Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
File:                     vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json)
Hash identifier:          gQNiEvJE4J9jzhVc6HGr+vy710WSKQDNOpvO4dOU/80=
Subject key identifier:   C0:D5:4E:11:6D:8F:5D:C1:43:C5:EB:BC:88:3F:4C:5F:84:ED:0C:83
Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C
Certificate issuer:       /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
Certificate serial:       019D9AE344673B926E935C459037A0AC954E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
Manifest number:          0E53
Signing time:             Fri 17 Apr 2026 10:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:18 +0000
Files and hashes:         1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: QwzHxdzmDLMY3fXkuROswokciws6Jhsg6FsH3aptkfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:44:67:3b:92:6e:93:5c:45:90:37:a0:ac:95:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
        Validity
            Not Before: Apr 17 10:01:18 2026 GMT
            Not After : Apr 18 10:01:18 2026 GMT
        Subject: CN=c0d54e116d8f5dc143c5ebbc883f4c5f84ed0c83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d6:ba:ec:a2:fd:78:38:91:3c:f5:27:21:10:
                    00:56:eb:57:f4:4d:ab:b3:53:30:cd:99:fc:b0:ae:
                    38:f4:6f:3f:a0:97:71:f1:c9:96:93:d3:57:ae:fe:
                    c9:24:a0:1b:3e:01:f7:ff:a5:64:14:bf:ce:e7:7c:
                    cf:5f:f6:97:8d:36:36:31:c4:b4:5a:3b:62:c4:41:
                    fa:cc:92:f6:84:2d:87:1e:96:a5:1a:ce:04:73:e7:
                    de:8d:68:90:29:f2:ce:a9:77:62:96:33:15:af:68:
                    c7:d0:82:5b:3f:8d:19:71:69:8b:b0:c2:80:e1:39:
                    a1:aa:a1:ed:94:58:36:18:9f:05:dd:c5:5c:ad:cb:
                    ff:8c:76:55:2c:50:b6:72:ae:25:dd:ba:88:8e:c1:
                    ba:1f:0e:ac:b0:f2:ad:c6:91:36:8f:52:d0:5e:09:
                    2a:53:95:10:63:80:22:f4:7b:b5:7e:1f:72:bc:f9:
                    71:fc:8e:5a:45:46:fd:d4:87:9c:84:1b:5e:dc:4a:
                    90:f4:0d:8f:7f:c5:60:46:51:67:51:c9:5a:01:bf:
                    fc:6e:33:57:41:ec:ed:c1:31:d4:21:bf:aa:b9:81:
                    9a:43:f3:aa:9f:37:b7:79:a2:d1:ab:2b:2c:d8:50:
                    0f:95:3b:e3:95:68:64:03:56:01:d9:b6:58:97:4c:
                    c0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:D5:4E:11:6D:8F:5D:C1:43:C5:EB:BC:88:3F:4C:5F:84:ED:0C:83
            X509v3 Authority Key Identifier:
                keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:f3:02:e4:73:90:5a:4f:f4:0b:a7:bf:3c:db:a0:c2:2a:95:
         66:9f:f5:5f:49:d7:4b:83:b7:ef:d4:c7:56:47:6e:75:6a:3e:
         fa:31:c5:71:84:b5:e3:03:5f:c3:49:17:27:b0:a8:1d:a9:e3:
         54:f0:53:70:c7:2c:7e:74:e9:51:41:d1:c2:7b:bc:8b:4c:36:
         50:08:aa:55:c6:f8:6d:5b:8a:94:83:6a:7e:37:66:66:88:3b:
         c5:ad:d2:b9:4a:1c:15:e4:f5:d8:7d:0c:05:c8:fb:76:45:47:
         58:99:6a:b9:07:aa:c9:c0:ee:d6:f2:09:88:9c:60:20:4b:ba:
         1d:83:f4:41:a8:d3:56:29:f8:ac:0d:1a:c4:49:58:d3:d3:87:
         07:b4:0e:8b:c1:af:6c:63:9f:12:f6:42:60:3b:33:98:66:13:
         b1:83:61:71:ee:37:13:dd:4e:ad:fa:26:de:5a:98:e9:6e:1f:
         90:f6:eb:f9:e0:61:a3:0b:ae:3f:db:d7:4d:ff:f7:da:c6:2e:
         c0:bb:ec:28:31:41:70:19:7c:d6:6e:8e:ed:aa:71:31:af:08:
         f6:ab:4e:6b:d3:3f:e8:b8:a1:10:c0:b1:ed:d3:9d:8b:23:bb:
         fb:16:d9:0c:86:2f:be:a3:60:29:0c:08:7d:eb:33:bf:51:58:
         f5:b2:0f:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a40RnO5Juk1xFkDegrJVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0
MDFlM2MwHhcNMjYwNDE3MTAwMTE4WhcNMjYwNDE4MTAwMTE4WjAzMTEwLwYDVQQD
EyhjMGQ1NGUxMTZkOGY1ZGMxNDNjNWViYmM4ODNmNGM1Zjg0ZWQwYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtta67KL9eDiRPPUnIRAAVutX9E2r
s1MwzZn8sK449G8/oJdx8cmWk9NXrv7JJKAbPgH3/6VkFL/O53zPX/aXjTY2McS0
WjtixEH6zJL2hC2HHpalGs4Ec+fejWiQKfLOqXdiljMVr2jH0IJbP40ZcWmLsMKA
4TmhqqHtlFg2GJ8F3cVcrcv/jHZVLFC2cq4l3bqIjsG6Hw6ssPKtxpE2j1LQXgkq
U5UQY4Ai9Hu1fh9yvPlx/I5aRUb91IechBte3EqQ9A2Pf8VgRlFnUclaAb/8bjNX
QeztwTHUIb+quYGaQ/Oqnze3eaLRqyss2FAPlTvjlWhkA1YB2bZYl0zABwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDVThFtj13BQ8XrvIg/TF+E7QyDMB8GA1UdIwQY
MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt
N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk
LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaPMC5HOQ
Wk/0C6e/PNugwiqVZp/1X0nXS4O379THVkdudWo++jHFcYS14wNfw0kXJ7CoHanj
VPBTcMcsfnTpUUHRwnu8i0w2UAiqVcb4bVuKlINqfjdmZog7xa3SuUocFeT12H0M
Bcj7dkVHWJlquQeqycDu1vIJiJxgIEu6HYP0QajTVin4rA0axElY09OHB7QOi8Gv
bGOfEvZCYDszmGYTsYNhce43E91Orfom3lqY6W4fkPbr+eBhowuuP9vXTf/32sYu
wLvsKDFBcBl81m6O7apxMa8I9qtOa9M/6LihEMCx7dOdiyO7+xbZDIYvvqNgKQwI
feszv1FY9bIP3w==
-----END CERTIFICATE-----