Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
File:                     VFjdpvrZNtqJUgABqigr-syLguM.mft (raw, json)
Hash identifier:          RkyOPqtr1Srsk4w1u0GPJ4K8cVcl/3vI7GYJwqQ5ATw=
Subject key identifier:   96:28:BD:9B:82:A0:89:A7:D2:87:CC:03:0E:E9:3E:C9:3D:52:02:7F
Authority key identifier: 54:58:DD:A6:FA:D9:36:DA:89:52:00:01:AA:28:2B:FA:CC:8B:82:E3
Certificate issuer:       /CN=5458dda6fad936da89520001aa282bfacc8b82e3
Certificate serial:       019D28F2E95C954AA9BD5678500AD776BE2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
Manifest number:          136E
Signing time:             Thu 26 Mar 2026 07:01:41 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:41 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:41 +0000
Files and hashes:         1: VFjdpvrZNtqJUgABqigr-syLguM.crl (hash: cc8viSl3ZGx5zxQR/L+HkQjsUtR6iGfj57D1glumPSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:e9:5c:95:4a:a9:bd:56:78:50:0a:d7:76:be:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5458dda6fad936da89520001aa282bfacc8b82e3
        Validity
            Not Before: Mar 26 07:01:41 2026 GMT
            Not After : Mar 27 07:01:41 2026 GMT
        Subject: CN=9628bd9b82a089a7d287cc030ee93ec93d52027f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:05:2c:1c:7a:d5:3f:70:35:e5:ba:cb:94:5e:
                    81:2a:f8:0a:eb:9f:20:88:17:16:f3:44:24:36:f4:
                    02:83:88:0a:07:f8:39:5e:67:88:ff:73:c2:bd:e0:
                    a2:c8:51:77:e8:c7:6e:52:78:de:bd:45:86:c8:a6:
                    fb:18:46:25:87:39:3f:b0:65:cc:6e:53:e2:cd:21:
                    de:14:be:93:44:9b:74:b9:0a:d0:64:db:37:2c:bc:
                    11:17:e9:6e:c2:d8:b5:12:89:45:5d:b6:f2:aa:3c:
                    0a:b6:18:14:a8:24:76:b8:05:09:13:22:7d:b3:fa:
                    c3:a7:d2:48:f4:f5:93:58:ee:18:e6:d3:68:fe:32:
                    da:6c:e7:97:85:dc:c2:8e:0f:50:57:2b:aa:95:8e:
                    e7:1a:b0:88:19:2a:12:52:bc:5b:91:fc:0f:1d:aa:
                    95:24:54:6e:f0:8b:15:b0:25:64:16:7a:d8:94:b4:
                    c7:cb:39:9e:00:2d:33:f3:f5:59:5a:0c:ca:48:71:
                    15:9c:b4:2a:e0:cd:61:53:61:fd:3a:cb:f3:27:c9:
                    60:ef:78:e6:3f:68:25:40:60:ff:de:58:83:ea:ae:
                    a4:74:c9:2b:33:ea:bf:3b:b7:d6:9a:33:68:03:6a:
                    cc:9e:f7:ec:d4:af:27:8d:b8:15:e6:bf:9c:4a:49:
                    5a:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:28:BD:9B:82:A0:89:A7:D2:87:CC:03:0E:E9:3E:C9:3D:52:02:7F
