Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
File:                     vDImMeLrfqv7XttPywq4yZaCPEg.mft (raw, json)
Hash identifier:          AQYRJCtagztELXnSyV0u+vRGlYC3MaK3np0qr+PnTjQ=
Subject key identifier:   01:56:D2:DF:79:11:46:F8:FF:23:AB:78:C7:AB:20:99:B9:15:FD:15
Authority key identifier: BC:32:26:31:E2:EB:7E:AB:FB:5E:DB:4F:CB:0A:B8:C9:96:82:3C:48
Certificate issuer:       /CN=bc322631e2eb7eabfb5edb4fcb0ab8c996823c48
Certificate serial:       019D2AE04A46557806AB0E45F726E917DD79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
Manifest number:          08EB
Signing time:             Thu 26 Mar 2026 16:00:35 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:35 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:35 +0000
Files and hashes:         1: vDImMeLrfqv7XttPywq4yZaCPEg.crl (hash: plN0o130Th3NLqbosVQlHee/kbAyy5XX7P6+2zLUhoo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:4a:46:55:78:06:ab:0e:45:f7:26:e9:17:dd:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc322631e2eb7eabfb5edb4fcb0ab8c996823c48
        Validity
            Not Before: Mar 26 16:00:35 2026 GMT
            Not After : Mar 27 16:00:35 2026 GMT
        Subject: CN=0156d2df791146f8ff23ab78c7ab2099b915fd15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:11:59:f4:5e:2a:ea:10:90:30:9d:67:2d:b4:
                    9a:5c:6e:1b:55:a3:19:5d:bc:0a:d6:49:97:33:aa:
                    53:ca:20:f7:5e:ef:f8:64:22:6a:6f:20:11:7a:f9:
                    bc:8a:46:68:6e:e7:77:90:ae:78:e2:cd:cc:04:e9:
                    76:51:e2:cf:a7:65:fd:84:44:34:67:8d:88:e8:88:
                    62:1b:fe:e6:12:bd:90:d6:59:fc:89:32:d9:e2:e3:
                    44:84:90:7b:62:90:f3:69:84:93:e6:d6:05:6f:29:
                    94:95:17:ef:a4:9e:cb:59:fb:2e:b7:2b:bb:f1:2b:
                    b8:4d:a0:f1:6e:12:d5:fd:ce:a6:53:b6:27:6c:b1:
                    af:48:47:96:c1:a8:2b:4a:57:b7:8d:b5:c2:ca:1b:
                    21:18:d4:03:69:bb:ec:e9:db:bc:41:e8:24:e9:92:
                    f3:27:23:0a:75:85:45:15:8d:4b:bb:c5:55:87:b3:
                    fb:a9:4a:68:4a:f5:db:c4:8b:27:a3:48:5e:05:5f:
                    4a:35:da:51:91:3a:ad:5b:6f:03:a5:d4:4b:34:28:
                    2e:b9:e7:3f:f7:82:df:34:89:6c:94:80:50:59:0d:
                    2f:0a:70:36:3f:45:39:2c:fa:4c:38:34:33:ed:1a:
                    01:8a:ed:03:19:ad:2e:87:7d:8e:fc:86:32:e1:9b:
                    33:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:56:D2:DF:79:11:46:F8:FF:23:AB:78:C7:AB:20:99:B9:15:FD:15
            X509v3 Authority Key Identifier:
