Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft
File:                     vWCuPD0yPaOUps4F9rI9fPTdE0g.mft (raw, json)
Hash identifier:          vZWU+1NYcLwyIB0R3tyS3F2G7b/pSx6pb33TSvo+/Zo=
Subject key identifier:   BF:4D:AE:94:48:63:16:68:B4:D8:FA:92:19:B5:C7:17:7A:9F:10:6F
Authority key identifier: BD:60:AE:3C:3D:32:3D:A3:94:A6:CE:05:F6:B2:3D:7C:F4:DD:13:48
Certificate issuer:       /CN=bd60ae3c3d323da394a6ce05f6b23d7cf4dd1348
Certificate serial:       019CAA58AEB8676FEDEF7B533BCD7BEB57EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vWCuPD0yPaOUps4F9rI9fPTdE0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft
Manifest number:          123D
Signing time:             Sun 01 Mar 2026 17:01:04 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:04 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:04 +0000
Files and hashes:         1: vWCuPD0yPaOUps4F9rI9fPTdE0g.crl (hash: OgpYtDTdC2YzR4tHsXRTTHS04A8aiOAqbb7dQgUJKFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vWCuPD0yPaOUps4F9rI9fPTdE0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:ae:b8:67:6f:ed:ef:7b:53:3b:cd:7b:eb:57:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd60ae3c3d323da394a6ce05f6b23d7cf4dd1348
        Validity
            Not Before: Mar  1 17:01:04 2026 GMT
            Not After : Mar  2 17:01:04 2026 GMT
        Subject: CN=bf4dae9448631668b4d8fa9219b5c7177a9f106f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d2:77:b0:99:21:be:02:fd:29:ee:34:fe:0b:
                    ac:e9:62:fa:df:3a:57:14:54:25:6a:31:f7:fd:34:
                    52:b4:d5:f4:18:4b:af:9a:e9:66:79:db:10:02:f5:
                    ad:ed:19:de:de:c6:8d:fc:40:4f:d2:45:71:62:70:
                    c4:59:aa:24:37:a6:6f:f5:20:9f:72:01:0a:56:cc:
                    03:a9:5f:45:fb:8a:09:6a:30:f1:9c:25:0c:6a:c6:
                    9e:15:9f:8b:9b:08:a0:e2:70:50:61:71:97:60:c5:
                    51:73:22:c6:24:ef:17:82:fd:15:05:5f:b6:ba:51:
                    26:cf:34:22:56:aa:6e:1e:94:d0:a1:75:b1:2e:12:
                    cb:85:e2:6f:76:e7:6f:c1:3f:9f:bb:1b:5d:6f:18:
                    f9:5f:08:d2:0f:2c:29:11:b3:91:63:ef:c3:23:cb:
                    f0:ef:38:c6:52:17:d0:df:ab:c1:f4:b5:91:e2:71:
                    3f:6c:d6:94:44:f5:9b:f9:f0:a1:c3:62:de:9a:7c:
                    fb:fc:f0:95:31:b9:a9:b5:20:f5:ab:8c:c1:a9:72:
                    ad:ea:d9:a9:20:21:dc:69:56:b1:57:07:26:b7:ce:
                    90:fc:5c:cd:33:32:35:c8:a3:c6:4b:ea:a6:d3:25:
                    31:3a:7e:8f:38:4e:f2:42:cb:40:3b:fc:ac:4e:b3:
                    77:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:4D:AE:94:48:63:16:68:B4:D8:FA:92:19:B5:C7:17:7A:9F:10:6F
            X509v3 Authority Key Identifier:
