Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
File:                     VRDNubrguTLHmin42XktMJ9617c.mft (raw, json)
Hash identifier:          3XP8iSa9lNQcIIsvj0k3CpkXOLYJ9dEj+IP12UtqxGM=
Subject key identifier:   9F:1E:EB:C7:CF:A6:19:A8:FE:6F:18:01:03:3E:47:9A:C4:48:A3:E8
Authority key identifier: 55:10:CD:B9:BA:E0:B9:32:C7:9A:29:F8:D9:79:2D:30:9F:7A:D7:B7
Certificate issuer:       /CN=5510cdb9bae0b932c79a29f8d9792d309f7ad7b7
Certificate serial:       019D389BFDC8A9EEEFA3DBDB99E92D04C181
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
Manifest number:          0535
Signing time:             Sun 29 Mar 2026 08:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:40 +0000
Files and hashes:         1: VRDNubrguTLHmin42XktMJ9617c.crl (hash: Lbp1c8TLyk5K8ke+ZQkVzBeyb6anXs78FB2M+bowCZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:fd:c8:a9:ee:ef:a3:db:db:99:e9:2d:04:c1:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5510cdb9bae0b932c79a29f8d9792d309f7ad7b7
        Validity
            Not Before: Mar 29 08:00:40 2026 GMT
            Not After : Mar 30 08:00:40 2026 GMT
        Subject: CN=9f1eebc7cfa619a8fe6f1801033e479ac448a3e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d8:48:65:00:ef:cb:f7:23:3e:5b:83:5d:9f:
                    60:19:ce:1e:33:4c:ea:42:9b:59:99:87:e5:92:4f:
                    d5:29:17:a9:e5:87:eb:7d:28:6e:23:32:3e:d5:90:
                    e1:aa:6e:c1:34:38:9e:1f:ed:7d:13:c3:87:6f:fb:
                    85:d0:67:15:5d:57:06:e1:d1:e8:c3:10:f0:80:fb:
                    ec:f1:64:32:1b:73:e0:d3:fc:2a:e0:b2:bb:ae:4a:
                    64:f6:b2:0d:4e:a1:6a:f8:1f:f8:70:a1:7c:31:0c:
                    c3:7d:37:d3:ed:ec:9e:ca:8f:a7:7a:a6:ef:e9:c5:
                    c6:6c:bf:28:cb:5f:1a:78:f0:c5:68:a2:89:3b:96:
                    5f:ca:24:c2:a6:e3:6f:ff:bb:76:12:bb:b8:37:18:
                    73:ea:d7:0e:cc:74:03:e4:8a:7a:42:dc:5a:63:e7:
                    ef:f1:45:05:84:3f:9c:3f:b0:67:4f:1f:af:64:a3:
                    72:15:54:0a:39:34:ce:c1:e6:20:5b:f0:6d:c2:28:
                    e5:0f:0b:a1:4b:60:fd:d9:c4:07:67:8c:09:a7:48:
                    66:73:6c:b4:99:ff:31:c9:9b:0d:27:71:b9:e8:bb:
                    3c:db:18:88:d5:47:80:38:94:ea:70:b2:5c:4c:ab:
                    c2:97:c8:27:72:9e:6d:37:4d:fb:c0:eb:91:23:97:
                    82:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:1E:EB:C7:CF:A6:19:A8:FE:6F:18:01:03:3E:47:9A:C4:48:A3:E8
            X509v3 Authority Key Identifier:
