Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
File:                     vNgzeodIrlhibqk9my9YmNAY3fE.mft (raw, json)
Hash identifier:          6hVjDI4p4k/7tQOicqD8yJ07NgfKXlG0L1uqy0OpWxU=
Subject key identifier:   50:91:D8:F0:35:30:0E:83:38:91:5B:60:23:91:11:B5:5E:D5:B8:0E
Authority key identifier: BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1
Certificate issuer:       /CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
Certificate serial:       019CAC477F19EDB747D70009F15DC3EAA76E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
Manifest number:          17D4
Signing time:             Mon 02 Mar 2026 02:01:32 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:32 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:32 +0000
Files and hashes:         1: vNgzeodIrlhibqk9my9YmNAY3fE.crl (hash: t56Md69zcjL/uF4GFeLNSFgrEBI266O3DyObS2q7aX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:7f:19:ed:b7:47:d7:00:09:f1:5d:c3:ea:a7:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcd8337a8748ae58626ea93d9b2f5898d018ddf1
        Validity
            Not Before: Mar  2 02:01:32 2026 GMT
            Not After : Mar  3 02:01:32 2026 GMT
        Subject: CN=5091d8f035300e8338915b60239111b55ed5b80e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:26:27:04:2d:0a:fa:f0:a4:a2:11:0c:8e:cd:
                    75:69:a6:35:fe:ae:f3:25:44:68:9e:d6:62:aa:50:
                    f6:22:76:88:07:12:63:68:5f:92:4d:58:c5:b0:02:
                    5f:f6:55:ef:e8:18:c7:d6:58:b6:1f:51:ac:a3:48:
                    68:7a:06:50:d0:ce:40:b8:65:17:3f:26:8e:2c:a5:
                    f9:60:66:73:6c:e2:05:01:0c:ee:6d:3f:07:78:fb:
                    24:5e:1a:31:44:3c:86:13:46:74:23:c1:a4:71:66:
                    78:0a:00:1d:07:bf:45:25:42:ce:53:64:2d:40:a6:
                    5b:96:34:1f:a5:58:78:05:49:b3:ba:ca:14:21:e6:
                    d3:fe:a7:d5:89:59:e1:6a:1f:ab:ac:57:a0:d6:0c:
                    30:68:e6:0c:86:8d:94:45:a1:f3:b7:6f:22:4d:20:
                    63:ea:9b:f5:50:0e:87:58:0d:4d:cd:02:c5:46:7c:
                    65:b8:0a:21:f5:7c:35:27:57:f2:58:8c:a7:f9:de:
                    ac:ca:b4:36:13:44:81:56:11:73:56:8f:21:9f:26:
                    44:1e:5d:31:40:c8:3c:e1:d6:82:53:cb:f2:90:a0:
                    96:65:a1:8a:d2:d1:1d:0a:d3:c2:13:6e:d9:c2:02:
                    66:8f:be:2e:83:33:bf:01:b6:78:67:20:c8:40:0d:
                    0a:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:91:D8:F0:35:30:0E:83:38:91:5B:60:23:91:11:B5:5E:D5:B8:0E
            X509v3 Authority Key Identifier:
