGa9ri4OSlMyLYcKmOHz3pRHgRpUgY=
Subject key identifier:   F6:65:55:0F:82:C0:E5:D9:77:09:3E:95:89:72:3C:D9:82:F4:92:F3
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       019D39412187109BFF577F6865E73FB08C44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          181D
Signing time:             Sun 29 Mar 2026 11:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:02 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: UQ9ECVbkZPXv9Uq6z3/PnaEfrM7h9Q0WnLcCuzecVxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:21:87:10:9b:ff:57:7f:68:65:e7:3f:b0:8c:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Mar 29 11:01:02 2026 GMT
            Not After : Mar 30 11:01:02 2026 GMT
        Subject: CN=f665550f82c0e5d977093e9589723cd982f492f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:da:3a:1d:b8:b4:d5:11:f5:14:d5:09:5a:43:
                    6e:bb:65:34:a7:8d:0a:17:51:f5:c2:2b:d1:8e:8d:
                    f5:2c:fd:e8:40:9f:7d:1b:93:e6:34:0b:13:ee:4f:
                    44:f1:95:ed:2e:5f:1c:cb:d9:62:de:01:52:89:a2:
                    9a:a7:1a:ee:07:4f:81:82:0e:4a:85:c5:99:83:ef:
                    da:2c:44:d5:13:0d:59:30:e3:d7:cc:d2:db:7a:84:
                    62:c9:f2:76:8a:4f:67:4b:cc:7f:29:a0:ed:aa:9d:
                    97:89:49:2a:70:41:c0:56:23:01:10:74:29:62:03:
                    e7:c7:76:95:d0:04:ac:4a:b9:b4:ab:82:da:a3:25:
                    c4:3e:65:24:c1:3c:eb:35:77:b5:6c:78:e3:56:d2:
                    84:ee:e4:65:ce:6c:91:4c:9c:03:c7:71:de:bf:e3:
                    3d:cd:97:4d:d2:a0:11:17:6c:93:9b:14:75:57:40:
                    ad:80:d0:b9:20:6e:c9:70:19:75:9e:0d:7c:c7:5c:
                    20:13:a3:c5:fe:f1:40:e5:1e:f8:8c:93:bd:9f:29:
                    3d:87:7f:c1:2d:a3:d7:b8:7c:4a:10:b9:e4:fc:dd:
                    7b:73:ef:5b:f1:44:6f:18:c7:65:ec:a7:86:d5:e6:
                    0a:3a:9c:2f:26:03:dd:a9:20:46:03:a6:86:e8:ec:
                    39:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:65:55:0F:82:C0:E5:D9:77:09:3E:95:89:72:3C:D9:82:F4:92:F3
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:37:41:4c:ae:a3:3a:4d:14:13:da:41:3a:cd:bc:87:64:9a:
         1c:02:a1:17:43:29:54:e9:c6:6b:dc:53:9c:d4:ba:df:3d:19:
         a5:09:07:ac:96:3b:47:f6:0c:c6:9d:36:77:74:33:7e:3e:09:
         c1:da:3f:44:2f:e8:34:11:fd:60:4e:ed:81:ea:e0:1b:0e:42:
         a4:c8:8d:51:e1:19:a6:4c:60:43:b4:55:8d:72:8b:91:d3:b0:
         01:b2:51:e9:23:18:fa:42:33:1c:51:ad:f3:ce:e9:1f:bb:8a:
         1b:da:e2:17:ae:2c:83:36:3d:f3:c2:3f:d3:2d:b0:d1:1f:e0:
         8f:bf:d3:2f:20:da:3a:6f:cd:6d:3e:c4:94:ae:4a:24:42:9a:
         c2:a1:0d:ca:82:4a:e0:79:fa:bc:e2:7f:be:49:73:73:79:2e:
         89:9b:70:5f:a5:32:41:a1:c5:d8:7c:9a:70:44:c7:26:49:0d:
         f7:19:95:5b:16:09:96:78:0f:39:f3:2b:46:69:69:cc:b6:bb:
         77:a7:a6:13:42:11:bf:a3:79:87:18:a4:94:d9:4e:40:86:da:
         6f:ad:7e:27:06:1b:29:cc:30:43:6f:3d:89:26:b9:24:f2:5b:
         4c:ac:0b:09:bd:ac:b0:b6:42:e0:fd:db:8e:99:e9:ae:8a:35:
         9f:0c:e7:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSGHEJv/V39oZec/sIxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjYwMzI5MTEwMTAyWhcNMjYwMzMwMTEwMTAyWjAzMTEwLwYDVQQD
EyhmNjY1NTUwZjgyYzBlNWQ5NzcwOTNlOTU4OTcyM2NkOTgyZjQ5MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyto6Hbi01RH1FNUJWkNuu2U0p40K
F1H1wivRjo31LP3oQJ99G5PmNAsT7k9E8ZXtLl8cy9li3gFSiaKapxruB0+Bgg5K
hcWZg+/aLETVEw1ZMOPXzNLbeoRiyfJ2ik9nS8x/KaDtqp2XiUkqcEHAViMBEHQp
YgPnx3aV0ASsSrm0q4LaoyXEPmUkwTzrNXe1bHjjVtKE7uRlzmyRTJwDx3Hev+M9
zZdN0qARF2yTmxR1V0CtgNC5IG7JcBl1ng18x1wgE6PF/vFA5R74jJO9nyk9h3/B
LaPXuHxKELnk/N17c+9b8URvGMdl7KeG1eYKOpwvJgPdqSBGA6aG6Ow5vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZlVQ+CwOXZdwk+lYlyPNmC9JLzMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQjdBTK6j
Ok0UE9pBOs28h2SaHAKhF0MpVOnGa9xTnNS63z0ZpQkHrJY7R/YMxp02d3Qzfj4J
wdo/RC/oNBH9YE7tgergGw5CpMiNUeEZpkxgQ7RVjXKLkdOwAbJR6SMY+kIzHFGt
887pH7uKG9riF64sgzY988I/0y2w0R/gj7/TLyDaOm/NbT7ElK5KJEKawqENyoJK
4Hn6vOJ/vklzc3kuiZtwX6UyQaHF2HyacETHJkkN9xmVWxYJlngPOfMrRmlpzLa7
d6emE0IRv6N5hxiklNlOQIbab61+JwYbKcwwQ289iSa5JPJbTKwLCb2ssLZC4P3b
jpnproo1nwznDA==
-----END CERTIFICATE-----