Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/f4478b-b6f3-40c2-b858-2c333a5a1646/1/vwsqDaqOVGfNM-lIJaeGMyLThT4.mft
File:                     vwsqDaqOVGfNM-lIJaeGMyLThT4.mft (raw, json)
Hash identifier:          t8c+4UDYWoDhktjNJbL8P0atau6vHGuvKiKa153Wccw=
Subject key identifier:   9F:01:9E:CA:BE:50:FC:26:F6:C4:CD:A3:0F:4D:10:C4:C0:96:BE:C8
Authority key identifier: BF:0B:2A:0D:AA:8E:54:67:CD:33:E9:48:25:A7:86:33:22:D3:85:3E
Certificate issuer:       /CN=bf0b2a0daa8e5467cd33e94825a7863322d3853e
Certificate serial:       019D3A1CCEEBC35C8367B348220C5C437295
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vwsqDaqOVGfNM-lIJaeGMyLThT4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/f4478b-b6f3-40c2-b858-2c333a5a1646/1/vwsqDaqOVGfNM-lIJaeGMyLThT4.mft
Manifest number:          015D
Signing time:             Sun 29 Mar 2026 15:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:59 +0000
Files and hashes:         1: vwsqDaqOVGfNM-lIJaeGMyLThT4.crl (hash: iuAFT+kVV589ndjXeHeeawldpIQnVCR5IbNG64xNo9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/f4478b-b6f3-40c2-b858-2c333a5a1646/1/vwsqDaqOVGfNM-lIJaeGMyLThT4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/f4478b-b6f3-40c2-b858-2c333a5a1646/1/vwsqDaqOVGfNM-lIJaeGMyLThT4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vwsqDaqOVGfNM-lIJaeGMyLThT4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 15:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:ce:eb:c3:5c:83:67:b3:48:22:0c:5c:43:72:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf0b2a0daa8e5467cd33e94825a7863322d3853e
        Validity
            Not Before: Mar 29 15:00:59 2026 GMT
            Not After : Mar 30 15:00:59 2026 GMT
        Subject: CN=9f019ecabe50fc26f6c4cda30f4d10c4c096bec8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:a3:cd:ee:0c:b5:7e:35:74:7c:c4:cb:b2:1e:
                    87:5f:2b:b3:19:c9:14:77:94:ec:52:38:f8:8c:c1:
                    8a:4e:11:27:85:44:d6:e1:19:69:bf:c1:0a:35:45:
                    62:a8:58:4e:23:ef:f6:9b:38:50:38:59:ba:bd:0c:
                    c8:f7:0c:46:61:83:a3:b8:0e:09:73:64:18:24:8f:
                    ac:3a:36:a6:be:f0:25:f4:f1:13:e9:f9:17:2e:77:
                    0d:93:59:32:85:11:fa:d7:bc:4f:06:94:89:1e:bd:
                    76:0b:34:39:b9:26:85:3e:d1:cb:47:e3:79:af:f3:
                    3a:22:69:ef:1f:ef:ff:ab:fa:48:cf:6a:5b:77:4f:
                    a9:cb:0c:b4:85:74:ef:54:3b:da:12:90:34:db:1d:
                    ab:cc:d5:81:34:d6:68:06:f9:45:74:65:e6:f6:61:
                    27:3b:90:fa:87:35:c4:33:c1:e3:e6:9a:6c:6a:05:
                    18:13:7f:5b:8c:e8:18:cf:e8:0d:3d:ef:c8:d3:44:
                    7b:9d:89:75:20:bf:23:72:99:84:7c:e9:e4:63:c1:
                    1a:ae:4b:da:20:6b:3e:ae:d1:c3:12:c6:78:37:b5:
                    7f:5f:dc:14:24:e4:0a:68:c6:1b:b3:40:fc:62:ac:
                    8c:f8:b8:3d:28:da:ba:a3:f1:77:d2:ed:79:d8:03:
                    25:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:01:9E:CA:BE:50:FC:26:F6:C4:CD:A3:0F:4D:10:C4:C0:96:BE:C8
