Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
File:                     VzBZUuVZXOl-QzVLLv3cewc72ck.mft (raw, json)
Hash identifier:          10mZu9NHpLk8A5Gew4brKB7XmztIHMUhwvmgHK0zviY=
Subject key identifier:   D0:79:92:08:40:D5:C7:1B:86:3B:A1:C2:6F:B6:D6:1B:C4:FE:34:F7
Authority key identifier: 57:30:59:52:E5:59:5C:E9:7E:43:35:4B:2E:FD:DC:7B:07:3B:D9:C9
Certificate issuer:       /CN=57305952e5595ce97e43354b2efddc7b073bd9c9
Certificate serial:       019D3789775A6DABECF457B7063624371F42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
Manifest number:          01A8
Signing time:             Sun 29 Mar 2026 03:00:48 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:48 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:48 +0000
Files and hashes:         1: VzBZUuVZXOl-QzVLLv3cewc72ck.crl (hash: Z0Nomy2WuYY1HPf48j6oQZBE5pZdudPqXoe5WvVqrDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:77:5a:6d:ab:ec:f4:57:b7:06:36:24:37:1f:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57305952e5595ce97e43354b2efddc7b073bd9c9
        Validity
            Not Before: Mar 29 03:00:48 2026 GMT
            Not After : Mar 30 03:00:48 2026 GMT
        Subject: CN=d079920840d5c71b863ba1c26fb6d61bc4fe34f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0d:8c:86:98:c4:9b:b8:86:e1:5f:6d:29:c9:
                    d9:c2:b8:81:44:75:23:47:c2:21:f8:67:d9:2c:a0:
                    0d:63:4e:58:26:64:1c:fd:33:72:dc:9c:bb:7b:4b:
                    0e:46:f3:c4:fe:e5:7b:4e:5e:87:e5:36:ea:52:29:
                    df:a5:40:41:8c:47:ee:0a:f0:3d:f0:f0:9a:18:58:
                    2a:13:4f:98:73:fd:06:c9:78:6a:68:3d:8b:2b:51:
                    8e:b6:cf:85:c7:13:84:c8:b0:20:64:dc:a9:bf:74:
                    2e:ba:00:b0:d8:53:e0:ad:b5:9a:e6:28:af:81:97:
                    71:60:4e:f6:6d:da:e7:e0:79:08:fd:47:40:36:99:
                    d1:20:82:60:1a:1d:59:b2:79:fa:6c:dd:c7:0c:7c:
                    f6:b3:20:92:64:8c:7a:36:09:7f:c8:24:f2:72:12:
                    97:ec:d9:f4:22:82:29:cc:b1:0e:b4:0a:50:15:25:
                    4a:2f:d2:aa:1f:d2:b7:bd:30:03:89:6c:a2:56:f5:
                    e3:8e:0d:62:62:9e:6d:8d:76:3d:8a:05:1b:84:b1:
                    b9:7d:a7:29:7a:03:3f:e2:fd:b6:79:ed:eb:77:a1:
                    9e:f9:47:cd:51:df:0b:10:b9:e6:b5:fa:02:fa:7b:
                    cb:55:b2:4f:3c:a0:9a:1d:60:ca:9a:d4:36:57:0d:
                    a0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:79:92:08:40:D5:C7:1B:86:3B:A1:C2:6F:B6:D6:1B:C4:FE:34:F7
            X509v3 Authority Key Identifier:
