Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
File:                     vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json)
Hash identifier:          Cc7rptIk6wu5R8SIIzY3QEWHgnMaLaTYUtwZFuk7Vjo=
Subject key identifier:   B2:8E:BA:1F:90:49:81:50:D0:0F:F4:34:06:41:DF:F2:AA:85:28:8F
Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C
Certificate issuer:       /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
Certificate serial:       019D28F325261EF421013DACAC48CDBB4F64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
Manifest number:          0E18
Signing time:             Thu 26 Mar 2026 07:01:56 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:56 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:56 +0000
Files and hashes:         1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: Bk4BnqCJlumB2uUOEswhnhHPWv2dPmXP20g5MEksLu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:25:26:1e:f4:21:01:3d:ac:ac:48:cd:bb:4f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
        Validity
            Not Before: Mar 26 07:01:56 2026 GMT
            Not After : Mar 27 07:01:56 2026 GMT
        Subject: CN=b28eba1f90498150d00ff4340641dff2aa85288f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0d:ec:a3:84:57:7a:bd:a5:bf:55:77:d3:c8:
                    0e:01:23:50:02:78:5a:99:be:15:46:22:bd:9f:54:
                    70:52:fa:b7:5a:e3:ac:58:dc:f2:13:43:83:cf:f0:
                    95:e9:a9:e5:ab:7f:af:6d:d7:98:00:b8:91:a0:0f:
                    8b:d6:60:68:09:83:d3:60:e3:73:be:4d:cd:a4:58:
                    20:91:4e:bf:47:55:33:66:5c:02:82:08:50:de:9b:
                    55:c0:87:bc:ca:c6:06:83:ce:53:96:8a:98:5e:a9:
                    6a:d1:d9:06:12:c1:af:8b:04:61:78:2d:c2:3b:44:
                    45:6e:57:fe:21:72:63:af:5b:44:c9:2d:f6:02:ff:
                    36:3a:ac:ca:9f:3c:cd:8b:3f:20:28:db:17:c1:47:
                    09:17:da:b5:17:08:f6:bb:31:69:c2:3b:a5:1c:27:
                    d3:ec:e5:51:c0:a7:c2:cf:15:47:bc:cd:2f:d2:46:
                    13:db:dc:0e:f1:df:79:09:23:95:a3:2b:14:d8:3c:
                    ad:18:e6:00:a8:56:a8:81:74:73:50:b3:d1:48:72:
                    19:bd:73:b3:67:ae:c0:91:48:c0:00:e1:e6:97:9c:
                    8f:e8:dc:05:c7:fa:78:10:7a:58:94:58:5a:12:8a:
                    2c:f5:06:ad:09:9a:2a:bb:3e:cd:7a:09:7b:77:63:
                    fa:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:8E:BA:1F:90:49:81:50:D0:0F:F4:34:06:41:DF:F2:AA:85:28:8F
            X509v3 Authority Key Identifier:
                keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:7d:bf:e3:8d:f4:83:73:d0:b3:84:b6:a8:30:e8:4e:e8:37:
         c0:54:98:32:e0:97:7f:c6:a6:f7:03:5c:3e:c2:06:3d:03:50:
         e5:bb:4d:39:89:07:45:d7:df:0a:9f:29:97:da:d9:a8:0b:4f:
         81:06:99:34:80:86:0d:7c:af:65:99:b6:d1:42:ba:81:56:62:
         31:bc:8c:2a:61:73:71:fe:f7:2a:bb:e5:4a:3b:61:05:f6:3c:
         fc:54:d7:bf:97:4b:6e:af:1c:fc:60:72:c7:cd:de:ce:8b:3d:
         fa:b6:0e:00:02:c3:d8:58:ef:bc:bf:88:bc:99:9b:33:4b:88:
         7a:a3:29:b3:2c:d9:19:d4:31:cf:47:54:cd:4d:71:56:7b:4f:
         17:4e:53:12:11:b0:9d:14:85:35:99:fa:01:f8:cd:d8:b5:f5:
         7c:12:48:6b:b2:b7:da:8b:e3:8f:07:58:26:b9:90:aa:16:e8:
         d1:e8:8f:47:45:fe:38:9a:76:54:50:0b:05:dc:c6:62:8b:67:
         ca:94:a9:90:5e:91:3e:73:a0:47:16:3c:28:35:02:06:69:4c:
         ed:c1:57:d3:df:06:b1:ee:0a:76:ff:0c:6a:af:cd:09:c1:46:
         fd:b0:34:2f:48:32:14:51:a5:1f:e2:f9:76:ab:c1:f1:bf:0a:
         51:90:45:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8yUmHvQhAT2srEjNu09kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0
MDFlM2MwHhcNMjYwMzI2MDcwMTU2WhcNMjYwMzI3MDcwMTU2WjAzMTEwLwYDVQQD
EyhiMjhlYmExZjkwNDk4MTUwZDAwZmY0MzQwNjQxZGZmMmFhODUyODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw3so4RXer2lv1V308gOASNQAnha
mb4VRiK9n1RwUvq3WuOsWNzyE0ODz/CV6anlq3+vbdeYALiRoA+L1mBoCYPTYONz
vk3NpFggkU6/R1UzZlwCgghQ3ptVwIe8ysYGg85TloqYXqlq0dkGEsGviwRheC3C
O0RFblf+IXJjr1tEyS32Av82OqzKnzzNiz8gKNsXwUcJF9q1Fwj2uzFpwjulHCfT
7OVRwKfCzxVHvM0v0kYT29wO8d95CSOVoysU2DytGOYAqFaogXRzULPRSHIZvXOz
Z67AkUjAAOHml5yP6NwFx/p4EHpYlFhaEoos9QatCZoquz7Negl7d2P6PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKOuh+QSYFQ0A/0NAZB3/KqhSiPMB8GA1UdIwQY
MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt
N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk
LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWn2/4430
g3PQs4S2qDDoTug3wFSYMuCXf8am9wNcPsIGPQNQ5btNOYkHRdffCp8pl9rZqAtP
gQaZNICGDXyvZZm20UK6gVZiMbyMKmFzcf73KrvlSjthBfY8/FTXv5dLbq8c/GBy
x83ezos9+rYOAALD2FjvvL+IvJmbM0uIeqMpsyzZGdQxz0dUzU1xVntPF05TEhGw
nRSFNZn6AfjN2LX1fBJIa7K32ovjjwdYJrmQqhbo0eiPR0X+OJp2VFALBdzGYotn
ypSpkF6RPnOgRxY8KDUCBmlM7cFX098Gse4Kdv8Maq/NCcFG/bA0L0gyFFGlH+L5
dqvB8b8KUZBFsg==
-----END CERTIFICATE-----