Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
File:                     V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json)
Hash identifier:          d8VtufpRSsgYXQ80CgzPl1mPcb+qLZFnVngPGxjPL2g=
Subject key identifier:   B0:B8:A0:27:BB:6A:59:91:C8:91:CB:AA:23:CF:40:80:13:71:3E:52
Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D
Certificate issuer:       /CN=577977a27561cf9058a52e460c949948055bdd3d
Certificate serial:       019D3865DE5BB3197CA8D7CBCFA32997DC1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
Manifest number:          0A9D
Signing time:             Sun 29 Mar 2026 07:01:33 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:33 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:33 +0000
Files and hashes:         1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: 3O+8nOlq+fXD9EsJNkk3Pshcfh9zpM3YBMkn1j+kwGg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:de:5b:b3:19:7c:a8:d7:cb:cf:a3:29:97:dc:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d
        Validity
            Not Before: Mar 29 07:01:33 2026 GMT
            Not After : Mar 30 07:01:33 2026 GMT
        Subject: CN=b0b8a027bb6a5991c891cbaa23cf408013713e52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:02:b4:54:3e:a1:a1:78:4d:20:a4:60:e0:8b:
                    b3:03:ca:4f:28:11:ee:98:0d:0d:8e:ae:36:39:d2:
                    b3:a5:2d:2d:6b:e9:a1:53:3f:42:34:1e:4f:0f:15:
                    25:2b:75:a3:1c:7d:1b:37:b1:cb:c0:8a:c0:ab:b3:
                    06:4e:ea:1d:7f:ec:df:89:fe:d2:46:a1:8b:8c:98:
                    60:e9:78:ab:d0:35:6a:3d:d9:bb:d4:80:7b:d1:f7:
                    07:36:13:14:98:38:b9:31:ef:75:69:d8:cb:3c:1c:
                    0c:54:f0:9d:5d:fe:23:61:4d:39:1b:e2:f3:72:96:
                    e0:10:25:29:11:a8:1c:ff:2b:e0:d0:d3:2e:0e:c2:
                    82:c1:0c:a3:59:a5:d8:5b:6c:0a:0d:9a:3b:e2:26:
                    f1:11:f2:12:64:f4:41:85:85:e4:71:b1:6c:b8:0c:
                    a7:c2:30:8f:b3:b8:bf:e6:8e:ac:9f:69:86:2f:08:
                    32:d5:7d:e8:d2:01:91:09:72:16:e3:73:31:2f:9c:
                    5b:b4:8f:18:ab:4c:46:33:cc:b9:30:95:5d:31:1a:
                    61:55:79:98:03:dc:19:3c:3a:48:2a:06:43:eb:47:
                    a2:f7:0f:3b:1f:f1:b1:55:fe:2d:c8:bb:99:d4:98:
                    27:b2:41:24:70:19:10:fa:08:43:b0:ab:61:e9:32:
                    d8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B8:A0:27:BB:6A:59:91:C8:91:CB:AA:23:CF:40:80:13:71:3E:52
            X509v3 Authority Key Identifier:
                keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:d0:08:57:55:6b:5a:b3:43:de:81:71:5b:3f:69:58:b5:a1:
         ff:96:ef:25:ce:e9:92:ee:66:da:88:b4:ff:16:c9:41:a7:fa:
         6c:1f:01:42:33:e3:8d:de:62:c8:07:6a:c9:bd:8a:8c:23:70:
         78:34:ff:6a:bc:64:e8:87:7e:b5:79:9d:d8:4e:97:60:8d:3a:
         16:99:f3:bd:9f:5e:e0:7e:e2:78:d0:d2:b5:09:26:c3:06:ba:
         11:c9:f4:a2:2f:f3:37:9d:4b:48:09:7a:7e:ab:39:c5:7b:84:
         ce:ae:ed:25:c7:a6:ab:4f:7b:85:50:99:f3:b6:fc:45:7f:d8:
         f0:33:d8:57:8b:c5:a2:66:0c:9c:e8:93:77:b9:fc:72:72:79:
         90:29:4c:ce:20:ba:8b:42:c6:90:06:0d:0d:7d:f7:a5:a5:43:
         b0:a8:48:34:c2:8d:8b:3b:4d:22:8d:f0:a8:17:69:85:29:e7:
         91:b7:4d:e1:33:42:4f:b6:3f:65:60:9c:ce:44:46:5f:18:c1:
         65:24:bf:ef:9f:4e:fb:1a:b5:42:72:36:80:d8:c5:73:7f:da:
         89:5b:0b:d8:1f:4e:17:86:43:20:11:7e:65:24:d0:63:cf:a9:
         c5:80:02:bc:9b:95:3e:a0:a6:6e:0b:d8:82:50:43:ef:72:ed:
         7a:6f:73:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zd5bsxl8qNfLz6Mpl9wbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1
YmRkM2QwHhcNMjYwMzI5MDcwMTMzWhcNMjYwMzMwMDcwMTMzWjAzMTEwLwYDVQQD
EyhiMGI4YTAyN2JiNmE1OTkxYzg5MWNiYWEyM2NmNDA4MDEzNzEzZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQK0VD6hoXhNIKRg4IuzA8pPKBHu
mA0Njq42OdKzpS0ta+mhUz9CNB5PDxUlK3WjHH0bN7HLwIrAq7MGTuodf+zfif7S
RqGLjJhg6Xir0DVqPdm71IB70fcHNhMUmDi5Me91adjLPBwMVPCdXf4jYU05G+Lz
cpbgECUpEagc/yvg0NMuDsKCwQyjWaXYW2wKDZo74ibxEfISZPRBhYXkcbFsuAyn
wjCPs7i/5o6sn2mGLwgy1X3o0gGRCXIW43MxL5xbtI8Yq0xGM8y5MJVdMRphVXmY
A9wZPDpIKgZD60ei9w87H/GxVf4tyLuZ1JgnskEkcBkQ+ghDsKth6TLYNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLC4oCe7almRyJHLqiPPQIATcT5SMB8GA1UdIwQY
MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt
NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw
LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtAIV1Vr
WrND3oFxWz9pWLWh/5bvJc7pku5m2oi0/xbJQaf6bB8BQjPjjd5iyAdqyb2KjCNw
eDT/arxk6Id+tXmd2E6XYI06FpnzvZ9e4H7ieNDStQkmwwa6Ecn0oi/zN51LSAl6
fqs5xXuEzq7tJcemq097hVCZ87b8RX/Y8DPYV4vFomYMnOiTd7n8cnJ5kClMziC6
i0LGkAYNDX33paVDsKhINMKNiztNIo3wqBdphSnnkbdN4TNCT7Y/ZWCczkRGXxjB
ZSS/759O+xq1QnI2gNjFc3/aiVsL2B9OF4ZDIBF+ZSTQY8+pxYACvJuVPqCmbgvY
glBD73Ltem9zfg==
-----END CERTIFICATE-----