            X509v3 Authority Key Identifier:
                keyid:BF:0B:2A:0D:AA:8E:54:67:CD:33:E9:48:25:A7:86:33:22:D3:85:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vwsqDaqOVGfNM-lIJaeGMyLThT4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/f4478b-b6f3-40c2-b858-2c333a5a1646/1/vwsqDaqOVGfNM-lIJaeGMyLThT4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/f4478b-b6f3-40c2-b858-2c333a5a1646/1/vwsqDaqOVGfNM-lIJaeGMyLThT4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:ff:75:ca:18:a2:8a:0d:e3:31:51:6f:24:06:d6:f5:c7:ed:
         9c:45:60:4a:44:f8:b4:37:f6:7d:ad:2f:de:31:c2:98:f7:65:
         2e:5c:38:cd:06:1d:76:5e:45:8e:12:db:de:31:c3:42:bf:76:
         c1:b5:75:2b:c5:41:62:6e:c3:6e:7c:97:e4:32:ab:7b:50:8c:
         68:46:9e:41:7a:a4:8a:a7:09:80:a5:a8:9b:ec:66:2e:94:6d:
         af:5d:db:5d:34:37:a4:28:62:48:0a:be:24:dd:ff:e4:08:e3:
         64:24:be:2f:87:cc:64:9b:e7:1c:2f:c2:74:29:11:84:85:be:
         da:9e:d4:dc:44:70:44:40:1c:ed:7a:11:3e:40:e4:8d:1b:ae:
         7d:1b:bb:2c:a4:62:35:d7:59:2c:93:5d:0a:45:7b:63:05:16:
         df:c9:da:05:e6:f0:e2:5e:26:ec:aa:71:ba:b1:e4:46:0f:16:
         37:e2:c1:ef:4a:07:d5:57:53:78:4a:1b:56:c7:8e:c5:d9:8b:
         6a:f9:3d:81:00:b7:f5:c7:6b:b9:b1:38:fa:35:71:09:e1:bf:
         63:cc:63:19:3a:58:11:7c:35:ab:ff:6c:43:6e:5c:6e:e0:ff:
         c8:47:6d:fe:8d:fc:a4:1e:d0:48:56:68:fa:07:90:8f:03:0c:
         27:45:8c:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HM7rw1yDZ7NIIgxcQ3KVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMGIyYTBkYWE4ZTU0NjdjZDMzZTk0ODI1YTc4NjMzMjJk
Mzg1M2UwHhcNMjYwMzI5MTUwMDU5WhcNMjYwMzMwMTUwMDU5WjAzMTEwLwYDVQQD
Eyg5ZjAxOWVjYWJlNTBmYzI2ZjZjNGNkYTMwZjRkMTBjNGMwOTZiZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qPN7gy1fjV0fMTLsh6HXyuzGckU
d5TsUjj4jMGKThEnhUTW4Rlpv8EKNUViqFhOI+/2mzhQOFm6vQzI9wxGYYOjuA4J
c2QYJI+sOjamvvAl9PET6fkXLncNk1kyhRH617xPBpSJHr12CzQ5uSaFPtHLR+N5
r/M6ImnvH+//q/pIz2pbd0+pywy0hXTvVDvaEpA02x2rzNWBNNZoBvlFdGXm9mEn
O5D6hzXEM8Hj5ppsagUYE39bjOgYz+gNPe/I00R7nYl1IL8jcpmEfOnkY8Earkva
IGs+rtHDEsZ4N7V/X9wUJOQKaMYbs0D8YqyM+Lg9KNq6o/F30u152AMlXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8Bnsq+UPwm9sTNow9NEMTAlr7IMB8GA1UdIwQY
MBaAFL8LKg2qjlRnzTPpSCWnhjMi04U+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdndzcURhcU9WR2ZOTS1sSUphZUdNeUxUaFQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mNDQ3OGItYjZmMy00MGMyLWI4NTgt
MmMzMzNhNWExNjQ2LzEvdndzcURhcU9WR2ZOTS1sSUphZUdNeUxUaFQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mNDQ3OGItYjZmMy00MGMyLWI4NTgtMmMzMzNhNWExNjQ2
LzEvdndzcURhcU9WR2ZOTS1sSUphZUdNeUxUaFQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVP91yhii
ig3jMVFvJAbW9cftnEVgSkT4tDf2fa0v3jHCmPdlLlw4zQYddl5FjhLb3jHDQr92
wbV1K8VBYm7DbnyX5DKre1CMaEaeQXqkiqcJgKWom+xmLpRtr13bXTQ3pChiSAq+
JN3/5AjjZCS+L4fMZJvnHC/CdCkRhIW+2p7U3ERwREAc7XoRPkDkjRuufRu7LKRi
NddZLJNdCkV7YwUW38naBebw4l4m7KpxurHkRg8WN+LB70oH1VdTeEobVseOxdmL
avk9gQC39cdrubE4+jVxCeG/Y8xjGTpYEXw1q/9sQ25cbuD/yEdt/o38pB7QSFZo
+geQjwMMJ0WM5g==
-----END CERTIFICATE-----