Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
File:                     vtJXlaaCsRmplIBal2V4U9dUoFw.mft (raw, json)
Hash identifier:          KghPEUYKvYHku3fnkPlAGLrI3nOOixLtvrqerjaXvj0=
Subject key identifier:   48:D3:74:16:7B:D3:71:A8:BC:3F:C8:BF:54:E6:1F:0B:3B:BA:0B:06
Authority key identifier: BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C
Certificate issuer:       /CN=bed25795a682b119a994805a97657853d754a05c
Certificate serial:       019D38D3A70F0563EF7A40A754357A500B90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
Manifest number:          0D1D
Signing time:             Sun 29 Mar 2026 09:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:28 +0000
Files and hashes:         1: vtJXlaaCsRmplIBal2V4U9dUoFw.crl (hash: 8YipSswvB0pN8nqD64kirvK0Xg8ywjRT+816c2OzdXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a7:0f:05:63:ef:7a:40:a7:54:35:7a:50:0b:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bed25795a682b119a994805a97657853d754a05c
        Validity
            Not Before: Mar 29 09:01:28 2026 GMT
            Not After : Mar 30 09:01:28 2026 GMT
        Subject: CN=48d374167bd371a8bc3fc8bf54e61f0b3bba0b06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:74:57:3d:ea:37:99:7f:68:59:d2:d4:6c:59:
                    ef:ae:2c:a2:27:58:2e:7d:3e:2f:89:cd:ae:15:f2:
                    3a:ca:82:01:c9:44:b6:d1:7a:c9:c0:38:59:c8:09:
                    c2:02:9a:86:95:6e:41:4b:e5:05:f1:8c:e1:8f:a7:
                    66:6a:e5:73:d2:c2:50:c1:99:ce:6e:9c:c3:33:9f:
                    c9:49:a4:30:5f:5e:42:22:b2:7c:f3:9e:fb:ab:76:
                    dc:58:88:d3:21:90:2f:be:7a:15:a9:df:2d:15:ed:
                    af:00:3e:c8:b8:2d:a9:64:f9:c6:6d:5a:75:cc:07:
                    7e:2d:46:49:0d:70:92:e6:3b:2f:44:bb:6d:65:b4:
                    69:77:52:95:b5:0c:6d:42:2d:a6:e3:7a:38:ef:6e:
                    41:77:77:67:07:76:0a:01:67:b2:4c:d8:84:44:75:
                    7e:f7:ce:77:bd:b9:dd:b8:f4:18:24:83:5b:2e:88:
                    44:da:9d:9f:d5:29:a6:75:36:e2:fb:45:7f:51:4c:
                    27:ad:df:5b:ec:ab:29:94:4c:07:9e:be:dd:29:2a:
                    99:6e:52:3e:07:84:cd:4c:88:33:0b:16:53:4c:6b:
                    d8:9d:39:1a:6c:26:64:16:f8:d5:0e:89:aa:62:3f:
                    0e:7e:8b:81:18:e7:c2:92:a3:ca:6e:ed:6d:27:04:
                    cc:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D3:74:16:7B:D3:71:A8:BC:3F:C8:BF:54:E6:1F:0B:3B:BA:0B:06
            X509v3 Authority Key Identifier:
