Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          mvtd9OmiyOkY+jomHQ8DJ7v33KRauJuuzmBzr9+vxN8=
Subject key identifier:   6D:5A:22:E9:DB:D2:3C:7B:B4:04:84:FC:FA:20:CC:D0:59:41:BE:24
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019D39AEECA0612B2BE4A96168FABB52FACC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          0C1A
Signing time:             Sun 29 Mar 2026 13:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:58 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: xKLkO7jWdpGuIB5D74E3h6m5S4kBlqtekzdaK+1W+uo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:ec:a0:61:2b:2b:e4:a9:61:68:fa:bb:52:fa:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Mar 29 13:00:58 2026 GMT
            Not After : Mar 30 13:00:58 2026 GMT
        Subject: CN=6d5a22e9dbd23c7bb40484fcfa20ccd05941be24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8a:8f:18:65:c8:71:34:87:cd:f3:fc:d0:70:
                    6a:8d:58:fa:d0:1f:4b:e7:dd:00:2c:82:bd:62:26:
                    c3:44:54:6e:5b:f9:72:ec:dd:6a:b8:fd:e5:26:6c:
                    fa:da:3f:16:e2:39:08:fd:02:d4:b4:b1:3a:88:71:
                    fb:00:41:07:78:4d:e6:e7:4a:54:39:24:c6:a4:40:
                    9e:27:1c:54:81:d2:63:32:4d:3c:bb:ae:d5:7d:6b:
                    3c:d5:0d:56:14:25:be:a0:bb:d0:7a:83:1a:64:47:
                    0d:62:97:ca:a7:64:d7:48:f3:50:b6:ee:b9:63:64:
                    a2:36:20:80:5c:16:3a:5d:25:43:39:60:8c:f7:1e:
                    f0:fe:fc:15:f6:97:26:59:a7:5c:cf:ee:b2:60:92:
                    f9:64:8c:f2:04:5d:5e:9c:c1:b8:ad:60:3c:a9:cc:
                    71:c7:fe:cf:1f:99:9f:74:eb:fd:ff:f0:62:cf:bb:
                    90:4d:76:20:dd:ec:e0:cf:95:10:5f:cd:dd:32:75:
                    db:4a:12:8d:54:95:c7:ba:ef:24:37:ce:52:01:2d:
                    39:da:5d:c5:7e:0a:49:a7:a2:61:35:6c:4b:e0:1e:
                    f4:50:24:7d:80:fe:71:f3:9f:26:1d:1a:3a:42:ad:
                    5a:53:7c:a0:27:fc:18:50:8a:2c:bb:cd:b8:b5:e7:
                    51:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:5A:22:E9:DB:D2:3C:7B:B4:04:84:FC:FA:20:CC:D0:59:41:BE:24
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:67:cd:f2:17:6e:0c:dd:d6:2b:78:f4:aa:47:40:4e:01:df:
         50:f0:1f:98:af:21:03:e8:27:d7:4f:89:e6:75:63:f8:60:8a:
         81:22:22:d2:f2:dd:69:cd:e7:62:62:bf:13:af:17:06:23:a6:
         88:e0:14:eb:a0:dd:5a:db:2c:5b:26:0f:63:ae:80:18:73:f7:
         13:5c:5c:82:a4:5d:a8:8b:2b:c3:fc:6d:77:c5:ce:dd:8b:31:
         a5:9f:a9:ce:bf:d3:32:34:46:fd:fb:2d:a4:f0:01:2b:20:1b:
         96:0d:27:94:8a:dc:8a:f3:f9:f0:2d:4f:dc:af:b3:e8:ac:27:
         31:ed:3e:b3:4a:84:a9:d8:56:ce:5c:54:88:6a:ec:ed:1e:c0:
         a5:88:da:70:e3:f2:58:ae:17:77:ad:42:6b:e8:8b:5a:5d:a8:
         db:8d:ad:45:de:36:2c:77:a6:fe:92:cc:31:2b:21:3d:ac:1e:
         85:17:56:9f:b5:15:50:d0:24:a2:1b:80:61:24:a4:b8:e0:9a:
         22:9f:36:d4:27:71:39:7b:1f:7c:d7:8e:f4:76:37:b4:54:96:
         e9:27:74:40:41:c8:79:21:3d:52:a0:58:bb:31:72:04:ed:da:
         67:95:fc:5d:c6:83:2b:d4:11:21:2d:25:4e:b3:b7:76:72:78:
         4f:69:bd:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ruygYSsr5KlhaPq7UvrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjYwMzI5MTMwMDU4WhcNMjYwMzMwMTMwMDU4WjAzMTEwLwYDVQQD
Eyg2ZDVhMjJlOWRiZDIzYzdiYjQwNDg0ZmNmYTIwY2NkMDU5NDFiZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIqPGGXIcTSHzfP80HBqjVj60B9L
590ALIK9YibDRFRuW/ly7N1quP3lJmz62j8W4jkI/QLUtLE6iHH7AEEHeE3m50pU
OSTGpECeJxxUgdJjMk08u67VfWs81Q1WFCW+oLvQeoMaZEcNYpfKp2TXSPNQtu65
Y2SiNiCAXBY6XSVDOWCM9x7w/vwV9pcmWadcz+6yYJL5ZIzyBF1enMG4rWA8qcxx
x/7PH5mfdOv9//Biz7uQTXYg3ezgz5UQX83dMnXbShKNVJXHuu8kN85SAS052l3F
fgpJp6JhNWxL4B70UCR9gP5x858mHRo6Qq1aU3ygJ/wYUIosu824tedRcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1aIunb0jx7tASE/PogzNBZQb4kMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2fN8hdu
DN3WK3j0qkdATgHfUPAfmK8hA+gn10+J5nVj+GCKgSIi0vLdac3nYmK/E68XBiOm
iOAU66DdWtssWyYPY66AGHP3E1xcgqRdqIsrw/xtd8XO3YsxpZ+pzr/TMjRG/fst
pPABKyAblg0nlIrcivP58C1P3K+z6KwnMe0+s0qEqdhWzlxUiGrs7R7ApYjacOPy
WK4Xd61Ca+iLWl2o242tRd42LHem/pLMMSshPawehRdWn7UVUNAkohuAYSSkuOCa
Ip821CdxOXsffNeO9HY3tFSW6Sd0QEHIeSE9UqBYuzFyBO3aZ5X8XcaDK9QRIS0l
TrO3dnJ4T2m9Ww==
-----END CERTIFICATE-----