                keyid:BC:32:26:31:E2:EB:7E:AB:FB:5E:DB:4F:CB:0A:B8:C9:96:82:3C:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDImMeLrfqv7XttPywq4yZaCPEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3086b8-71f3-4a8d-9451-29edfab39f49/1/vDImMeLrfqv7XttPywq4yZaCPEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:87:7a:1f:93:cc:9c:33:9f:28:1e:57:a8:b3:0f:89:21:df:
         07:2e:ed:42:3b:08:96:e4:50:1d:09:f2:c8:54:4f:b5:21:bd:
         ec:e0:60:9d:a2:41:e6:34:9c:b3:fe:76:52:be:c6:a1:e1:07:
         b7:b2:45:fd:1a:f6:a7:56:5e:fe:9f:77:af:50:08:d4:58:2e:
         8b:25:08:7b:b9:1a:94:e9:20:bc:5d:52:a8:61:3d:b0:b2:e6:
         0d:22:7a:2d:54:b1:13:83:2a:44:58:54:88:a8:b1:f7:a1:85:
         f0:c9:c1:80:cf:6b:b6:ae:16:e9:b2:5d:14:3f:71:4d:5d:72:
         92:da:0c:9b:64:cd:80:4b:4a:e3:74:10:27:4b:76:83:49:03:
         b5:3e:dd:33:cf:51:65:05:78:74:e4:e4:84:ef:b8:c8:7a:19:
         e2:2f:2a:25:37:b6:5c:47:38:14:d5:66:60:20:a9:47:c6:5b:
         2d:d9:fc:cb:e9:9f:39:92:1f:06:52:51:7a:06:07:03:21:4e:
         4d:90:4d:9d:50:fe:f7:8d:15:be:c1:96:d6:ba:9c:aa:bf:32:
         d5:54:78:5b:4a:0e:88:71:17:67:4b:3a:24:44:2f:36:c3:89:
         3c:f1:a5:24:e4:58:8d:a2:97:4b:07:be:d6:1c:16:15:ef:82:
         82:ed:6b:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4EpGVXgGqw5F9ybpF915MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzIyNjMxZTJlYjdlYWJmYjVlZGI0ZmNiMGFiOGM5OTY4
MjNjNDgwHhcNMjYwMzI2MTYwMDM1WhcNMjYwMzI3MTYwMDM1WjAzMTEwLwYDVQQD
EygwMTU2ZDJkZjc5MTE0NmY4ZmYyM2FiNzhjN2FiMjA5OWI5MTVmZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRFZ9F4q6hCQMJ1nLbSaXG4bVaMZ
XbwK1kmXM6pTyiD3Xu/4ZCJqbyARevm8ikZobud3kK544s3MBOl2UeLPp2X9hEQ0
Z42I6IhiG/7mEr2Q1ln8iTLZ4uNEhJB7YpDzaYST5tYFbymUlRfvpJ7LWfsutyu7
8Su4TaDxbhLV/c6mU7YnbLGvSEeWwagrSle3jbXCyhshGNQDabvs6du8Qegk6ZLz
JyMKdYVFFY1Lu8VVh7P7qUpoSvXbxIsno0heBV9KNdpRkTqtW28DpdRLNCguuec/
94LfNIlslIBQWQ0vCnA2P0U5LPpMODQz7RoBiu0DGa0uh32O/IYy4ZszvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFW0t95EUb4/yOreMerIJm5Ff0VMB8GA1UdIwQY
MBaAFLwyJjHi636r+17bT8sKuMmWgjxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRJbU1lTHJmcXY3WHR0UHl3cTR5WmFDUEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMDg2YjgtNzFmMy00YThkLTk0NTEt
MjllZGZhYjM5ZjQ5LzEvdkRJbU1lTHJmcXY3WHR0UHl3cTR5WmFDUEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMDg2YjgtNzFmMy00YThkLTk0NTEtMjllZGZhYjM5ZjQ5
LzEvdkRJbU1lTHJmcXY3WHR0UHl3cTR5WmFDUEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvod6H5PM
nDOfKB5XqLMPiSHfBy7tQjsIluRQHQnyyFRPtSG97OBgnaJB5jScs/52Ur7GoeEH
t7JF/Rr2p1Ze/p93r1AI1FguiyUIe7kalOkgvF1SqGE9sLLmDSJ6LVSxE4MqRFhU
iKix96GF8MnBgM9rtq4W6bJdFD9xTV1yktoMm2TNgEtK43QQJ0t2g0kDtT7dM89R
ZQV4dOTkhO+4yHoZ4i8qJTe2XEc4FNVmYCCpR8ZbLdn8y+mfOZIfBlJRegYHAyFO
TZBNnVD+940VvsGW1rqcqr8y1VR4W0oOiHEXZ0s6JEQvNsOJPPGlJORYjaKXSwe+
1hwWFe+Cgu1rRg==
-----END CERTIFICATE-----