Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
File:                     Vu9y3nfRt-K0RwW2y85jlCHam-8.mft (raw, json)
Hash identifier:          s8KWMOTmGzjT6E3LPbefVCrwPPiRYz9oPiohg4NqpTU=
Subject key identifier:   28:77:FE:BC:DE:44:DC:AD:2B:46:63:A9:07:8B:80:E7:06:C7:3F:66
Authority key identifier: 56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF
Certificate issuer:       /CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
Certificate serial:       019D38D3845F0C06F6F675201415B9879FDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
Manifest number:          06D1
Signing time:             Sun 29 Mar 2026 09:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:19 +0000
Files and hashes:         1: Vu9y3nfRt-K0RwW2y85jlCHam-8.crl (hash: 696+h6WHadb1L+t56yv1+gX83zhzL7AT8pRBXydwnlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:84:5f:0c:06:f6:f6:75:20:14:15:b9:87:9f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
        Validity
            Not Before: Mar 29 09:01:19 2026 GMT
            Not After : Mar 30 09:01:19 2026 GMT
        Subject: CN=2877febcde44dcad2b4663a9078b80e706c73f66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:02:cb:21:12:77:3f:97:26:66:e3:35:f3:56:
                    1c:02:bc:65:42:7e:f0:75:fe:9d:80:f2:4f:f7:69:
                    97:6f:97:a7:13:71:c2:81:c9:ef:f8:30:01:ec:ee:
                    4d:41:cc:22:d6:88:59:46:81:c6:c1:4a:06:d6:41:
                    87:47:63:af:23:4f:b3:82:32:f7:65:5a:0a:a6:b8:
                    e4:55:42:50:85:b3:ad:f5:b3:cc:03:5c:56:a0:a2:
                    71:0c:6f:d4:81:1d:0a:ac:9c:9d:60:b5:d2:ea:04:
                    d9:6a:d5:74:71:9d:b6:17:b8:a8:2a:c4:55:f5:60:
                    3c:6e:90:9f:c9:22:0c:e7:59:85:2a:70:fd:a1:d1:
                    d9:3c:1d:af:fa:15:8f:45:6b:9e:fd:f8:00:96:f7:
                    24:0f:34:8b:9e:aa:8c:68:b3:bc:ea:d4:b0:26:1a:
                    eb:b2:37:7f:e3:cb:03:cd:71:51:4d:ac:26:01:e8:
                    a8:0f:10:64:4f:6f:96:08:65:27:10:1a:21:15:59:
                    5f:90:88:3f:9b:74:30:34:42:c9:e4:fa:a6:04:a3:
                    78:75:ac:5c:3a:88:6a:98:a8:28:d9:13:75:14:ae:
                    75:de:2f:c2:21:0e:82:a6:aa:21:1b:05:72:db:20:
                    ea:7e:44:5b:3d:1b:d0:d3:75:ce:b3:7f:0e:bf:71:
                    d7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:77:FE:BC:DE:44:DC:AD:2B:46:63:A9:07:8B:80:E7:06:C7:3F:66
            X509v3 Authority Key Identifier:
                keyid:56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:ee:64:55:c7:5e:88:a4:56:9e:eb:c9:a6:2f:8a:1c:7d:52:
         36:4d:f1:06:4a:17:62:eb:a0:c1:c6:c9:ff:bf:bd:88:11:f4:
         1f:30:d8:aa:4c:b1:38:e1:f6:0a:d3:23:f5:f9:90:68:a4:04:
         07:f2:4e:7f:29:b2:00:e0:3b:80:18:a2:91:b2:22:41:36:56:
         4b:aa:d9:fc:82:35:59:f2:76:0a:d9:10:59:9d:c0:a4:50:2b:
         d3:23:15:43:a5:83:cb:d1:fd:65:10:8f:64:cd:aa:4a:ec:8d:
         5d:15:96:1a:25:49:5f:05:9d:ca:e2:ed:22:21:f4:53:40:01:
         bd:52:0e:54:b4:cf:3c:8d:35:64:35:b3:fe:b8:b8:03:92:a8:
         40:f0:dc:4c:54:af:74:b9:e8:60:53:24:83:41:55:3d:d1:79:
         67:dd:0d:21:40:0c:38:4f:35:a4:b2:00:78:6c:74:e7:14:f0:
         9f:24:64:39:a2:1c:d8:17:03:af:0c:eb:6c:9c:d6:c5:6e:a8:
         51:1e:02:e4:c8:33:6b:cc:31:29:25:05:33:a8:3b:e0:aa:40:
         a5:b4:cc:6d:87:f2:c8:4e:69:14:a3:8f:e7:80:8f:02:55:d0:
         8f:31:fe:20:8a:4f:c3:9b:4b:2b:bc:75:2f:fd:15:97:33:02:
         69:93:dd:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404RfDAb29nUgFBW5h5/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZWY3MmRlNzdkMWI3ZTJiNDQ3MDViNmNiY2U2Mzk0MjFk
YTliZWYwHhcNMjYwMzI5MDkwMTE5WhcNMjYwMzMwMDkwMTE5WjAzMTEwLwYDVQQD
EygyODc3ZmViY2RlNDRkY2FkMmI0NjYzYTkwNzhiODBlNzA2YzczZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzALLIRJ3P5cmZuM181YcArxlQn7w
df6dgPJP92mXb5enE3HCgcnv+DAB7O5NQcwi1ohZRoHGwUoG1kGHR2OvI0+zgjL3
ZVoKprjkVUJQhbOt9bPMA1xWoKJxDG/UgR0KrJydYLXS6gTZatV0cZ22F7ioKsRV
9WA8bpCfySIM51mFKnD9odHZPB2v+hWPRWue/fgAlvckDzSLnqqMaLO86tSwJhrr
sjd/48sDzXFRTawmAeioDxBkT2+WCGUnEBohFVlfkIg/m3QwNELJ5PqmBKN4daxc
OohqmKgo2RN1FK513i/CIQ6CpqohGwVy2yDqfkRbPRvQ03XOs38Ov3HXeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCh3/rzeRNytK0ZjqQeLgOcGxz9mMB8GA1UdIwQY
MBaAFFbvct530bfitEcFtsvOY5Qh2pvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjkt
NGY2NTZmMjlhNTFiLzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjktNGY2NTZmMjlhNTFi
LzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiu5kVcde
iKRWnuvJpi+KHH1SNk3xBkoXYuugwcbJ/7+9iBH0HzDYqkyxOOH2CtMj9fmQaKQE
B/JOfymyAOA7gBiikbIiQTZWS6rZ/II1WfJ2CtkQWZ3ApFAr0yMVQ6WDy9H9ZRCP
ZM2qSuyNXRWWGiVJXwWdyuLtIiH0U0ABvVIOVLTPPI01ZDWz/ri4A5KoQPDcTFSv
dLnoYFMkg0FVPdF5Z90NIUAMOE81pLIAeGx05xTwnyRkOaIc2BcDrwzrbJzWxW6o
UR4C5Mgza8wxKSUFM6g74KpApbTMbYfyyE5pFKOP54CPAlXQjzH+IIpPw5tLK7x1
L/0VlzMCaZPdvw==
-----END CERTIFICATE-----