Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
File:                     _VnTVh_4rdtfGww2o90laLdMpRU.mft (raw, json)
Hash identifier:          0TTcTjCVzle45R6R04/7dB06zNRcvRPqDmkAGt/863A=
Subject key identifier:   40:39:FA:13:73:DC:52:FD:F7:E3:76:03:A7:A4:DA:51:D7:BC:21:17
Authority key identifier: FD:59:D3:56:1F:F8:AD:DB:5F:1B:0C:36:A3:DD:25:68:B7:4C:A5:15
Certificate issuer:       /CN=fd59d3561ff8addb5f1b0c36a3dd2568b74ca515
Certificate serial:       019D390A0C76DA246A4649016F379D2DE1CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
Manifest number:          0D72
Signing time:             Sun 29 Mar 2026 10:00:52 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:52 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:52 +0000
Files and hashes:         1: _VnTVh_4rdtfGww2o90laLdMpRU.crl (hash: iefmgmuNSfC/YP/vwDwiECzh3Xr6HJop0yhjK4i9CdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:0c:76:da:24:6a:46:49:01:6f:37:9d:2d:e1:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd59d3561ff8addb5f1b0c36a3dd2568b74ca515
        Validity
            Not Before: Mar 29 10:00:52 2026 GMT
            Not After : Mar 30 10:00:52 2026 GMT
        Subject: CN=4039fa1373dc52fdf7e37603a7a4da51d7bc2117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:dd:29:e3:ab:d7:eb:3f:ce:9b:06:6e:2b:77:
                    71:e0:5b:cf:a6:78:5c:68:90:6f:32:f8:53:ee:fe:
                    b7:de:8a:40:f7:5a:52:d1:ab:0c:7c:5f:57:ae:4c:
                    9d:3a:12:43:a4:be:5b:f8:89:72:f1:8f:6b:b0:03:
                    0e:a1:7c:2c:99:04:95:8c:d1:6c:fa:db:1f:77:5e:
                    63:d1:a2:0f:39:2d:d1:b1:ac:38:40:74:26:bb:66:
                    27:3f:6f:35:b4:2d:8b:bf:21:03:03:9b:5a:3a:f3:
                    13:b0:7d:d3:d8:6d:7e:92:36:96:f0:88:d7:5c:62:
                    07:ee:f6:41:1f:02:d3:b0:c2:bb:82:3f:86:88:52:
                    59:9f:63:3f:d1:1d:47:78:eb:bf:56:b3:88:41:08:
                    a6:79:7e:59:f5:8c:33:10:f6:7e:30:b5:84:70:8c:
                    e6:54:27:3f:b9:4b:90:0c:4f:2a:6f:22:4f:92:ca:
                    61:57:bc:e9:85:85:3d:74:2e:1f:4c:0a:61:e9:b3:
                    b2:9a:f3:65:d9:83:1d:ff:a1:84:e9:13:50:db:68:
                    58:5d:06:65:97:74:ab:70:3e:14:7c:79:45:32:bb:
                    ec:63:0a:2e:ed:87:96:56:61:c6:e9:ea:38:56:d1:
                    df:a5:0a:d4:35:7e:5e:e2:da:b8:ed:a2:39:88:a6:
                    47:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:39:FA:13:73:DC:52:FD:F7:E3:76:03:A7:A4:DA:51:D7:BC:21:17