                keyid:55:10:CD:B9:BA:E0:B9:32:C7:9A:29:F8:D9:79:2D:30:9F:7A:D7:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRDNubrguTLHmin42XktMJ9617c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/770966-7dac-4e1c-b3ed-df5902013cdf/1/VRDNubrguTLHmin42XktMJ9617c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:0e:22:fa:1a:e8:0c:89:7d:7e:04:ff:b1:b9:53:e2:9f:4e:
         0c:22:5a:f3:38:97:96:1e:18:80:2e:78:7b:94:54:4a:f7:9b:
         a1:f9:65:0e:31:e7:9b:c8:ea:67:9c:92:8d:77:3b:28:5a:03:
         d1:44:ef:4d:0a:c6:16:b6:69:24:be:b5:02:4b:a4:cc:c7:88:
         5b:9d:25:cb:29:34:79:ea:88:41:0c:c2:8d:31:48:4f:70:84:
         23:91:92:8b:e8:33:bc:0a:e3:8f:31:7e:d2:7a:23:48:a6:54:
         31:ad:f5:39:a3:b9:08:09:e6:a7:f8:2c:f2:86:09:a7:76:fe:
         34:3d:65:8c:07:f4:9f:70:ae:fc:6e:b7:7c:d3:35:94:26:7c:
         cf:59:a2:e4:00:74:bb:1d:df:0b:b5:37:b0:eb:bf:b3:2d:f7:
         15:3c:5f:3d:7f:41:21:92:b6:27:4b:21:b7:2e:0e:cb:4e:d0:
         7f:fc:56:62:43:59:20:ab:0a:95:d4:76:88:58:ad:2c:82:65:
         64:0b:f1:f1:de:96:fd:60:2d:47:68:a6:a6:49:92:69:cf:ce:
         b0:03:a9:45:12:25:00:6e:d9:5a:cc:e9:89:14:01:f9:7c:b3:
         da:4e:fb:78:38:d8:3f:5c:75:67:bb:38:0b:be:c2:60:48:f3:
         81:9c:90:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/3Iqe7vo9vbmektBMGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MTBjZGI5YmFlMGI5MzJjNzlhMjlmOGQ5NzkyZDMwOWY3
YWQ3YjcwHhcNMjYwMzI5MDgwMDQwWhcNMjYwMzMwMDgwMDQwWjAzMTEwLwYDVQQD
Eyg5ZjFlZWJjN2NmYTYxOWE4ZmU2ZjE4MDEwMzNlNDc5YWM0NDhhM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidhIZQDvy/cjPluDXZ9gGc4eM0zq
QptZmYflkk/VKRep5YfrfShuIzI+1ZDhqm7BNDieH+19E8OHb/uF0GcVXVcG4dHo
wxDwgPvs8WQyG3Pg0/wq4LK7rkpk9rINTqFq+B/4cKF8MQzDfTfT7eyeyo+neqbv
6cXGbL8oy18aePDFaKKJO5ZfyiTCpuNv/7t2Eru4Nxhz6tcOzHQD5Ip6QtxaY+fv
8UUFhD+cP7BnTx+vZKNyFVQKOTTOweYgW/BtwijlDwuhS2D92cQHZ4wJp0hmc2y0
mf8xyZsNJ3G56Ls82xiI1UeAOJTqcLJcTKvCl8gncp5tN037wOuRI5eCDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8e68fPphmo/m8YAQM+R5rESKPoMB8GA1UdIwQY
MBaAFFUQzbm64Lkyx5op+Nl5LTCfete3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NzA5NjYtN2RhYy00ZTFjLWIzZWQt
ZGY1OTAyMDEzY2RmLzEvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NzA5NjYtN2RhYy00ZTFjLWIzZWQtZGY1OTAyMDEzY2Rm
LzEvVlJETnVicmd1VExIbWluNDJYa3RNSjk2MTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQ4i+hro
DIl9fgT/sblT4p9ODCJa8ziXlh4YgC54e5RUSvebofllDjHnm8jqZ5ySjXc7KFoD
0UTvTQrGFrZpJL61AkukzMeIW50lyyk0eeqIQQzCjTFIT3CEI5GSi+gzvArjjzF+
0nojSKZUMa31OaO5CAnmp/gs8oYJp3b+ND1ljAf0n3Cu/G63fNM1lCZ8z1mi5AB0
ux3fC7U3sOu/sy33FTxfPX9BIZK2J0shty4Oy07Qf/xWYkNZIKsKldR2iFitLIJl
ZAvx8d6W/WAtR2impkmSac/OsAOpRRIlAG7ZWszpiRQB+Xyz2k77eDjYP1x1Z7s4
C77CYEjzgZyQzg==
-----END CERTIFICATE-----