Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
File:                     vVhFViKSj0TenBVdcGjh0RtEVPE.mft (raw, json)
Hash identifier:          9bvqBaiC5tV9ilD3/NerTHhzClZANUglNTz/J0QsVp0=
Subject key identifier:   13:41:07:A8:80:01:33:F5:BF:47:57:1F:C8:FD:F6:E0:33:68:6A:55
Authority key identifier: BD:58:45:56:22:92:8F:44:DE:9C:15:5D:70:68:E1:D1:1B:44:54:F1
Certificate issuer:       /CN=bd58455622928f44de9c155d7068e1d11b4454f1
Certificate serial:       019D386598C01E44AEDAAEBFA69BDE953380
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:15 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:15 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:15 +0000
Files and hashes:         1: vVhFViKSj0TenBVdcGjh0RtEVPE.crl (hash: 43TzEoGM1qAyFid0nBkGmUtT10sc4QHOIByGoALnZgg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:98:c0:1e:44:ae:da:ae:bf:a6:9b:de:95:33:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd58455622928f44de9c155d7068e1d11b4454f1
        Validity
            Not Before: Mar 29 07:01:15 2026 GMT
            Not After : Mar 30 07:01:15 2026 GMT
        Subject: CN=134107a8800133f5bf47571fc8fdf6e033686a55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:c0:40:8a:d5:b6:49:39:a7:a8:bb:8d:86:26:
                    f6:c6:b9:0a:7a:cd:99:7b:7e:44:a1:78:3d:13:66:
                    f8:99:e7:cf:47:92:2e:1f:f7:aa:0e:35:fd:89:e4:
                    8f:85:28:b0:7c:3c:af:07:7f:1c:05:30:d0:61:40:
                    fd:e5:93:3f:50:c0:e6:b1:b7:e0:c0:e4:34:2d:22:
                    bc:12:62:45:32:99:3d:9f:a5:4f:6c:41:b3:de:29:
                    0b:cb:e5:70:fc:2f:66:98:6a:19:55:95:44:44:e6:
                    37:e6:86:e3:b1:e0:d8:7a:d9:13:41:6a:4f:47:2d:
                    48:07:f6:9a:68:e3:ce:f5:16:f6:1b:d8:19:6f:76:
                    9f:23:16:6b:33:b3:33:8d:f4:c0:47:f6:bf:39:80:
                    21:e4:4f:19:7a:dc:bc:83:6b:aa:23:f9:fa:dd:4f:
                    02:b7:63:02:99:f4:7c:0b:f0:49:9f:10:b0:60:a2:
                    6e:6f:03:04:e1:65:0f:44:f5:83:50:de:e6:4e:4d:
                    7f:c4:d6:dd:e1:48:d0:ce:b7:9b:02:5b:3c:bf:7f:
                    d7:14:68:2f:d5:cc:0a:53:89:a7:b5:9e:12:ac:f2:
                    a0:cf:08:5a:c1:2c:74:3f:86:1f:ae:1d:47:df:6f:
                    c0:79:17:3c:05:71:f9:2c:c4:15:0f:11:c4:7e:ce:
                    ae:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:41:07:A8:80:01:33:F5:BF:47:57:1F:C8:FD:F6:E0:33:68:6A:55
            X509v3 Authority Key Identifier:
                keyid:BD:58:45:56:22:92:8F:44:DE:9C:15:5D:70:68:E1:D1:1B:44:54:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vVhFViKSj0TenBVdcGjh0RtEVPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1dc97c-ee67-4c2b-80ba-29089da40c99/1/vVhFViKSj0TenBVdcGjh0RtEVPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:0b:33:d5:ec:a1:43:38:01:c7:b7:7b:4c:01:6a:9c:a1:7a:
         4b:67:71:b7:f9:62:f7:5a:bd:5f:3f:29:77:36:86:b8:86:42:
         e1:ca:d1:63:5b:cf:3a:0a:ab:ec:38:a8:b4:96:3e:61:77:e2:
         62:94:4b:59:86:62:a9:4b:62:44:09:84:c1:db:87:fd:27:f2:
         99:3a:89:aa:5b:e7:f7:43:d6:0f:63:60:59:b3:57:76:15:01:
         e2:9d:9c:80:41:55:2d:d2:33:76:44:10:bf:fa:e3:bc:45:69:
         3f:08:5c:ac:fa:90:09:8a:eb:c1:45:ed:fb:59:58:cb:14:52:
         3c:00:bb:08:7f:b2:a1:a3:a2:bc:c0:56:88:cb:19:73:de:f2:
         ff:10:aa:7c:eb:64:fc:f8:f9:f8:46:10:0d:1f:c4:d7:ba:a1:
         43:4c:4c:36:e5:95:18:8e:d0:d3:03:6b:c7:15:25:f1:7c:ff:
         92:ff:54:b5:8c:00:34:f9:f9:59:23:87:68:8a:27:48:47:c1:
         e7:2d:5b:c3:21:a4:0b:4f:5a:6b:46:ac:5c:f6:98:24:cc:6a:
         1b:16:c3:5e:8e:6a:34:ea:25:90:78:38:fc:27:cc:4a:c9:ac:
         d6:dd:c6:55:f2:b0:41:6c:66:35:07:b1:db:55:ff:c5:fd:c7:
         1f:10:f8:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZjAHkSu2q6/ppvelTOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNTg0NTU2MjI5MjhmNDRkZTljMTU1ZDcwNjhlMWQxMWI0
NDU0ZjEwHhcNMjYwMzI5MDcwMTE1WhcNMjYwMzMwMDcwMTE1WjAzMTEwLwYDVQQD
EygxMzQxMDdhODgwMDEzM2Y1YmY0NzU3MWZjOGZkZjZlMDMzNjg2YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38BAitW2STmnqLuNhib2xrkKes2Z
e35EoXg9E2b4mefPR5IuH/eqDjX9ieSPhSiwfDyvB38cBTDQYUD95ZM/UMDmsbfg
wOQ0LSK8EmJFMpk9n6VPbEGz3ikLy+Vw/C9mmGoZVZVEROY35objseDYetkTQWpP
Ry1IB/aaaOPO9Rb2G9gZb3afIxZrM7MzjfTAR/a/OYAh5E8Zety8g2uqI/n63U8C
t2MCmfR8C/BJnxCwYKJubwME4WUPRPWDUN7mTk1/xNbd4UjQzrebAls8v3/XFGgv
1cwKU4mntZ4SrPKgzwhawSx0P4Yfrh1H32/AeRc8BXH5LMQVDxHEfs6u3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNBB6iAATP1v0dXH8j99uAzaGpVMB8GA1UdIwQY
MBaAFL1YRVYiko9E3pwVXXBo4dEbRFTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xZGM5N2MtZWU2Ny00YzJiLTgwYmEt
MjkwODlkYTQwYzk5LzEvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xZGM5N2MtZWU2Ny00YzJiLTgwYmEtMjkwODlkYTQwYzk5
LzEvdlZoRlZpS1NqMFRlbkJWZGNHamgwUnRFVlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhAsz1eyh
QzgBx7d7TAFqnKF6S2dxt/li91q9Xz8pdzaGuIZC4crRY1vPOgqr7DiotJY+YXfi
YpRLWYZiqUtiRAmEwduH/SfymTqJqlvn90PWD2NgWbNXdhUB4p2cgEFVLdIzdkQQ
v/rjvEVpPwhcrPqQCYrrwUXt+1lYyxRSPAC7CH+yoaOivMBWiMsZc97y/xCqfOtk
/Pj5+EYQDR/E17qhQ0xMNuWVGI7Q0wNrxxUl8Xz/kv9UtYwANPn5WSOHaIonSEfB
5y1bwyGkC09aa0asXPaYJMxqGxbDXo5qNOolkHg4/CfMSsms1t3GVfKwQWxmNQex
21X/xf3HHxD4hw==
-----END CERTIFICATE-----