                keyid:BC:D8:33:7A:87:48:AE:58:62:6E:A9:3D:9B:2F:58:98:D0:18:DD:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNgzeodIrlhibqk9my9YmNAY3fE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d6068-acca-4777-9448-b7cf6a7b2a29/1/vNgzeodIrlhibqk9my9YmNAY3fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:ae:6a:b7:ce:29:f0:ea:d8:6f:44:04:ce:b5:e9:43:f0:66:
         cb:8d:13:34:d4:d4:c5:5c:ee:9e:51:62:cd:b1:75:79:1b:0a:
         8d:a8:c7:34:f5:97:19:18:5b:08:a5:5c:ff:58:8f:45:20:db:
         bd:54:7b:a2:2d:49:db:ff:56:7c:65:94:fd:49:d5:05:1e:36:
         99:a2:21:46:98:69:8c:4b:c7:66:de:35:03:32:a5:e8:0c:6e:
         c5:4c:0c:92:e3:87:3c:5e:8b:fb:6d:9f:e0:ea:6d:4f:2f:d7:
         1b:c5:0c:eb:c1:17:37:9d:60:5d:7f:85:cb:a1:7a:80:6c:76:
         f8:54:1c:9c:b4:4c:30:44:01:39:74:12:19:8e:ea:19:88:9a:
         11:95:ae:36:c2:0c:48:e7:f5:ac:be:c3:f2:a9:39:d2:3e:63:
         19:84:48:73:8e:3e:dd:6d:58:92:6b:d2:de:a0:e6:5b:75:a9:
         b1:5b:46:f8:b4:c2:f1:ea:28:12:c8:e9:61:72:1b:84:63:0a:
         af:cf:3e:c8:00:a8:23:ea:e2:a8:d0:32:d9:03:b1:2d:f7:1e:
         6d:5f:78:04:88:02:54:cd:e2:fd:7f:25:2c:e5:35:eb:ff:16:
         f1:4a:c5:15:16:dc:b0:05:ab:e7:2b:48:90:53:3d:e5:0a:0e:
         a4:76:1b:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR38Z7bdH1wAJ8V3D6qduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZDgzMzdhODc0OGFlNTg2MjZlYTkzZDliMmY1ODk4ZDAx
OGRkZjEwHhcNMjYwMzAyMDIwMTMyWhcNMjYwMzAzMDIwMTMyWjAzMTEwLwYDVQQD
Eyg1MDkxZDhmMDM1MzAwZTgzMzg5MTViNjAyMzkxMTFiNTVlZDViODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryYnBC0K+vCkohEMjs11aaY1/q7z
JURontZiqlD2InaIBxJjaF+STVjFsAJf9lXv6BjH1li2H1Gso0hoegZQ0M5AuGUX
PyaOLKX5YGZzbOIFAQzubT8HePskXhoxRDyGE0Z0I8GkcWZ4CgAdB79FJULOU2Qt
QKZbljQfpVh4BUmzusoUIebT/qfViVnhah+rrFeg1gwwaOYMho2URaHzt28iTSBj
6pv1UA6HWA1NzQLFRnxluAoh9Xw1J1fyWIyn+d6syrQ2E0SBVhFzVo8hnyZEHl0x
QMg84daCU8vykKCWZaGK0tEdCtPCE27ZwgJmj74ugzO/AbZ4ZyDIQA0K+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCR2PA1MA6DOJFbYCOREbVe1bgOMB8GA1UdIwQY
MBaAFLzYM3qHSK5YYm6pPZsvWJjQGN3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgt
YjdjZjZhN2IyYTI5LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDYwNjgtYWNjYS00Nzc3LTk0NDgtYjdjZjZhN2IyYTI5
LzEvdk5nemVvZElybGhpYnFrOW15OVltTkFZM2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAba5qt84p
8OrYb0QEzrXpQ/Bmy40TNNTUxVzunlFizbF1eRsKjajHNPWXGRhbCKVc/1iPRSDb
vVR7oi1J2/9WfGWU/UnVBR42maIhRphpjEvHZt41AzKl6AxuxUwMkuOHPF6L+22f
4OptTy/XG8UM68EXN51gXX+Fy6F6gGx2+FQcnLRMMEQBOXQSGY7qGYiaEZWuNsIM
SOf1rL7D8qk50j5jGYRIc44+3W1YkmvS3qDmW3WpsVtG+LTC8eooEsjpYXIbhGMK
r88+yACoI+riqNAy2QOxLfcebV94BIgCVM3i/X8lLOU16/8W8UrFFRbcsAWr5ytI
kFM95QoOpHYb9w==
-----END CERTIFICATE-----