                keyid:BD:60:AE:3C:3D:32:3D:A3:94:A6:CE:05:F6:B2:3D:7C:F4:DD:13:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWCuPD0yPaOUps4F9rI9fPTdE0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6fc5cf-998b-4e3d-9dfa-1c3864a7c2de/1/vWCuPD0yPaOUps4F9rI9fPTdE0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:02:5c:24:8e:fa:bd:cb:62:22:98:81:51:e2:15:aa:21:43:
         2a:f7:b7:85:f5:af:b6:8f:d4:17:76:70:90:b6:7f:e7:69:44:
         26:67:da:75:34:2c:08:b6:eb:68:29:29:d5:8b:9a:ec:fb:ac:
         42:88:b9:f0:ee:49:ba:19:aa:e0:40:2b:9a:6f:aa:03:78:f8:
         56:b6:41:b8:57:0d:9a:6b:17:5c:7a:cb:69:da:27:4d:ba:89:
         c5:d8:4d:08:a1:9c:9c:2e:47:da:e7:f7:59:0f:29:29:9d:46:
         90:ef:8a:df:3b:78:2e:c1:6b:ab:03:e6:ee:5c:9b:65:11:68:
         e2:6c:44:91:e2:a9:88:58:a3:b8:47:f4:89:21:b5:20:5d:1d:
         cc:bb:db:7f:64:7d:57:f9:4d:2d:85:79:c4:0f:a7:58:40:8e:
         64:dd:5a:ac:06:55:6f:15:35:93:b4:9b:23:cb:ca:1b:7a:1a:
         24:e3:76:95:4d:c5:9e:3d:a4:d1:05:64:b8:60:78:58:6c:bd:
         ff:26:5d:68:02:08:f0:6a:4a:77:1a:61:94:0b:cd:c5:4a:45:
         58:47:96:36:77:64:81:99:06:54:f2:81:94:f6:2e:66:d9:ab:
         20:f9:7b:97:9a:52:26:33:f1:98:7a:ed:22:c0:ce:61:94:17:
         eb:e3:3a:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWK64Z2/t73tTO81761fqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjBhZTNjM2QzMjNkYTM5NGE2Y2UwNWY2YjIzZDdjZjRk
ZDEzNDgwHhcNMjYwMzAxMTcwMTA0WhcNMjYwMzAyMTcwMTA0WjAzMTEwLwYDVQQD
EyhiZjRkYWU5NDQ4NjMxNjY4YjRkOGZhOTIxOWI1YzcxNzdhOWYxMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtJ3sJkhvgL9Ke40/gus6WL63zpX
FFQlajH3/TRStNX0GEuvmulmedsQAvWt7Rne3saN/EBP0kVxYnDEWaokN6Zv9SCf
cgEKVswDqV9F+4oJajDxnCUMasaeFZ+Lmwig4nBQYXGXYMVRcyLGJO8Xgv0VBV+2
ulEmzzQiVqpuHpTQoXWxLhLLheJvdudvwT+fuxtdbxj5XwjSDywpEbORY+/DI8vw
7zjGUhfQ36vB9LWR4nE/bNaURPWb+fChw2Lemnz7/PCVMbmptSD1q4zBqXKt6tmp
ICHcaVaxVwcmt86Q/FzNMzI1yKPGS+qm0yUxOn6POE7yQstAO/ysTrN3lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9NrpRIYxZotNj6khm1xxd6nxBvMB8GA1UdIwQY
MBaAFL1grjw9Mj2jlKbOBfayPXz03RNIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldDdVBEMHlQYU9VcHM0RjlySTlmUFRkRTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82ZmM1Y2YtOTk4Yi00ZTNkLTlkZmEt
MWMzODY0YTdjMmRlLzEvdldDdVBEMHlQYU9VcHM0RjlySTlmUFRkRTBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82ZmM1Y2YtOTk4Yi00ZTNkLTlkZmEtMWMzODY0YTdjMmRl
LzEvdldDdVBEMHlQYU9VcHM0RjlySTlmUFRkRTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABgJcJI76
vctiIpiBUeIVqiFDKve3hfWvto/UF3ZwkLZ/52lEJmfadTQsCLbraCkp1Yua7Pus
Qoi58O5Juhmq4EArmm+qA3j4VrZBuFcNmmsXXHrLadonTbqJxdhNCKGcnC5H2uf3
WQ8pKZ1GkO+K3zt4LsFrqwPm7lybZRFo4mxEkeKpiFijuEf0iSG1IF0dzLvbf2R9
V/lNLYV5xA+nWECOZN1arAZVbxU1k7SbI8vKG3oaJON2lU3Fnj2k0QVkuGB4WGy9
/yZdaAII8GpKdxphlAvNxUpFWEeWNndkgZkGVPKBlPYuZtmrIPl7l5pSJjPxmHrt
IsDOYZQX6+M6Lg==
-----END CERTIFICATE-----