                keyid:BE:D2:57:95:A6:82:B1:19:A9:94:80:5A:97:65:78:53:D7:54:A0:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vtJXlaaCsRmplIBal2V4U9dUoFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6bd104-25f6-4826-b234-11d0f20e8cb0/1/vtJXlaaCsRmplIBal2V4U9dUoFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:15:7b:4c:4e:ed:83:5b:d4:ef:2e:66:b9:7f:f0:77:75:e8:
         5c:ef:5c:6f:9d:41:08:fb:0d:08:d8:7e:dc:c1:fd:a1:6e:18:
         ce:13:f4:a8:5b:e6:11:04:5e:e5:d6:09:84:07:84:d8:87:a6:
         8e:42:9c:1e:f5:46:bf:1f:da:50:7c:6c:ae:b2:32:0b:6b:13:
         3a:e4:fa:e0:29:76:d1:d6:08:9f:27:f6:5d:ec:10:3b:58:4c:
         5b:18:99:9f:cc:31:51:87:89:95:a4:80:cf:63:a4:eb:89:22:
         9b:1b:a3:a4:a7:c0:85:dd:ad:9a:64:25:9b:f3:d8:0e:c0:e2:
         e2:16:0d:5a:1e:25:9d:2c:d6:5c:0f:cb:67:1d:d2:41:01:78:
         d8:34:3f:56:69:7f:15:2c:de:5b:1c:d6:5c:12:8f:52:82:91:
         b6:d5:29:b7:4a:8d:ac:ac:53:ff:d6:30:be:70:4d:5f:0f:c3:
         54:c3:75:e0:e6:9b:3e:4e:30:e8:a8:8e:62:dc:6e:2b:0f:f6:
         b6:2e:e8:f2:bd:e2:94:64:06:a2:7a:a4:e5:2e:0e:8a:e4:aa:
         94:63:b1:f3:c4:e2:90:1d:3c:ea:a5:1a:76:87:b9:ce:68:31:
         9b:ac:16:58:4d:dd:bb:d0:43:e0:a1:91:bb:57:2c:8a:5c:b1:
         41:81:58:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406cPBWPvekCnVDV6UAuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZDI1Nzk1YTY4MmIxMTlhOTk0ODA1YTk3NjU3ODUzZDc1
NGEwNWMwHhcNMjYwMzI5MDkwMTI4WhcNMjYwMzMwMDkwMTI4WjAzMTEwLwYDVQQD
Eyg0OGQzNzQxNjdiZDM3MWE4YmMzZmM4YmY1NGU2MWYwYjNiYmEwYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnRXPeo3mX9oWdLUbFnvriyiJ1gu
fT4vic2uFfI6yoIByUS20XrJwDhZyAnCApqGlW5BS+UF8Yzhj6dmauVz0sJQwZnO
bpzDM5/JSaQwX15CIrJ88577q3bcWIjTIZAvvnoVqd8tFe2vAD7IuC2pZPnGbVp1
zAd+LUZJDXCS5jsvRLttZbRpd1KVtQxtQi2m43o4725Bd3dnB3YKAWeyTNiERHV+
9853vbnduPQYJINbLohE2p2f1SmmdTbi+0V/UUwnrd9b7KsplEwHnr7dKSqZblI+
B4TNTIgzCxZTTGvYnTkabCZkFvjVDomqYj8OfouBGOfCkqPKbu1tJwTMGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjTdBZ703GovD/Iv1TmHws7ugsGMB8GA1UdIwQY
MBaAFL7SV5WmgrEZqZSAWpdleFPXVKBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQt
MTFkMGYyMGU4Y2IwLzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82YmQxMDQtMjVmNi00ODI2LWIyMzQtMTFkMGYyMGU4Y2Iw
LzEvdnRKWGxhYUNzUm1wbElCYWwyVjRVOWRVb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArBV7TE7t
g1vU7y5muX/wd3XoXO9cb51BCPsNCNh+3MH9oW4YzhP0qFvmEQRe5dYJhAeE2Iem
jkKcHvVGvx/aUHxsrrIyC2sTOuT64Cl20dYInyf2XewQO1hMWxiZn8wxUYeJlaSA
z2Ok64kimxujpKfAhd2tmmQlm/PYDsDi4hYNWh4lnSzWXA/LZx3SQQF42DQ/Vml/
FSzeWxzWXBKPUoKRttUpt0qNrKxT/9YwvnBNXw/DVMN14OabPk4w6KiOYtxuKw/2
ti7o8r3ilGQGonqk5S4OiuSqlGOx88TikB086qUadoe5zmgxm6wWWE3du9BD4KGR
u1csilyxQYFYWA==
-----END CERTIFICATE-----