            X509v3 Authority Key Identifier:
                keyid:54:58:DD:A6:FA:D9:36:DA:89:52:00:01:AA:28:2B:FA:CC:8B:82:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:4a:09:16:30:e0:f2:04:1a:d5:6d:cb:3e:36:99:33:71:5f:
         bf:93:bf:df:c6:73:95:26:b7:a5:8a:f6:14:3d:b8:a9:29:a2:
         53:88:05:71:e8:ea:ff:75:7e:26:89:1d:2f:29:06:9c:0a:ef:
         fc:0e:24:d1:7f:e1:93:41:76:8f:5a:2d:42:0f:a7:7d:9a:05:
         cc:32:8d:51:a0:63:d2:9c:e6:e2:93:73:3b:e4:19:b5:2f:c9:
         f5:94:ac:c8:26:70:19:53:a7:69:21:fc:72:d6:72:2f:83:a0:
         d2:30:62:e3:3d:4c:a6:1e:6f:ac:da:f5:3b:fb:d3:2a:f3:53:
         8e:c0:e0:20:66:f7:37:95:1b:64:f9:00:5a:3f:3e:1b:50:02:
         6a:3b:6f:97:24:0b:ca:3f:a4:d9:fc:18:b8:52:ed:5f:d2:28:
         8e:9f:86:d5:70:aa:97:b7:1b:22:24:c4:20:29:5f:63:68:6c:
         18:e8:59:be:09:75:db:5b:8a:3b:c1:6d:c6:0f:01:63:9d:44:
         52:89:e3:b1:9a:5c:0f:f8:67:09:e9:d6:39:9b:1d:51:88:e8:
         e5:d2:a7:c1:b9:3e:1b:97:98:2b:6c:30:cb:e8:2c:17:cb:5a:
         a1:a3:c8:d9:dd:7a:45:22:73:95:82:41:89:00:c4:f7:b9:8e:
         e3:6f:30:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8ulclUqpvVZ4UArXdr4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NThkZGE2ZmFkOTM2ZGE4OTUyMDAwMWFhMjgyYmZhY2M4
YjgyZTMwHhcNMjYwMzI2MDcwMTQxWhcNMjYwMzI3MDcwMTQxWjAzMTEwLwYDVQQD
Eyg5NjI4YmQ5YjgyYTA4OWE3ZDI4N2NjMDMwZWU5M2VjOTNkNTIwMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQUsHHrVP3A15brLlF6BKvgK658g
iBcW80QkNvQCg4gKB/g5XmeI/3PCveCiyFF36MduUnjevUWGyKb7GEYlhzk/sGXM
blPizSHeFL6TRJt0uQrQZNs3LLwRF+luwti1EolFXbbyqjwKthgUqCR2uAUJEyJ9
s/rDp9JI9PWTWO4Y5tNo/jLabOeXhdzCjg9QVyuqlY7nGrCIGSoSUrxbkfwPHaqV
JFRu8IsVsCVkFnrYlLTHyzmeAC0z8/VZWgzKSHEVnLQq4M1hU2H9OsvzJ8lg73jm
P2glQGD/3liD6q6kdMkrM+q/O7fWmjNoA2rMnvfs1K8njbgV5r+cSkla1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYovZuCoImn0ofMAw7pPsk9UgJ/MB8GA1UdIwQY
MBaAFFRY3ab62TbaiVIAAaooK/rMi4LjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC80NzgxZWEtMGEzMi00M2Y5LTk4OTAt
ZGU5N2JjZDQwMzY4LzEvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC80NzgxZWEtMGEzMi00M2Y5LTk4OTAtZGU5N2JjZDQwMzY4
LzEvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvUoJFjDg
8gQa1W3LPjaZM3Ffv5O/38ZzlSa3pYr2FD24qSmiU4gFcejq/3V+JokdLykGnArv
/A4k0X/hk0F2j1otQg+nfZoFzDKNUaBj0pzm4pNzO+QZtS/J9ZSsyCZwGVOnaSH8
ctZyL4Og0jBi4z1Mph5vrNr1O/vTKvNTjsDgIGb3N5UbZPkAWj8+G1ACajtvlyQL
yj+k2fwYuFLtX9Iojp+G1XCql7cbIiTEIClfY2hsGOhZvgl121uKO8Ftxg8BY51E
UonjsZpcD/hnCenWOZsdUYjo5dKnwbk+G5eYK2wwy+gsF8taoaPI2d16RSJzlYJB
iQDE97mO428w6g==
-----END CERTIFICATE-----