Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
File:                     bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft (raw, json)
Hash identifier:          FNvCfu91EL2JB9mcM95R8bDxH+iVQvII1twOp0JsbZ8=
Subject key identifier:   36:F8:85:28:82:8B:0B:00:D5:33:2A:D1:66:FA:AA:68:0A:E2:FA:43
Authority key identifier: 6D:57:00:91:6F:90:98:3B:D8:E8:9C:D0:5F:E6:29:EC:18:3B:FA:54
Certificate issuer:       /CN=6d5700916f90983bd8e89cd05fe629ec183bfa54
Certificate serial:       019D3865BD27E684779CBA50D8C0B8F1384E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
Manifest number:          0CF9
Signing time:             Sun 29 Mar 2026 07:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:24 +0000
Files and hashes:         1: bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl (hash: OKokeTlVPQmbqWyQBhLcjnFjF1GWurApi4rRTr/jzeg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:bd:27:e6:84:77:9c:ba:50:d8:c0:b8:f1:38:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d5700916f90983bd8e89cd05fe629ec183bfa54
        Validity
            Not Before: Mar 29 07:01:24 2026 GMT
            Not After : Mar 30 07:01:24 2026 GMT
        Subject: CN=36f88528828b0b00d5332ad166faaa680ae2fa43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b5:0b:30:50:2f:8c:5d:80:15:79:f3:f4:61:
                    43:0a:c0:7b:a7:f4:7c:38:c5:ee:a3:b1:4f:06:65:
                    1b:d5:11:fe:84:7c:28:d5:3d:cb:67:02:fc:50:58:
                    33:2d:22:b5:41:b5:3b:43:ff:0c:8c:b6:e2:42:5d:
                    18:91:84:e9:b0:6a:3e:ec:7d:c6:84:0a:9b:3c:4a:
                    18:d7:1c:7b:9c:d5:87:99:81:a4:3c:c8:da:ed:d3:
                    27:30:30:cc:45:0f:34:c1:9d:ac:07:a6:76:4c:99:
                    5f:6d:f8:34:13:4c:d0:cd:c5:55:97:6f:7d:6a:4f:
                    d4:cb:7a:8f:17:92:96:87:2b:63:b1:d9:87:a4:c8:
                    df:7e:18:d0:a1:ce:ea:e5:42:7a:e9:38:a9:95:eb:
                    55:50:9d:88:ff:2b:6a:0f:bc:6a:4d:8e:ab:83:b8:
                    5b:c9:94:08:83:0d:a4:8e:89:c4:6e:15:64:f3:cd:
                    5f:3f:0e:ff:f6:8c:a6:a8:a1:5d:54:47:8d:77:5e:
                    e6:f3:a4:a3:17:5f:62:d3:91:d9:be:b3:10:67:47:
                    33:cb:82:37:24:bd:d9:12:bd:69:6f:97:c7:b5:db:
                    de:ed:17:31:fe:69:64:20:63:1e:d3:bb:a7:24:0a:
                    a9:e3:63:f4:b2:d1:b4:09:95:c6:2f:16:a0:6c:bf:
                    4a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:F8:85:28:82:8B:0B:00:D5:33:2A:D1:66:FA:AA:68:0A:E2:FA:43
            X509v3 Authority Key Identifier:
                keyid:6D:57:00:91:6F:90:98:3B:D8:E8:9C:D0:5F:E6:29:EC:18:3B:FA:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:b4:43:8f:90:91:a2:17:57:82:c9:61:ea:ff:e8:de:8f:8b:
         cd:ef:23:b0:a3:59:47:b8:0d:d3:13:08:06:98:f5:ba:eb:86:
         9f:b6:6f:67:9a:cf:f6:1b:25:eb:7a:02:50:50:7e:db:ce:35:
         84:81:ea:16:35:b1:c7:8c:a9:ce:68:14:79:d6:52:e6:f3:16:
         a3:b7:3c:24:61:57:5e:76:81:bb:70:9c:8e:39:10:d2:24:aa:
         6a:7f:df:17:96:da:0f:6e:08:8e:78:20:99:ed:3c:fe:81:95:
         f9:65:aa:58:98:e8:08:4e:2b:67:50:61:5f:44:66:a3:88:98:
         b9:64:64:04:7f:a7:05:aa:b6:57:41:ec:a9:82:98:f7:d2:93:
         58:84:1d:4c:53:9a:87:25:3a:82:97:e9:3f:7f:ec:8c:1a:23:
         d7:48:f2:07:3c:25:2e:8c:0e:3d:7b:07:28:48:5a:41:a2:59:
         c9:31:97:3d:52:95:36:50:81:de:b4:9e:b4:9d:ff:c0:a4:ba:
         da:34:6d:a8:50:75:9d:0e:4d:2f:c9:07:20:20:53:11:65:c7:
         b1:b1:d3:fb:19:88:8a:5e:b9:c3:12:8a:2a:16:fc:4c:4e:f3:
         c3:12:41:3e:06:71:6b:81:09:fa:89:6b:e4:9c:9f:30:94:b7:
         ca:42:fc:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zb0n5oR3nLpQ2MC48ThOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNTcwMDkxNmY5MDk4M2JkOGU4OWNkMDVmZTYyOWVjMTgz
YmZhNTQwHhcNMjYwMzI5MDcwMTI0WhcNMjYwMzMwMDcwMTI0WjAzMTEwLwYDVQQD
EygzNmY4ODUyODgyOGIwYjAwZDUzMzJhZDE2NmZhYWE2ODBhZTJmYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrULMFAvjF2AFXnz9GFDCsB7p/R8
OMXuo7FPBmUb1RH+hHwo1T3LZwL8UFgzLSK1QbU7Q/8MjLbiQl0YkYTpsGo+7H3G
hAqbPEoY1xx7nNWHmYGkPMja7dMnMDDMRQ80wZ2sB6Z2TJlfbfg0E0zQzcVVl299
ak/Uy3qPF5KWhytjsdmHpMjffhjQoc7q5UJ66TipletVUJ2I/ytqD7xqTY6rg7hb
yZQIgw2kjonEbhVk881fPw7/9oymqKFdVEeNd17m86SjF19i05HZvrMQZ0czy4I3
JL3ZEr1pb5fHtdve7Rcx/mlkIGMe07unJAqp42P0stG0CZXGLxagbL9KxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDb4hSiCiwsA1TMq0Wb6qmgK4vpDMB8GA1UdIwQY
MBaAFG1XAJFvkJg72Oic0F/mKewYO/pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85YmZkYjYtMDhiNy00YjFkLThhODgt
OTI2YjM0ODE0MTMwLzEvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85YmZkYjYtMDhiNy00YjFkLThhODgtOTI2YjM0ODE0MTMw
LzEvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrRDj5CR
ohdXgslh6v/o3o+Lze8jsKNZR7gN0xMIBpj1uuuGn7ZvZ5rP9hsl63oCUFB+2841
hIHqFjWxx4ypzmgUedZS5vMWo7c8JGFXXnaBu3CcjjkQ0iSqan/fF5baD24Ijngg
me08/oGV+WWqWJjoCE4rZ1BhX0Rmo4iYuWRkBH+nBaq2V0HsqYKY99KTWIQdTFOa
hyU6gpfpP3/sjBoj10jyBzwlLowOPXsHKEhaQaJZyTGXPVKVNlCB3rSetJ3/wKS6
2jRtqFB1nQ5NL8kHICBTEWXHsbHT+xmIil65wxKKKhb8TE7zwxJBPgZxa4EJ+olr
5JyfMJS3ykL8kA==
-----END CERTIFICATE-----