Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          OkgZnkxDcFazb1wz9bddJeBQErzXCIPezE2w6gLZt34=
Subject key identifier:   65:EB:0C:88:E2:F1:06:59:9A:82:9C:D7:59:CA:5D:D1:4F:6A:12:98
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019CAAC694259B098E93414C0666E1340851
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          0BD0
Signing time:             Sun 01 Mar 2026 19:01:06 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:06 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:06 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: mTvnKNtRyeHx1ym6/CdEnOmzh+nP5fIbdQ5NtTUQimU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:94:25:9b:09:8e:93:41:4c:06:66:e1:34:08:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Mar  1 19:01:06 2026 GMT
            Not After : Mar  2 19:01:06 2026 GMT
        Subject: CN=65eb0c88e2f106599a829cd759ca5dd14f6a1298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:10:e5:19:49:a5:09:57:0a:88:6a:34:87:1a:
                    11:ac:b4:31:f4:0f:7e:56:ef:b1:d0:97:f6:25:1c:
                    6e:09:ae:26:e2:87:82:e7:9f:89:08:e0:81:88:c7:
                    b8:fa:9c:76:db:5f:02:46:84:07:b7:ec:e6:2c:26:
                    b0:b1:0f:d3:5b:47:af:b6:e9:60:d4:bb:e3:bc:4d:
                    70:9d:dd:fe:d4:fe:1d:77:2d:78:eb:47:32:73:29:
                    c5:10:b5:b1:bb:68:8f:e2:3d:ae:3a:75:61:01:5b:
                    a3:70:60:25:ae:da:db:4a:bc:cd:b9:28:85:4c:f3:
                    7b:df:87:5e:63:6a:9a:bb:09:5b:5d:cc:db:11:3f:
                    28:f4:44:90:e2:a3:1a:a6:c3:62:ca:b8:1d:25:17:
                    3c:f8:24:7a:c4:dd:fe:42:29:6f:0e:a4:d0:f6:b3:
                    9e:55:70:73:c3:30:bb:44:69:30:6d:6e:4e:1b:57:
                    a0:3f:2c:4c:87:d9:1e:38:ba:a0:d5:de:8d:1e:17:
                    63:fc:f2:27:c2:29:cb:cd:67:ce:6e:d6:f0:bf:41:
                    ae:78:b9:cd:9a:52:fe:3f:64:13:73:9f:cf:ca:96:
                    9e:95:05:db:a2:ae:56:28:dd:33:3a:23:eb:6a:0b:
                    6c:ce:73:34:84:53:84:71:2a:08:0a:96:c5:d0:32:
                    14:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:EB:0C:88:E2:F1:06:59:9A:82:9C:D7:59:CA:5D:D1:4F:6A:12:98
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:98:0c:02:2f:15:a0:00:cf:1a:b0:5c:8e:81:e6:98:95:72:
         2e:3b:c1:2b:f3:cf:bd:36:bc:b1:a5:ea:13:5d:9a:e9:3a:43:
         79:c4:57:26:94:1a:3a:de:a8:4e:1e:38:0e:d9:27:a1:3a:23:
         e0:89:2f:fa:b9:86:e3:55:b6:f4:c0:b3:46:61:ab:21:e1:cd:
         a3:7b:00:aa:7d:e4:40:95:23:63:98:00:40:02:cd:7f:aa:b1:
         3c:da:48:16:fc:39:f1:8d:de:92:76:7b:13:53:80:f7:b0:d5:
         fe:94:63:55:07:ce:80:77:b3:d3:58:9c:0b:ee:17:7a:92:25:
         64:e8:c9:44:59:49:e2:70:c9:c7:d4:51:e7:3f:8e:51:32:a3:
         6f:6e:90:f8:98:1e:2e:c6:d5:fd:1f:03:b5:67:c2:94:e8:07:
         86:c4:4a:9b:ee:95:fc:07:06:60:6c:93:ef:42:dd:9f:0a:5a:
         41:06:ad:c3:53:cd:f8:a7:b7:38:d5:34:bd:62:5c:d8:ad:c2:
         00:f8:c3:16:e2:77:90:8e:8f:f2:73:46:11:ee:3e:1e:fe:db:
         79:fe:3f:b7:84:e2:53:45:fb:ac:d7:ee:bd:40:93:40:ac:df:
         b8:f1:f2:8c:3f:c4:6e:fc:f6:38:07:ef:d8:e4:9c:52:8f:94:
         1c:b3:a1:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxpQlmwmOk0FMBmbhNAhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjYwMzAxMTkwMTA2WhcNMjYwMzAyMTkwMTA2WjAzMTEwLwYDVQQD
Eyg2NWViMGM4OGUyZjEwNjU5OWE4MjljZDc1OWNhNWRkMTRmNmExMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRDlGUmlCVcKiGo0hxoRrLQx9A9+
Vu+x0Jf2JRxuCa4m4oeC55+JCOCBiMe4+px2218CRoQHt+zmLCawsQ/TW0evtulg
1LvjvE1wnd3+1P4ddy1460cycynFELWxu2iP4j2uOnVhAVujcGAlrtrbSrzNuSiF
TPN734deY2qauwlbXczbET8o9ESQ4qMapsNiyrgdJRc8+CR6xN3+QilvDqTQ9rOe
VXBzwzC7RGkwbW5OG1egPyxMh9keOLqg1d6NHhdj/PInwinLzWfObtbwv0GueLnN
mlL+P2QTc5/PypaelQXboq5WKN0zOiPragtsznM0hFOEcSoICpbF0DIUuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXrDIji8QZZmoKc11nKXdFPahKYMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI5gMAi8V
oADPGrBcjoHmmJVyLjvBK/PPvTa8saXqE12a6TpDecRXJpQaOt6oTh44DtknoToj
4Ikv+rmG41W29MCzRmGrIeHNo3sAqn3kQJUjY5gAQALNf6qxPNpIFvw58Y3eknZ7
E1OA97DV/pRjVQfOgHez01icC+4XepIlZOjJRFlJ4nDJx9RR5z+OUTKjb26Q+Jge
LsbV/R8DtWfClOgHhsRKm+6V/AcGYGyT70LdnwpaQQatw1PN+Ke3ONU0vWJc2K3C
APjDFuJ3kI6P8nNGEe4+Hv7bef4/t4TiU0X7rNfuvUCTQKzfuPHyjD/Ebvz2OAfv
2OScUo+UHLOhZA==
-----END CERTIFICATE-----