                keyid:57:30:59:52:E5:59:5C:E9:7E:43:35:4B:2E:FD:DC:7B:07:3B:D9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VzBZUuVZXOl-QzVLLv3cewc72ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b945c0-4e29-4a15-bdf6-2f3be062858d/1/VzBZUuVZXOl-QzVLLv3cewc72ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:de:07:7f:ca:9f:2e:2d:3f:dc:00:c1:9e:15:c4:84:47:81:
         f6:69:ea:88:ab:b9:55:58:da:09:a2:03:6a:20:57:c9:89:51:
         0e:d0:dd:ba:2d:af:ee:4b:a5:d6:c2:07:9e:c6:bc:d0:71:04:
         a3:0e:e9:80:16:6f:0d:ea:f3:1b:44:8b:d5:ec:4b:0c:04:7b:
         e8:07:24:bf:74:1f:a5:96:bc:8e:25:ac:19:88:05:dc:82:85:
         4a:cf:5b:0b:d1:6d:77:59:31:4a:8d:24:02:d2:e7:35:b0:1e:
         04:54:68:97:cc:e4:f7:1e:ca:ac:4b:0a:12:b3:37:46:99:74:
         09:ed:4c:b0:b5:f4:5a:68:34:59:09:dd:65:e8:f4:6d:3d:12:
         6f:fe:d9:b8:f7:17:73:d0:69:f1:ed:29:fd:86:70:5e:c1:35:
         14:14:e3:88:fb:6b:d7:52:39:0c:f5:f8:26:6d:ca:29:5f:c9:
         10:dd:5a:68:39:ec:ab:b8:27:07:76:21:72:59:a1:01:df:73:
         f3:14:11:ef:12:74:b5:4b:ab:58:9c:a6:f8:91:9b:96:a9:e0:
         0f:b5:ba:8b:ca:ef:ae:eb:02:a1:49:2a:11:df:fd:a4:62:4d:
         4b:f7:d8:f8:e3:77:2e:98:e2:13:74:a4:51:c9:5b:38:7f:f6:
         e8:ee:93:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXdabavs9Fe3BjYkNx9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MzA1OTUyZTU1OTVjZTk3ZTQzMzU0YjJlZmRkYzdiMDcz
YmQ5YzkwHhcNMjYwMzI5MDMwMDQ4WhcNMjYwMzMwMDMwMDQ4WjAzMTEwLwYDVQQD
EyhkMDc5OTIwODQwZDVjNzFiODYzYmExYzI2ZmI2ZDYxYmM0ZmUzNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw2MhpjEm7iG4V9tKcnZwriBRHUj
R8Ih+GfZLKANY05YJmQc/TNy3Jy7e0sORvPE/uV7Tl6H5TbqUinfpUBBjEfuCvA9
8PCaGFgqE0+Yc/0GyXhqaD2LK1GOts+FxxOEyLAgZNypv3QuugCw2FPgrbWa5iiv
gZdxYE72bdrn4HkI/UdANpnRIIJgGh1Zsnn6bN3HDHz2syCSZIx6Ngl/yCTychKX
7Nn0IoIpzLEOtApQFSVKL9KqH9K3vTADiWyiVvXjjg1iYp5tjXY9igUbhLG5facp
egM/4v22ee3rd6Ge+UfNUd8LELnmtfoC+nvLVbJPPKCaHWDKmtQ2Vw2gaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNB5kghA1ccbhjuhwm+21hvE/jT3MB8GA1UdIwQY
MBaAFFcwWVLlWVzpfkM1Sy793HsHO9nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnpCWlV1VlpYT2wtUXpWTEx2M2Nld2M3MmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iOTQ1YzAtNGUyOS00YTE1LWJkZjYt
MmYzYmUwNjI4NThkLzEvVnpCWlV1VlpYT2wtUXpWTEx2M2Nld2M3MmNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iOTQ1YzAtNGUyOS00YTE1LWJkZjYtMmYzYmUwNjI4NThk
LzEvVnpCWlV1VlpYT2wtUXpWTEx2M2Nld2M3MmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAht4Hf8qf
Li0/3ADBnhXEhEeB9mnqiKu5VVjaCaIDaiBXyYlRDtDdui2v7kul1sIHnsa80HEE
ow7pgBZvDerzG0SL1exLDAR76Ackv3QfpZa8jiWsGYgF3IKFSs9bC9Ftd1kxSo0k
AtLnNbAeBFRol8zk9x7KrEsKErM3Rpl0Ce1MsLX0Wmg0WQndZej0bT0Sb/7ZuPcX
c9Bp8e0p/YZwXsE1FBTjiPtr11I5DPX4Jm3KKV/JEN1aaDnsq7gnB3YhclmhAd9z
8xQR7xJ0tUurWJym+JGblqngD7W6i8rvrusCoUkqEd/9pGJNS/fY+ON3LpjiE3Sk
UclbOH/26O6ToA==
-----END CERTIFICATE-----