            X509v3 Authority Key Identifier:
                keyid:FD:59:D3:56:1F:F8:AD:DB:5F:1B:0C:36:A3:DD:25:68:B7:4C:A5:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:30:70:d9:f6:98:20:d4:10:36:49:8b:d0:56:bc:06:ce:05:
         79:1e:40:fa:14:a4:4f:cc:82:d5:01:60:f6:db:49:90:86:da:
         77:b5:53:27:2f:14:13:24:5b:d5:84:bd:d6:7d:2d:96:54:23:
         d3:e4:a6:0c:b0:b9:d1:c7:62:c2:8a:35:f5:2f:68:33:63:cd:
         f1:b4:27:80:bb:f8:d8:c3:26:6e:e1:aa:74:12:9d:50:a8:d0:
         7e:eb:de:87:c6:8d:4a:94:df:07:4a:ad:51:bd:ad:1e:61:df:
         d2:bf:7d:49:34:58:5e:ad:22:59:3d:c0:f4:d6:d7:f8:a4:d8:
         58:b9:fd:87:94:5f:d3:fb:c6:bd:a8:38:21:34:88:aa:1e:5b:
         52:c6:09:41:18:6e:8f:6a:70:59:e1:ba:c8:96:96:d9:fa:05:
         d7:1d:ab:03:44:46:79:ab:80:72:bf:1c:6e:65:8b:89:ef:56:
         3f:de:ae:fb:48:a3:34:be:93:49:bc:4f:61:10:e1:57:73:d1:
         60:2b:59:54:cc:81:bd:db:44:fc:82:f9:85:43:1c:a2:4e:90:
         d4:0c:6f:01:be:ad:e3:54:80:8f:61:5f:e5:d4:6f:70:70:74:
         f0:6f:49:5f:6f:6d:88:f9:0e:c7:28:d3:ae:86:d6:40:6d:6e:
         ff:e2:63:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cgx22iRqRkkBbzedLeHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNTlkMzU2MWZmOGFkZGI1ZjFiMGMzNmEzZGQyNTY4Yjc0
Y2E1MTUwHhcNMjYwMzI5MTAwMDUyWhcNMjYwMzMwMTAwMDUyWjAzMTEwLwYDVQQD
Eyg0MDM5ZmExMzczZGM1MmZkZjdlMzc2MDNhN2E0ZGE1MWQ3YmMyMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt0p46vX6z/OmwZuK3dx4FvPpnhc
aJBvMvhT7v633opA91pS0asMfF9XrkydOhJDpL5b+Ily8Y9rsAMOoXwsmQSVjNFs
+tsfd15j0aIPOS3Rsaw4QHQmu2YnP281tC2LvyEDA5taOvMTsH3T2G1+kjaW8IjX
XGIH7vZBHwLTsMK7gj+GiFJZn2M/0R1HeOu/VrOIQQimeX5Z9YwzEPZ+MLWEcIzm
VCc/uUuQDE8qbyJPksphV7zphYU9dC4fTAph6bOymvNl2YMd/6GE6RNQ22hYXQZl
l3SrcD4UfHlFMrvsYwou7YeWVmHG6eo4VtHfpQrUNX5e4tq47aI5iKZHJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEA5+hNz3FL99+N2A6ek2lHXvCEXMB8GA1UdIwQY
MBaAFP1Z01Yf+K3bXxsMNqPdJWi3TKUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hZjJiMzYtNmU4Yi00NjAxLWIwNzQt
ZDYxMmEyMWViZWFlLzEvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hZjJiMzYtNmU4Yi00NjAxLWIwNzQtZDYxMmEyMWViZWFl
LzEvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDBw2faY
INQQNkmL0Fa8Bs4FeR5A+hSkT8yC1QFg9ttJkIbad7VTJy8UEyRb1YS91n0tllQj
0+SmDLC50cdiwoo19S9oM2PN8bQngLv42MMmbuGqdBKdUKjQfuveh8aNSpTfB0qt
Ub2tHmHf0r99STRYXq0iWT3A9NbX+KTYWLn9h5Rf0/vGvag4ITSIqh5bUsYJQRhu
j2pwWeG6yJaW2foF1x2rA0RGeauAcr8cbmWLie9WP96u+0ijNL6TSbxPYRDhV3PR
YCtZVMyBvdtE/IL5hUMcok6Q1AxvAb6t41SAj2Ff5dRvcHB08G9JX29tiPkOxyjT
robWQG1u/+JjAg==
-----END CERTIFICATE-----