Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          W5eQfqnWhPloQhDcqnfHoHAFNHFsNVvx9Mlmfyg5WZE=
Subject key identifier:   47:32:F3:BA:FC:DF:DC:3B:23:DF:E1:1E:49:61:D0:A4:CF:AD:9B:66
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019D3865E50FFF6817FF25B3DA320F2B9557
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:34 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: TvCxt3bI2P7hCewmx2i6rpaPyNMCNwR7vvBE7O8ADRc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e5:0f:ff:68:17:ff:25:b3:da:32:0f:2b:95:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Mar 29 07:01:34 2026 GMT
            Not After : Mar 30 07:01:34 2026 GMT
        Subject: CN=4732f3bafcdfdc3b23dfe11e4961d0a4cfad9b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d1:d7:41:da:61:b6:80:ec:35:38:9e:c2:aa:
                    93:32:c3:77:67:7c:81:42:77:5e:bc:31:5a:fc:85:
                    63:b6:13:3d:31:8b:3b:61:74:0e:97:dc:26:30:21:
                    0f:be:e0:26:b8:be:5d:72:92:b0:02:ed:10:49:3a:
                    43:27:87:c8:84:be:c0:5d:a3:38:28:83:9d:4a:15:
                    2c:ca:1b:96:02:f9:97:be:3c:2b:0d:ea:41:bc:17:
                    3e:d0:9d:fb:d1:3c:39:e6:0e:ff:4f:07:ee:8f:c4:
                    32:60:5c:65:47:13:60:ed:8b:2a:f2:9f:be:6d:c2:
                    0a:6e:9a:7c:1a:af:94:1f:05:c7:cc:07:d1:02:06:
                    5d:67:d4:52:59:c2:ff:15:d6:68:c5:e5:2d:d3:4c:
                    e8:f8:fb:a5:e3:ec:be:da:a6:ce:ab:81:3c:46:b2:
                    a0:0d:18:3b:7d:f0:21:12:1c:84:33:69:ed:2d:64:
                    3b:f9:f9:02:d3:f3:6e:31:88:3f:42:51:6d:51:4f:
                    02:8f:2d:8e:02:d0:47:58:5f:fa:79:2a:19:74:2b:
                    36:28:3b:68:ea:30:58:f8:a2:b9:61:3c:24:eb:1e:
                    67:d0:bb:8c:6f:8c:8f:57:8d:43:6c:4d:19:f8:9e:
                    36:44:c6:cc:e6:f5:a8:42:f4:62:18:35:92:c3:94:
                    b7:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:32:F3:BA:FC:DF:DC:3B:23:DF:E1:1E:49:61:D0:A4:CF:AD:9B:66
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:8d:c5:f6:45:79:62:fa:50:50:fc:72:4e:51:c4:ff:ae:93:
         d7:65:24:13:8d:79:1f:2b:c7:53:08:dc:ab:ca:57:5f:5b:d0:
         9b:f1:f7:3d:fb:54:b2:59:c8:15:f9:89:6f:74:19:9f:01:36:
         80:33:82:d4:b9:2b:a6:88:48:43:c8:5f:24:db:d0:34:68:9b:
         34:0e:ae:a2:72:47:03:d5:c1:f8:93:99:36:40:08:17:14:50:
         b5:2f:92:0d:76:4b:7d:74:e2:4b:00:bd:fa:80:52:9b:d3:e3:
         58:d9:45:70:77:7b:9d:04:22:92:66:b5:1b:73:23:49:1a:54:
         cd:1f:de:9f:2b:2e:40:e3:de:82:4f:0a:a5:c1:29:71:5a:7c:
         f4:77:7c:7d:e7:ff:2d:8f:4d:34:01:46:89:d5:5e:cf:d5:3e:
         96:1f:f5:5e:f5:b4:fc:fa:90:0d:6e:2b:ec:08:67:5b:ac:00:
         a1:a9:e9:3d:d2:d3:ef:b0:f3:99:61:a8:b9:d4:67:a0:7a:27:
         96:91:af:c4:e1:65:b7:e3:b2:4c:ca:21:c5:03:dc:fb:ca:eb:
         47:b1:ac:ac:00:9a:00:4d:6c:38:22:a7:30:0e:29:56:84:13:
         17:b7:79:b8:a5:4f:91:c1:37:46:5d:ee:43:85:49:34:64:a7:
         6b:7d:85:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeUP/2gX/yWz2jIPK5VXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjYwMzI5MDcwMTM0WhcNMjYwMzMwMDcwMTM0WjAzMTEwLwYDVQQD
Eyg0NzMyZjNiYWZjZGZkYzNiMjNkZmUxMWU0OTYxZDBhNGNmYWQ5YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytHXQdphtoDsNTiewqqTMsN3Z3yB
QndevDFa/IVjthM9MYs7YXQOl9wmMCEPvuAmuL5dcpKwAu0QSTpDJ4fIhL7AXaM4
KIOdShUsyhuWAvmXvjwrDepBvBc+0J370Tw55g7/Twfuj8QyYFxlRxNg7Ysq8p++
bcIKbpp8Gq+UHwXHzAfRAgZdZ9RSWcL/FdZoxeUt00zo+Pul4+y+2qbOq4E8RrKg
DRg7ffAhEhyEM2ntLWQ7+fkC0/NuMYg/QlFtUU8Cjy2OAtBHWF/6eSoZdCs2KDto
6jBY+KK5YTwk6x5n0LuMb4yPV41DbE0Z+J42RMbM5vWoQvRiGDWSw5S3KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcy87r839w7I9/hHklh0KTPrZtmMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo43F9kV5
YvpQUPxyTlHE/66T12UkE415HyvHUwjcq8pXX1vQm/H3PftUslnIFfmJb3QZnwE2
gDOC1LkrpohIQ8hfJNvQNGibNA6uonJHA9XB+JOZNkAIFxRQtS+SDXZLfXTiSwC9
+oBSm9PjWNlFcHd7nQQikma1G3MjSRpUzR/enysuQOPegk8KpcEpcVp89Hd8fef/
LY9NNAFGidVez9U+lh/1XvW0/PqQDW4r7AhnW6wAoanpPdLT77DzmWGoudRnoHon
lpGvxOFlt+OyTMohxQPc+8rrR7GsrACaAE1sOCKnMA4pVoQTF7d5uKVPkcE3Rl3u
Q4VJNGSna32FZA==
-----END CERTIFICATE-----