Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          KneGCWvT2kGsnbpPfqnTe6fpEJw30ffKhwauu7f/9yc=
Subject key identifier:   56:FD:AF:C1:95:4A:41:32:9D:CF:67:38:52:A1:8C:3F:CB:52:A1:23
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       019D3865C22C95F514BE3C3C982E6F87AC3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          0EE7
Signing time:             Sun 29 Mar 2026 07:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:26 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: c+LnRyZTh7DZmAGcxyPTfGbjgn3z1J3o5yfrygLtzEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:c2:2c:95:f5:14:be:3c:3c:98:2e:6f:87:ac:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Mar 29 07:01:26 2026 GMT
            Not After : Mar 30 07:01:26 2026 GMT
        Subject: CN=56fdafc1954a41329dcf673852a18c3fcb52a123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:2b:dd:bb:49:34:57:35:ea:7b:7e:a1:8e:1d:
                    a3:bf:1b:a1:5e:1f:1f:f7:94:ff:23:ee:9d:52:08:
                    53:f9:32:27:87:3e:f9:e7:b9:88:9a:d8:4e:f7:30:
                    1e:78:05:da:d5:4f:5f:44:4b:d7:bf:47:b1:4b:70:
                    d2:e9:a1:41:ac:e2:37:65:90:bb:10:17:5e:85:d3:
                    e5:d5:1d:b4:18:05:ac:77:78:0b:38:cd:13:45:3b:
                    71:8d:23:55:48:b6:9f:a2:d1:01:d0:34:36:34:84:
                    c7:7b:c5:b5:85:6c:ce:01:7a:29:1d:c2:10:d5:07:
                    0f:cf:de:57:35:77:6a:6d:f1:a1:bf:31:39:ac:76:
                    22:b0:7a:64:4d:d7:fd:59:28:b8:b4:a5:d5:4c:0c:
                    7a:3d:a8:ce:7d:05:ff:e8:21:3c:1d:44:f0:31:25:
                    ae:b1:39:57:1e:7f:0a:d7:df:ce:09:bd:fa:aa:ef:
                    8a:4d:f1:64:95:c2:0d:12:c7:0d:c7:96:85:3f:1a:
                    48:10:4e:6d:89:a8:c5:45:e9:c8:c4:2c:77:c1:c5:
                    41:85:83:e0:f9:fa:19:73:bf:93:b3:42:d9:59:84:
                    21:ae:f7:ac:db:05:7d:d8:25:cf:78:d9:47:ca:13:
                    c9:70:af:ba:c8:3a:d9:f2:2d:4e:f3:7c:0b:72:09:
                    64:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:FD:AF:C1:95:4A:41:32:9D:CF:67:38:52:A1:8C:3F:CB:52:A1:23
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:2b:fb:e5:f2:f0:ab:65:c4:72:c7:9e:d8:14:05:04:72:dc:
         0e:5c:17:92:cf:d2:2c:c2:60:e9:8f:ee:00:85:0e:a5:b3:01:
         ee:f0:ac:1d:5e:9f:39:00:31:34:0f:0e:95:0f:ba:bf:19:82:
         cb:6d:ce:54:53:56:d2:2f:6e:77:12:f5:6b:91:c5:cd:b4:09:
         33:5d:68:88:f4:40:36:23:36:7f:da:cf:66:73:22:1d:27:e7:
         f6:82:2d:51:9f:50:32:40:ef:fa:2a:c4:d4:cc:51:4d:bd:61:
         8e:b8:20:c9:13:61:2a:2e:14:54:1d:e3:50:ea:32:f2:5e:2e:
         64:ff:5c:f4:01:e4:91:e5:64:e3:1a:b8:e9:7c:30:82:3e:f6:
         30:c0:73:ca:71:88:c1:81:e1:66:31:d8:34:64:c5:a6:16:16:
         60:36:4f:2d:b2:3a:2f:2e:25:f9:a2:db:a8:b9:55:10:ad:a4:
         6a:43:4d:2f:b9:1d:f7:39:14:4f:12:31:dc:7a:ed:54:35:c6:
         8c:4c:5c:e1:3a:fd:36:43:c5:40:5e:b3:72:58:94:8d:2f:0a:
         71:2a:0f:c0:b8:be:6f:c4:92:37:c7:fd:d7:cb:6c:40:df:0b:
         8e:98:12:89:e3:d9:30:0e:10:28:80:5e:7e:b2:5f:7b:32:a7:
         69:14:ea:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcIslfUUvjw8mC5vh6w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjYwMzI5MDcwMTI2WhcNMjYwMzMwMDcwMTI2WjAzMTEwLwYDVQQD
Eyg1NmZkYWZjMTk1NGE0MTMyOWRjZjY3Mzg1MmExOGMzZmNiNTJhMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCvdu0k0VzXqe36hjh2jvxuhXh8f
95T/I+6dUghT+TInhz7557mImthO9zAeeAXa1U9fREvXv0exS3DS6aFBrOI3ZZC7
EBdehdPl1R20GAWsd3gLOM0TRTtxjSNVSLafotEB0DQ2NITHe8W1hWzOAXopHcIQ
1QcPz95XNXdqbfGhvzE5rHYisHpkTdf9WSi4tKXVTAx6PajOfQX/6CE8HUTwMSWu
sTlXHn8K19/OCb36qu+KTfFklcINEscNx5aFPxpIEE5tiajFRenIxCx3wcVBhYPg
+foZc7+Ts0LZWYQhrves2wV92CXPeNlHyhPJcK+6yDrZ8i1O83wLcglkDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFb9r8GVSkEync9nOFKhjD/LUqEjMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiv75fLw
q2XEcsee2BQFBHLcDlwXks/SLMJg6Y/uAIUOpbMB7vCsHV6fOQAxNA8OlQ+6vxmC
y23OVFNW0i9udxL1a5HFzbQJM11oiPRANiM2f9rPZnMiHSfn9oItUZ9QMkDv+irE
1MxRTb1hjrggyRNhKi4UVB3jUOoy8l4uZP9c9AHkkeVk4xq46Xwwgj72MMBzynGI
wYHhZjHYNGTFphYWYDZPLbI6Ly4l+aLbqLlVEK2kakNNL7kd9zkUTxIx3HrtVDXG
jExc4Tr9NkPFQF6zcliUjS8KcSoPwLi+b8SSN8f918tsQN8LjpgSiePZMA4QKIBe
frJfezKnaRTq0Q==
-----END CERTIFICATE-----