Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          0DEaJFog2znELeMvNN9JAvpQS2SeTR6jAgj+yHVad1s=
Subject key identifier:   03:12:8A:2D:02:8D:77:B9:BA:C7:9B:05:65:55:87:19:05:65:E7:9B
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       019DA3E668D1622B13429FE58733E2CBF52C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          0C51
Signing time:             Sun 19 Apr 2026 04:01:19 +0000
Manifest this update:     Sun 19 Apr 2026 04:01:19 +0000
Manifest next update:     Mon 20 Apr 2026 04:01:19 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: +bEvuE0u+n28x8c3cKaRxiFFOwl3kPtIKlrNqlZ56hk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:68:d1:62:2b:13:42:9f:e5:87:33:e2:cb:f5:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: Apr 19 04:01:19 2026 GMT
            Not After : Apr 20 04:01:19 2026 GMT
        Subject: CN=03128a2d028d77b9bac79b05655587190565e79b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:3a:8e:c0:ce:cd:03:29:3d:b1:4f:bf:b7:32:
                    1a:d1:29:26:1a:d9:c8:82:44:7e:97:f2:fd:bd:2b:
                    22:7e:dc:9c:6c:b2:84:ab:6c:9f:2d:f9:e5:c4:1b:
                    66:bc:07:47:9b:48:4d:ed:13:76:72:42:42:6d:fc:
                    c3:33:71:cc:ed:db:c4:58:a3:6e:24:c5:5b:a6:6c:
                    43:38:98:bd:c1:d3:46:d6:ba:be:29:cd:33:40:f1:
                    68:d5:2e:39:35:f1:29:eb:83:2e:c3:54:f1:63:ca:
                    17:c3:2d:74:39:ff:20:f9:a9:ae:5b:29:51:ea:9d:
                    2b:86:fa:af:93:f7:ec:58:9a:87:f7:d0:3f:6a:ad:
                    4c:77:d0:8d:5a:b5:35:f7:7c:08:de:bd:71:02:2a:
                    bb:6b:7c:6d:70:54:91:37:c3:bd:f0:79:8f:d8:0a:
                    02:78:59:7d:d8:5c:7e:f8:c5:90:fa:25:1b:c5:49:
                    41:a5:f5:02:1f:7e:d1:ef:90:f7:bf:63:f1:3c:01:
                    5b:e2:10:b9:58:d3:b5:56:90:d6:ec:d1:65:4b:61:
                    4b:c8:a0:e9:72:62:da:19:d4:69:a2:ae:24:52:a3:
                    b3:b8:69:57:51:14:98:37:ca:a2:c1:73:09:60:16:
                    c4:74:35:7b:78:87:d1:fe:1a:9e:1f:b8:f0:a1:df:
                    f1:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:12:8A:2D:02:8D:77:B9:BA:C7:9B:05:65:55:87:19:05:65:E7:9B
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:e6:3a:57:c5:0d:4b:16:ab:b9:3f:25:c1:87:dd:35:8b:e6:
         60:04:00:fe:71:f4:e3:24:3f:3d:50:7c:d2:fd:c6:44:bd:57:
         ff:56:74:bf:ad:5a:b4:50:07:63:7b:ee:f4:81:c4:e1:68:90:
         80:14:b5:dd:d4:d8:54:78:04:85:92:6b:11:00:44:ea:25:6f:
         ca:19:d4:18:88:75:08:0a:54:16:e5:38:30:bd:90:1c:29:c7:
         ee:df:37:86:ac:96:44:0a:da:60:0c:84:f5:02:77:12:0f:d3:
         4c:e9:94:5b:d3:bb:07:c0:df:84:10:82:a7:7a:d6:f3:64:ea:
         2a:a8:a2:3b:2d:e1:44:d3:a3:6c:2a:dd:54:6d:dd:c6:4d:5e:
         08:86:12:9e:3f:e1:48:68:f4:f3:a4:cc:e0:9a:02:27:28:c4:
         ed:05:bb:ea:c4:b7:b4:18:51:97:57:90:cc:4c:9f:88:4d:5e:
         85:fa:a0:af:34:6f:a9:a5:c8:d0:a4:92:5b:a8:35:70:dd:10:
         6f:57:10:da:cb:f0:46:89:e5:e8:e4:50:74:2b:98:d1:65:e6:
         03:65:4c:e9:29:ba:f1:8c:0b:50:cb:b9:13:1c:d9:94:2b:94:
         c9:74:85:77:44:77:3e:2f:67:71:dc:ff:9b:8c:2b:67:64:0f:
         12:5d:c0:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5mjRYisTQp/lhzPiy/UsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjYwNDE5MDQwMTE5WhcNMjYwNDIwMDQwMTE5WjAzMTEwLwYDVQQD
EygwMzEyOGEyZDAyOGQ3N2I5YmFjNzliMDU2NTU1ODcxOTA1NjVlNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjqOwM7NAyk9sU+/tzIa0SkmGtnI
gkR+l/L9vSsiftycbLKEq2yfLfnlxBtmvAdHm0hN7RN2ckJCbfzDM3HM7dvEWKNu
JMVbpmxDOJi9wdNG1rq+Kc0zQPFo1S45NfEp64Muw1TxY8oXwy10Of8g+amuWylR
6p0rhvqvk/fsWJqH99A/aq1Md9CNWrU193wI3r1xAiq7a3xtcFSRN8O98HmP2AoC
eFl92Fx++MWQ+iUbxUlBpfUCH37R75D3v2PxPAFb4hC5WNO1VpDW7NFlS2FLyKDp
cmLaGdRpoq4kUqOzuGlXURSYN8qiwXMJYBbEdDV7eIfR/hqeH7jwod/x5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMSii0CjXe5usebBWVVhxkFZeebMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALOY6V8UN
SxaruT8lwYfdNYvmYAQA/nH04yQ/PVB80v3GRL1X/1Z0v61atFAHY3vu9IHE4WiQ
gBS13dTYVHgEhZJrEQBE6iVvyhnUGIh1CApUFuU4ML2QHCnH7t83hqyWRAraYAyE
9QJ3Eg/TTOmUW9O7B8DfhBCCp3rW82TqKqiiOy3hRNOjbCrdVG3dxk1eCIYSnj/h
SGj086TM4JoCJyjE7QW76sS3tBhRl1eQzEyfiE1ehfqgrzRvqaXI0KSSW6g1cN0Q
b1cQ2svwRonl6ORQdCuY0WXmA2VM6Sm68YwLUMu5ExzZlCuUyXSFd0R3Pi9ncdz/
m4wrZ2QPEl3AKw==
-----END CERTIFICATE-----