Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft
File:                     vfyFyRfr69yH36Ne4JvEAoX19Ac.mft (raw, json)
Hash identifier:          boTkX4jXSslWTJsSgFGcqlYFcPfP38n1caiVEPigPio=
Subject key identifier:   33:54:20:A5:8B:1B:83:FC:B4:CF:83:4D:FE:61:83:63:47:AB:CB:CE
Authority key identifier: BD:FC:85:C9:17:EB:EB:DC:87:DF:A3:5E:E0:9B:C4:02:85:F5:F4:07
Certificate issuer:       /CN=bdfc85c917ebebdc87dfa35ee09bc40285f5f407
Certificate serial:       019CAF113584173826C075887AEE589F10D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft
Manifest number:          0509
Signing time:             Mon 02 Mar 2026 15:01:06 +0000
Manifest this update:     Mon 02 Mar 2026 15:01:06 +0000
Manifest next update:     Tue 03 Mar 2026 15:01:06 +0000
Files and hashes:         1: vfyFyRfr69yH36Ne4JvEAoX19Ac.crl (hash: CoNYcLsNWq3pfi1HU3kkR6WqKuvUcvcxWcNvf4uZBbI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:11:35:84:17:38:26:c0:75:88:7a:ee:58:9f:10:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdfc85c917ebebdc87dfa35ee09bc40285f5f407
        Validity
            Not Before: Mar  2 15:01:06 2026 GMT
            Not After : Mar  3 15:01:06 2026 GMT
        Subject: CN=335420a58b1b83fcb4cf834dfe61836347abcbce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:d2:ae:90:e2:5c:31:59:31:97:62:ea:18:0c:
                    8f:69:9e:26:41:f1:f3:a3:71:92:51:5f:7c:e9:e7:
                    29:d0:54:48:cd:5a:de:b6:5e:a7:e3:f5:93:26:fc:
                    14:7e:1e:40:9f:21:71:d1:cb:aa:5e:7f:2e:db:a1:
                    92:ba:9b:4f:4a:b8:67:e2:ed:22:83:40:a7:25:54:
                    a7:6f:8c:87:40:87:a0:1c:fd:0f:ef:2c:8f:fe:aa:
                    d6:8b:9d:9e:2f:b9:18:a9:8e:0a:da:21:c8:94:4f:
                    cc:57:56:e2:ec:96:8b:4a:55:13:17:0e:00:07:1a:
                    af:e8:7d:0e:21:0f:41:3b:af:ab:30:bf:30:8d:d4:
                    b2:76:c0:38:1e:ff:72:ac:2a:38:f0:3c:77:0d:cb:
                    ce:f2:38:8c:99:59:05:1f:3d:dd:5d:fb:fb:a4:31:
                    3e:d8:f2:32:ec:64:d3:07:3e:9b:ac:e8:87:0e:cb:
                    bc:1d:fe:c7:53:a3:17:39:e2:69:20:e2:c8:f5:85:
                    e4:18:e8:b4:5c:f1:42:a6:b8:f2:46:6c:f5:ae:dc:
                    25:90:01:b6:2d:6f:1b:09:9e:4c:62:cc:ca:20:16:
                    0f:69:8a:48:b6:f8:10:67:db:8a:f3:a9:9b:af:ff:
                    c6:8a:95:a2:0f:a2:ab:fc:8e:7a:de:26:fa:ec:37:
                    1f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:54:20:A5:8B:1B:83:FC:B4:CF:83:4D:FE:61:83:63:47:AB:CB:CE
