Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
File:                     V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json)
Hash identifier:          O4Xq/H0gSZidGMdoYD9MTIi0GEHqywvQojPckUvAxPw=
Subject key identifier:   1C:2E:20:B6:88:DA:C8:01:6A:DE:7B:E1:6A:AD:D0:2F:16:A0:78:04
Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D
Certificate issuer:       /CN=577977a27561cf9058a52e460c949948055bdd3d
Certificate serial:       019D28F2AA2C9C3A28C10841D045E0942216
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
Manifest number:          0A95
Signing time:             Thu 26 Mar 2026 07:01:25 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:25 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:25 +0000
Files and hashes:         1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: pOrzlNDf9VYytdBNI1DV2STmGTG7+LS12cBsHC+K6Ic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:aa:2c:9c:3a:28:c1:08:41:d0:45:e0:94:22:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d
        Validity
            Not Before: Mar 26 07:01:25 2026 GMT
            Not After : Mar 27 07:01:25 2026 GMT
        Subject: CN=1c2e20b688dac8016ade7be16aadd02f16a07804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:56:ae:b8:01:75:7d:a1:cd:1a:3a:41:ee:3b:
                    61:85:be:8f:0e:67:99:07:0b:98:69:2e:2e:0e:b5:
                    f2:07:8a:a5:2d:2c:de:bc:35:30:87:90:33:ca:89:
                    f5:71:ea:32:09:fc:74:22:fc:11:95:06:b6:e8:30:
                    52:ef:8e:a3:6c:b3:46:f0:0c:5d:b0:2b:25:cb:c2:
                    ab:5d:50:02:b0:ed:81:29:64:eb:3c:21:7a:ee:7a:
                    ed:a4:62:d8:9f:fd:d2:65:aa:90:89:35:0f:6d:48:
                    8d:6b:2e:65:67:a7:5e:ad:5d:93:ef:e1:56:1a:e8:
                    ef:ee:c4:a4:45:4e:61:ad:ed:ae:07:a8:d4:c8:55:
                    12:7e:da:33:c7:3d:ac:d6:dc:01:00:c3:60:0a:59:
                    ff:b0:12:66:87:da:4e:f7:45:be:53:29:b1:9d:e5:
                    51:cf:bf:40:be:94:aa:6e:89:3e:24:e6:1b:33:e2:
                    6c:b5:09:30:2a:78:1f:08:91:21:be:7b:77:7b:45:
                    ee:8f:64:1d:35:ca:36:28:7f:09:86:1c:5b:ba:9d:
                    26:7f:f4:81:b2:6e:8f:37:f1:de:85:11:ba:47:b6:
                    aa:28:81:d4:13:ef:a0:8a:fc:72:56:ef:5e:2b:ec:
                    ae:29:2a:d6:64:00:26:51:06:33:6a:fb:28:f5:df:
                    f0:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:2E:20:B6:88:DA:C8:01:6A:DE:7B:E1:6A:AD:D0:2F:16:A0:78:04
            X509v3 Authority Key Identifier:
                keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:7e:fa:f0:5f:3e:9a:87:94:12:5b:21:84:4d:ba:d2:be:dd:
         6e:46:2d:88:19:e6:4e:61:2c:cc:d8:65:f6:f7:1b:a5:42:a0:
         d2:5e:e5:78:a1:13:b5:17:44:f8:d4:c6:78:78:45:cb:30:34:
         ed:a6:8f:45:f1:f1:6d:4f:e9:30:62:86:6f:cd:d9:5a:04:fb:
         fa:32:f4:ed:6a:33:cf:d3:48:41:c8:2d:7d:bf:d4:2b:77:52:
         1e:f3:a5:af:f4:47:63:08:78:16:71:3d:4c:3b:2f:ea:90:56:
         9a:3a:a6:5d:25:2b:40:09:16:34:3b:e7:ee:0e:bd:63:8f:a4:
         a4:ae:cf:eb:17:29:c3:ac:05:c5:4c:69:10:31:24:06:15:63:
         33:ae:53:5c:d3:c0:43:5e:b2:25:df:b1:6c:3f:2e:0d:31:f8:
         98:e0:fc:09:d4:b0:88:35:db:7a:db:a7:46:70:82:98:96:f3:
         a5:33:de:43:db:70:1f:02:64:ba:82:46:6d:a1:0d:e2:7b:a8:
         9c:73:7e:d5:be:26:9a:6a:62:f9:27:7a:b2:87:e2:ef:bd:3f:
         00:6f:75:63:73:f9:26:f8:7d:53:74:83:5b:9c:52:29:21:67:
         ce:f6:dc:9e:81:e0:fd:e9:7a:9b:25:fc:96:0c:15:70:ad:28:
         6f:2d:b8:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8qosnDoowQhB0EXglCIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1
YmRkM2QwHhcNMjYwMzI2MDcwMTI1WhcNMjYwMzI3MDcwMTI1WjAzMTEwLwYDVQQD
EygxYzJlMjBiNjg4ZGFjODAxNmFkZTdiZTE2YWFkZDAyZjE2YTA3ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFauuAF1faHNGjpB7jthhb6PDmeZ
BwuYaS4uDrXyB4qlLSzevDUwh5Azyon1ceoyCfx0IvwRlQa26DBS746jbLNG8Axd
sCsly8KrXVACsO2BKWTrPCF67nrtpGLYn/3SZaqQiTUPbUiNay5lZ6derV2T7+FW
Gujv7sSkRU5hre2uB6jUyFUSftozxz2s1twBAMNgCln/sBJmh9pO90W+UymxneVR
z79AvpSqbok+JOYbM+JstQkwKngfCJEhvnt3e0Xuj2QdNco2KH8Jhhxbup0mf/SB
sm6PN/HehRG6R7aqKIHUE++givxyVu9eK+yuKSrWZAAmUQYzavso9d/wFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwuILaI2sgBat574Wqt0C8WoHgEMB8GA1UdIwQY
MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt
NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw
LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJn768F8+
moeUElshhE260r7dbkYtiBnmTmEszNhl9vcbpUKg0l7leKETtRdE+NTGeHhFyzA0
7aaPRfHxbU/pMGKGb83ZWgT7+jL07Wozz9NIQcgtfb/UK3dSHvOlr/RHYwh4FnE9
TDsv6pBWmjqmXSUrQAkWNDvn7g69Y4+kpK7P6xcpw6wFxUxpEDEkBhVjM65TXNPA
Q16yJd+xbD8uDTH4mOD8CdSwiDXbetunRnCCmJbzpTPeQ9twHwJkuoJGbaEN4nuo
nHN+1b4mmmpi+Sd6sofi770/AG91Y3P5Jvh9U3SDW5xSKSFnzvbcnoHg/el6myX8
lgwVcK0oby24ig==
-----END CERTIFICATE-----