Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          +RDfOvANCci6mQPGVLkxzyhW2wyzEQANnW3HmPam00w=
Subject key identifier:   AF:B3:BD:A7:CB:17:23:30:5A:3C:0C:34:3D:40:EE:DC:22:6C:9A:F3
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019CAB6C0DE359A72EFE9FFA4F81904160D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:01:51 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:51 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:51 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: hLhOrUvLUP43mj+C7g2JvDB9WvW6V7QI+vw3GCdIY4c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6c:0d:e3:59:a7:2e:fe:9f:fa:4f:81:90:41:60:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Mar  1 22:01:51 2026 GMT
            Not After : Mar  2 22:01:51 2026 GMT
        Subject: CN=afb3bda7cb1723305a3c0c343d40eedc226c9af3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f0:f5:5a:f2:bd:5c:6b:d2:9d:19:56:25:aa:
                    e7:fd:8b:3f:72:a2:76:38:72:e5:08:95:49:ff:0a:
                    55:71:85:c6:4e:1f:12:b1:cf:1c:5f:ef:59:b0:1c:
                    c3:1d:ad:7c:42:1d:5b:39:a4:45:dd:dd:0f:3c:ee:
                    ae:40:0a:3e:27:b9:43:d6:04:8b:ff:ff:0a:e5:76:
                    af:a8:e6:82:76:cd:85:e1:88:f3:25:b1:04:22:f8:
                    24:c2:c6:32:30:3c:35:37:34:dd:9b:64:be:9c:99:
                    19:11:3a:f0:e0:16:2e:a5:42:9c:97:69:59:02:70:
                    fd:42:93:70:8e:a7:7b:1a:a5:75:ac:63:df:6a:f1:
                    47:cb:78:82:2a:22:e3:9e:16:2d:20:ec:a4:f1:00:
                    6f:2a:92:e5:88:56:d7:98:fb:ce:1f:15:30:b5:a4:
                    7b:05:f8:c4:8f:da:0b:c3:f5:cc:0c:f2:74:f2:bd:
                    1a:4a:8d:24:57:4b:98:e8:ad:c1:87:fa:c2:92:05:
                    3d:e1:ba:6d:52:aa:8d:71:9c:0b:3a:69:d5:ef:e3:
                    3b:98:d6:10:29:eb:06:6c:af:b5:85:88:0f:94:89:
                    f7:96:19:7f:1b:db:1d:3a:88:fa:15:a0:bd:37:e6:
                    e2:54:dd:70:f8:52:1e:4c:8e:bd:ee:7e:aa:67:c6:
                    da:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:B3:BD:A7:CB:17:23:30:5A:3C:0C:34:3D:40:EE:DC:22:6C:9A:F3
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:50:e9:89:a4:2a:a2:a1:73:7d:41:0d:2a:a8:d8:1c:7d:06:
         56:f3:72:4c:51:64:7a:b9:6b:e5:df:77:08:03:e1:cb:72:08:
         38:a3:46:4a:e2:1f:03:98:95:ca:d5:b4:52:34:97:66:d0:af:
         13:5b:bb:90:0e:05:0b:75:f4:99:e2:10:73:8b:20:0a:c4:6a:
         b6:84:1e:c5:3a:cb:a3:86:54:69:94:4d:86:80:5b:85:db:e0:
         90:e1:b5:8f:87:15:2f:fe:86:68:ac:25:fc:f1:f7:b2:71:a5:
         5d:0b:55:58:cb:09:92:49:fc:9e:b1:5a:98:4f:70:b8:96:58:
         9c:34:31:a6:8b:3b:8f:7d:f5:de:55:47:d1:83:a6:9a:49:6d:
         48:e5:95:2a:fb:27:44:1d:26:e5:fe:72:d5:7c:fc:99:13:fd:
         88:f1:c6:47:3f:f5:24:5f:e9:80:be:3e:5e:7f:34:9f:41:f3:
         66:50:d9:0e:f7:23:eb:34:ec:74:77:46:ef:ff:86:b6:a3:70:
         05:fe:d2:c0:35:15:92:65:13:ff:5c:a4:c5:c3:f6:7e:64:e0:
         57:14:2c:4b:c0:38:5d:ed:cf:49:6e:20:c2:10:1b:2f:8f:cf:
         9f:9d:6f:dc:69:8d:10:e8:63:d7:bc:b1:99:18:34:50:1a:3f:
         fa:ac:1c:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrbA3jWacu/p/6T4GQQWDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjYwMzAxMjIwMTUxWhcNMjYwMzAyMjIwMTUxWjAzMTEwLwYDVQQD
EyhhZmIzYmRhN2NiMTcyMzMwNWEzYzBjMzQzZDQwZWVkYzIyNmM5YWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vD1WvK9XGvSnRlWJarn/Ys/cqJ2
OHLlCJVJ/wpVcYXGTh8Ssc8cX+9ZsBzDHa18Qh1bOaRF3d0PPO6uQAo+J7lD1gSL
//8K5XavqOaCds2F4YjzJbEEIvgkwsYyMDw1NzTdm2S+nJkZETrw4BYupUKcl2lZ
AnD9QpNwjqd7GqV1rGPfavFHy3iCKiLjnhYtIOyk8QBvKpLliFbXmPvOHxUwtaR7
BfjEj9oLw/XMDPJ08r0aSo0kV0uY6K3Bh/rCkgU94bptUqqNcZwLOmnV7+M7mNYQ
KesGbK+1hYgPlIn3lhl/G9sdOoj6FaC9N+biVN1w+FIeTI697n6qZ8baHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+zvafLFyMwWjwMND1A7twibJrzMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADVDpiaQq
oqFzfUENKqjYHH0GVvNyTFFkerlr5d93CAPhy3IIOKNGSuIfA5iVytW0UjSXZtCv
E1u7kA4FC3X0meIQc4sgCsRqtoQexTrLo4ZUaZRNhoBbhdvgkOG1j4cVL/6GaKwl
/PH3snGlXQtVWMsJkkn8nrFamE9wuJZYnDQxpos7j3313lVH0YOmmkltSOWVKvsn
RB0m5f5y1Xz8mRP9iPHGRz/1JF/pgL4+Xn80n0HzZlDZDvcj6zTsdHdG7/+GtqNw
Bf7SwDUVkmUT/1ykxcP2fmTgVxQsS8A4Xe3PSW4gwhAbL4/Pn51v3GmNEOhj17yx
mRg0UBo/+qwcBw==
-----END CERTIFICATE-----