            X509v3 Authority Key Identifier:
                keyid:BD:FC:85:C9:17:EB:EB:DC:87:DF:A3:5E:E0:9B:C4:02:85:F5:F4:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:83:32:9b:83:15:cc:59:23:fe:92:47:ce:8e:09:eb:12:3f:
         4e:44:69:00:d6:b9:36:ce:0b:74:43:1a:4e:d6:12:ea:da:c9:
         75:0b:36:55:e5:ff:7d:a2:69:86:bd:c5:56:b8:3b:82:8b:7a:
         6d:58:6d:b9:54:54:ae:37:b7:0d:e8:6e:2c:c3:cd:23:6c:c0:
         4b:e4:00:4a:69:c5:fe:f8:62:4c:02:4b:2e:9e:a5:dc:60:d8:
         74:b7:e7:00:5a:e1:7b:8c:46:02:f7:d7:35:1b:96:06:26:ba:
         5b:36:e8:e9:ce:fb:2f:bb:83:62:41:75:14:95:14:3e:c9:b8:
         93:dd:b5:09:58:8a:46:b4:90:68:29:3e:50:d7:4a:b8:99:14:
         c4:2f:56:b4:7d:24:60:9b:fb:97:4a:08:7a:38:aa:df:9e:70:
         8e:de:4b:7c:c0:d8:ce:42:c4:f9:e3:95:32:ed:3a:a0:ce:36:
         51:48:46:d5:a8:ca:41:c2:d4:60:a4:d4:60:c0:46:c2:b3:35:
         ac:c5:04:8b:51:a3:c6:08:51:29:76:10:38:d6:13:cf:61:26:
         9d:e2:8e:b8:bb:df:97:b3:ce:8f:9b:42:ab:a8:aa:c2:ff:1d:
         a9:6a:88:5c:b3:bd:e7:dd:a1:8a:66:b3:44:17:95:2b:30:85:
         c9:bb:d0:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvETWEFzgmwHWIeu5YnxDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmM4NWM5MTdlYmViZGM4N2RmYTM1ZWUwOWJjNDAyODVm
NWY0MDcwHhcNMjYwMzAyMTUwMTA2WhcNMjYwMzAzMTUwMTA2WjAzMTEwLwYDVQQD
EygzMzU0MjBhNThiMWI4M2ZjYjRjZjgzNGRmZTYxODM2MzQ3YWJjYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dKukOJcMVkxl2LqGAyPaZ4mQfHz
o3GSUV986ecp0FRIzVretl6n4/WTJvwUfh5AnyFx0cuqXn8u26GSuptPSrhn4u0i
g0CnJVSnb4yHQIegHP0P7yyP/qrWi52eL7kYqY4K2iHIlE/MV1bi7JaLSlUTFw4A
Bxqv6H0OIQ9BO6+rML8wjdSydsA4Hv9yrCo48Dx3DcvO8jiMmVkFHz3dXfv7pDE+
2PIy7GTTBz6brOiHDsu8Hf7HU6MXOeJpIOLI9YXkGOi0XPFCprjyRmz1rtwlkAG2
LW8bCZ5MYszKIBYPaYpItvgQZ9uK86mbr//GipWiD6Kr/I563ib67DcfSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNUIKWLG4P8tM+DTf5hg2NHq8vOMB8GA1UdIwQY
MBaAFL38hckX6+vch9+jXuCbxAKF9fQHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hZDBlMjItMjQ0OS00MWUyLTkzNjct
N2JhZDk0NTdhNDJmLzEvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hZDBlMjItMjQ0OS00MWUyLTkzNjctN2JhZDk0NTdhNDJm
LzEvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4Mym4MV
zFkj/pJHzo4J6xI/TkRpANa5Ns4LdEMaTtYS6trJdQs2VeX/faJphr3FVrg7got6
bVhtuVRUrje3DehuLMPNI2zAS+QASmnF/vhiTAJLLp6l3GDYdLfnAFrhe4xGAvfX
NRuWBia6Wzbo6c77L7uDYkF1FJUUPsm4k921CViKRrSQaCk+UNdKuJkUxC9WtH0k
YJv7l0oIejiq355wjt5LfMDYzkLE+eOVMu06oM42UUhG1ajKQcLUYKTUYMBGwrM1
rMUEi1GjxghRKXYQONYTz2EmneKOuLvfl7POj5tCq6iqwv8dqWqIXLO9592himaz
RBeVKzCFybvQfg==
-----END CERTIFICATE-----