Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          t3W9jcETfCWNmKRBPXvjIhhf9JMZ3zQby+739GB1F5M=
Subject key identifier:   BC:C5:4D:FB:72:8F:0B:25:02:31:DA:16:B6:5B:24:FC:20:FF:67:98
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       019D371BD9491720209DC89FD0AC9BF2A308
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0E50
Signing time:             Sun 29 Mar 2026 01:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:05 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: nDOvkpviXadjh70AlhnriCM5F6XwIgNyfdBfTT7awr4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:d9:49:17:20:20:9d:c8:9f:d0:ac:9b:f2:a3:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Mar 29 01:01:05 2026 GMT
            Not After : Mar 30 01:01:05 2026 GMT
        Subject: CN=bcc54dfb728f0b250231da16b65b24fc20ff6798
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:41:dd:29:f9:96:95:12:01:6c:ca:10:23:75:
                    de:a4:e6:14:b1:bf:04:11:07:75:d9:cd:aa:70:90:
                    8c:ba:a5:36:6d:ae:44:b5:3b:ba:6d:f8:a1:bf:56:
                    4b:fb:38:c8:61:57:17:ae:4f:cf:36:95:66:0b:64:
                    35:8a:18:43:68:ff:81:1d:b9:e8:82:7e:37:0c:de:
                    68:22:2d:9b:c2:4e:43:7d:4a:46:43:1c:c6:1a:bd:
                    c9:99:3d:d7:03:3f:f3:9a:18:dc:74:e8:21:c5:4e:
                    29:7a:b2:83:57:52:62:59:d6:f5:88:1f:fc:f6:cb:
                    08:64:b4:b6:57:71:e0:eb:df:5c:04:bb:bb:d5:7a:
                    46:3e:e1:29:91:33:07:fb:41:e7:b4:20:3c:e6:5c:
                    17:36:94:cb:c1:db:32:76:28:66:60:67:ee:45:e1:
                    73:23:11:21:11:d2:ae:2b:87:5f:a1:22:25:f2:86:
                    14:ba:81:02:5d:ff:19:67:8d:a0:ca:69:3e:5c:86:
                    ee:de:13:d9:72:de:68:91:98:2a:26:a2:68:70:cc:
                    85:af:7b:ab:01:73:c4:75:0d:95:20:5e:07:b7:c6:
                    3a:97:9a:42:2d:f1:59:b5:b4:f9:9c:e8:7b:a7:ce:
                    8e:0c:26:5e:c6:0d:6d:d7:40:91:a4:83:2c:8f:ca:
                    e1:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C5:4D:FB:72:8F:0B:25:02:31:DA:16:B6:5B:24:FC:20:FF:67:98
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:6f:f3:02:a4:f8:c3:91:1d:fa:3a:a6:0e:ad:df:b5:42:6b:
         41:9f:72:b3:51:7b:95:eb:29:34:a8:81:4a:ea:43:2f:ec:17:
         19:d3:fa:1d:b8:7d:dd:55:a5:db:a2:06:ec:e3:03:83:1b:e9:
         b8:fa:2c:00:8a:bf:a9:28:47:80:4d:0d:f5:e3:f9:17:db:5f:
         15:88:87:ef:0a:21:6d:3a:c0:8d:45:15:e0:c7:44:be:62:c1:
         e5:74:0c:70:f5:de:d1:60:ff:c3:4e:cc:97:6f:27:2c:b1:b0:
         ab:51:ef:c5:6d:6e:17:0e:ff:52:0c:a2:40:a5:a0:26:15:4f:
         d0:00:35:b4:2b:cf:41:fc:ec:09:e9:81:d2:c8:6e:6f:bf:6b:
         43:f0:0c:08:c6:ef:18:cf:12:4e:5b:e9:94:bf:5b:c3:9b:1e:
         4d:6b:3b:32:84:8d:56:70:1f:56:4b:b1:06:18:ac:aa:91:02:
         21:db:64:e2:45:e3:9d:44:5c:eb:06:c2:13:0d:9e:53:c4:03:
         ac:ae:01:83:00:90:83:06:47:f8:14:ff:79:61:02:75:5a:ca:
         41:ba:67:1b:0f:e2:66:cc:7e:47:a2:9d:ce:ef:c3:93:75:69:
         e6:b8:6c:c1:a5:4d:e7:9f:5f:e5:1b:ed:4a:29:3d:a9:06:42:
         85:34:62:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G9lJFyAgncif0Kyb8qMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjYwMzI5MDEwMTA1WhcNMjYwMzMwMDEwMTA1WjAzMTEwLwYDVQQD
EyhiY2M1NGRmYjcyOGYwYjI1MDIzMWRhMTZiNjViMjRmYzIwZmY2Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0HdKfmWlRIBbMoQI3XepOYUsb8E
EQd12c2qcJCMuqU2ba5EtTu6bfihv1ZL+zjIYVcXrk/PNpVmC2Q1ihhDaP+BHbno
gn43DN5oIi2bwk5DfUpGQxzGGr3JmT3XAz/zmhjcdOghxU4perKDV1JiWdb1iB/8
9ssIZLS2V3Hg699cBLu71XpGPuEpkTMH+0HntCA85lwXNpTLwdsydihmYGfuReFz
IxEhEdKuK4dfoSIl8oYUuoECXf8ZZ42gymk+XIbu3hPZct5okZgqJqJocMyFr3ur
AXPEdQ2VIF4Ht8Y6l5pCLfFZtbT5nOh7p86ODCZexg1t10CRpIMsj8rhTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzFTftyjwslAjHaFrZbJPwg/2eYMB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATW/zAqT4
w5Ed+jqmDq3ftUJrQZ9ys1F7lespNKiBSupDL+wXGdP6Hbh93VWl26IG7OMDgxvp
uPosAIq/qShHgE0N9eP5F9tfFYiH7wohbTrAjUUV4MdEvmLB5XQMcPXe0WD/w07M
l28nLLGwq1HvxW1uFw7/UgyiQKWgJhVP0AA1tCvPQfzsCemB0shub79rQ/AMCMbv
GM8STlvplL9bw5seTWs7MoSNVnAfVkuxBhisqpECIdtk4kXjnURc6wbCEw2eU8QD
rK4BgwCQgwZH+BT/eWECdVrKQbpnGw/iZsx+R6Kdzu/Dk3Vp5rhswaVN559f5Rvt
Sik9qQZChTRilQ==
-----END CERTIFICATE-----