Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          +D1bOetWOhfpNIDQYi7fGQyKNa27n/vDj80AuFNlwVc=
Subject key identifier:   04:2F:DB:17:62:A2:9A:61:ED:FD:76:3B:08:04:6B:69:7D:46:B2:AF
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019D28F30BC5451E6D65ADED82D12E33C156
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 07:01:50 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:50 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:50 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: IH9e079G3pyKWdaeuTiiNiSCfHsFXf2WTHdi22EurQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:0b:c5:45:1e:6d:65:ad:ed:82:d1:2e:33:c1:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Mar 26 07:01:50 2026 GMT
            Not After : Mar 27 07:01:50 2026 GMT
        Subject: CN=042fdb1762a29a61edfd763b08046b697d46b2af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:43:10:e9:51:7c:3b:08:00:2e:5c:ba:c7:6f:
                    bb:34:f4:4b:03:3e:3e:04:37:61:c8:f0:fd:86:04:
                    c2:ea:a3:c4:2a:fc:49:f1:97:2c:03:3c:84:bd:57:
                    6a:4d:9d:ae:46:e4:e2:75:29:10:f0:4e:0d:1c:8b:
                    df:66:d5:91:c5:af:f7:b6:60:e9:d9:ef:e8:50:74:
                    f4:5d:ca:f0:1e:bc:f9:d5:75:91:38:f7:32:3f:ac:
                    f5:c0:e5:74:80:89:24:11:aa:eb:57:c1:40:89:75:
                    91:d4:b3:ea:b2:c6:45:16:cb:5a:68:20:3a:9c:d9:
                    24:fa:7c:31:a7:4b:91:75:99:37:f6:28:82:83:24:
                    66:cc:b7:fe:d0:56:cb:d3:17:df:f1:5a:33:55:d4:
                    7b:04:7d:d4:63:3e:d5:de:77:db:a8:dc:fb:7b:db:
                    fd:03:1c:be:78:de:86:bd:29:04:55:1c:2e:6a:35:
                    11:c5:d7:4c:b6:9d:79:12:e7:f2:2f:5d:87:44:59:
                    ae:01:91:c6:5e:f6:31:69:7b:d5:d5:ff:30:f7:9c:
                    1f:ca:c7:92:8a:ae:4b:a4:91:69:91:37:23:fa:7a:
                    fe:ed:ca:7f:32:1d:2e:62:bc:62:4c:e5:77:4e:4e:
                    e5:93:22:79:be:27:26:e3:27:8e:5d:ae:42:86:38:
                    19:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:2F:DB:17:62:A2:9A:61:ED:FD:76:3B:08:04:6B:69:7D:46:B2:AF
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:9d:fb:f9:6f:d1:8c:5d:35:3c:e9:11:73:89:a4:66:dc:3b:
         61:30:6c:86:ba:0c:04:4f:d0:23:2f:3f:64:c4:11:69:f2:86:
         61:be:78:1a:e4:86:41:03:08:27:9d:60:63:a9:0b:9d:a4:cc:
         f0:19:9d:7a:27:c6:e6:c7:98:99:24:8a:14:33:c6:6d:f6:cd:
         79:e7:06:c2:a3:57:b7:d4:be:78:43:13:20:54:3e:f1:e0:b6:
         53:a4:ee:e4:1f:53:bb:29:f0:78:28:a1:78:14:9c:6b:a0:24:
         1e:dc:80:7a:af:fb:ee:60:ae:35:b6:55:27:ba:e9:44:f0:5c:
         67:04:cb:2a:f6:00:54:d9:8d:60:38:a4:76:7b:8d:a2:c4:22:
         f9:13:6a:ba:c5:9d:9f:c8:4c:18:50:fd:c1:51:c8:5e:3f:e7:
         61:c5:98:4d:d1:07:49:80:18:cf:2c:5d:f1:e4:51:b9:74:a0:
         19:28:0c:ef:f8:94:94:78:87:bb:8d:5b:42:89:14:86:99:6b:
         18:a4:49:13:65:2e:ca:20:3f:9b:22:d1:84:79:74:08:1c:fc:
         cc:a6:45:fc:4c:7e:f1:d2:85:db:d7:69:b4:d5:ac:2d:3d:45:
         cc:63:e3:57:1b:99:c4:20:c7:14:8a:a2:92:7e:c7:05:78:9c:
         1b:c7:a5:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8wvFRR5tZa3tgtEuM8FWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjYwMzI2MDcwMTUwWhcNMjYwMzI3MDcwMTUwWjAzMTEwLwYDVQQD
EygwNDJmZGIxNzYyYTI5YTYxZWRmZDc2M2IwODA0NmI2OTdkNDZiMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kMQ6VF8OwgALly6x2+7NPRLAz4+
BDdhyPD9hgTC6qPEKvxJ8ZcsAzyEvVdqTZ2uRuTidSkQ8E4NHIvfZtWRxa/3tmDp
2e/oUHT0XcrwHrz51XWROPcyP6z1wOV0gIkkEarrV8FAiXWR1LPqssZFFstaaCA6
nNkk+nwxp0uRdZk39iiCgyRmzLf+0FbL0xff8VozVdR7BH3UYz7V3nfbqNz7e9v9
Axy+eN6GvSkEVRwuajURxddMtp15EufyL12HRFmuAZHGXvYxaXvV1f8w95wfyseS
iq5LpJFpkTcj+nr+7cp/Mh0uYrxiTOV3Tk7lkyJ5vicm4yeOXa5ChjgZ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQv2xdiopph7f12OwgEa2l9RrKvMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApp37+W/R
jF01POkRc4mkZtw7YTBshroMBE/QIy8/ZMQRafKGYb54GuSGQQMIJ51gY6kLnaTM
8BmdeifG5seYmSSKFDPGbfbNeecGwqNXt9S+eEMTIFQ+8eC2U6Tu5B9TuynweCih
eBSca6AkHtyAeq/77mCuNbZVJ7rpRPBcZwTLKvYAVNmNYDikdnuNosQi+RNqusWd
n8hMGFD9wVHIXj/nYcWYTdEHSYAYzyxd8eRRuXSgGSgM7/iUlHiHu41bQokUhplr
GKRJE2UuyiA/myLRhHl0CBz8zKZF/Ex+8dKF29dptNWsLT1FzGPjVxuZxCDHFIqi
kn7HBXicG8el9w==
-----END CERTIFICATE-----