Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft
File:                     vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft (raw, json)
Hash identifier:          KicNWYO06XbtdmcKr28O/Rv25QfM631MZjcj5JRZI/o=
Subject key identifier:   87:C7:53:55:38:9B:B2:E9:6E:D9:E9:A8:BD:F3:27:53:42:AC:AB:5E
Authority key identifier: BD:D6:41:05:A1:9D:CD:5C:67:5C:0A:3F:98:EE:8C:60:4E:80:8F:1B
Certificate issuer:       /CN=bdd64105a19dcd5c675c0a3f98ee8c604e808f1b
Certificate serial:       019CAD59941C73645E1F8CAD42C9B3010A55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft
Manifest number:          0D21
Signing time:             Mon 02 Mar 2026 07:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:54 +0000
Files and hashes:         1: vdZBBaGdzVxnXAo_mO6MYE6Ajxs.crl (hash: Y5ZQLd8y8fT7YC0QU0ux57bQKgm7h/bzJOdmPRCLzHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:94:1c:73:64:5e:1f:8c:ad:42:c9:b3:01:0a:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd64105a19dcd5c675c0a3f98ee8c604e808f1b
        Validity
            Not Before: Mar  2 07:00:54 2026 GMT
            Not After : Mar  3 07:00:54 2026 GMT
        Subject: CN=87c75355389bb2e96ed9e9a8bdf3275342acab5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:62:6d:ae:74:e9:73:73:b9:c9:e5:7e:36:59:
                    11:31:18:68:8a:ba:6a:78:cd:11:7d:67:51:c1:c1:
                    c8:c0:74:c4:cd:fa:f2:43:c5:2b:fc:56:a0:1d:cf:
                    52:47:12:9a:0a:ad:f2:2c:5f:4c:14:2a:58:d4:a9:
                    e8:07:62:09:a5:0c:fe:8a:4d:17:f7:5e:4e:91:42:
                    c2:ea:e4:39:0d:a1:97:42:70:97:11:5e:f2:56:8c:
                    2f:3f:06:28:18:f6:76:bb:98:70:4a:e8:51:41:da:
                    c6:53:0c:a6:52:30:08:61:ee:51:9b:67:a4:c8:d8:
                    a3:29:34:ea:d7:20:79:45:cc:dd:7c:c0:2a:90:b9:
                    75:60:40:2e:92:4c:44:9c:88:3a:57:3b:94:d8:cc:
                    06:1b:d1:ac:c8:c3:2f:22:af:0c:79:9e:74:52:c3:
                    d5:ea:8a:a6:8f:6c:36:bc:91:88:5f:12:7c:b0:07:
                    e9:10:13:7f:b5:87:ac:25:92:48:cc:85:b2:b2:6c:
                    0b:17:dd:f0:7b:23:6b:9b:28:25:17:ce:e9:87:10:
                    9e:7e:0a:d2:4a:c9:65:97:a5:f2:92:a2:d1:59:58:
                    12:7c:2b:fc:3b:e0:5e:04:1d:a3:2f:05:27:a1:61:
                    de:8b:44:52:e4:e6:f1:96:d7:35:5c:ce:ab:18:8d:
                    85:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C7:53:55:38:9B:B2:E9:6E:D9:E9:A8:BD:F3:27:53:42:AC:AB:5E
            X509v3 Authority Key Identifier:
                keyid:BD:D6:41:05:A1:9D:CD:5C:67:5C:0A:3F:98:EE:8C:60:4E:80:8F:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0184bd-b5d2-4b9c-916b-d0456f729873/1/vdZBBaGdzVxnXAo_mO6MYE6Ajxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:4e:c5:a3:84:e6:8a:2c:01:17:ec:bc:fd:50:df:6a:43:09:
         ec:af:e0:ce:4b:60:94:ee:04:c2:30:f2:e2:8a:a8:9e:df:e0:
         6f:e7:af:dd:43:80:ca:5a:79:71:f6:a3:f5:0c:1b:bd:1d:b4:
         06:b0:4b:8c:55:c9:49:e4:75:b0:35:4c:be:01:48:38:e4:84:
         f6:5b:93:cd:72:8a:23:40:f3:b8:9b:55:da:6f:8a:27:cb:24:
         c6:0e:e5:77:d0:fb:de:98:22:4b:76:17:a8:11:4a:53:e2:06:
         ac:90:2c:a1:0b:77:9c:d2:58:b3:7f:06:1e:a1:fb:84:14:eb:
         50:b5:45:52:84:35:60:8c:02:a3:cb:78:69:bc:16:3f:ed:94:
         e9:9c:08:cd:a0:f1:96:07:6e:03:ee:5e:6d:2c:da:92:1f:e2:
         ac:42:64:f8:9a:51:61:0d:95:44:d3:fe:db:1c:c4:01:91:46:
         5f:02:6c:91:b2:29:f5:b4:74:e6:ff:d3:48:56:5f:d9:7f:c2:
         1d:50:bc:79:2b:3e:51:0d:a6:9f:f2:cb:89:1a:3f:8b:ab:91:
         44:e4:e7:4e:33:7e:93:45:f5:93:7b:0e:68:e6:6f:68:d4:c6:
         24:42:53:fa:f7:f5:cb:10:b9:a4:11:ef:ca:e8:cc:9b:03:cc:
         a2:86:cc:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZQcc2ReH4ytQsmzAQpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDY0MTA1YTE5ZGNkNWM2NzVjMGEzZjk4ZWU4YzYwNGU4
MDhmMWIwHhcNMjYwMzAyMDcwMDU0WhcNMjYwMzAzMDcwMDU0WjAzMTEwLwYDVQQD
Eyg4N2M3NTM1NTM4OWJiMmU5NmVkOWU5YThiZGYzMjc1MzQyYWNhYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGJtrnTpc3O5yeV+NlkRMRhoirpq
eM0RfWdRwcHIwHTEzfryQ8Ur/FagHc9SRxKaCq3yLF9MFCpY1KnoB2IJpQz+ik0X
915OkULC6uQ5DaGXQnCXEV7yVowvPwYoGPZ2u5hwSuhRQdrGUwymUjAIYe5Rm2ek
yNijKTTq1yB5RczdfMAqkLl1YEAukkxEnIg6VzuU2MwGG9GsyMMvIq8MeZ50UsPV
6oqmj2w2vJGIXxJ8sAfpEBN/tYesJZJIzIWysmwLF93weyNrmyglF87phxCefgrS
Sslll6XykqLRWVgSfCv8O+BeBB2jLwUnoWHei0RS5Obxltc1XM6rGI2FMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfHU1U4m7LpbtnpqL3zJ1NCrKteMB8GA1UdIwQY
MBaAFL3WQQWhnc1cZ1wKP5jujGBOgI8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRaQkJhR2R6VnhuWEFvX21PNk1ZRTZBanhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMTg0YmQtYjVkMi00YjljLTkxNmIt
ZDA0NTZmNzI5ODczLzEvdmRaQkJhR2R6VnhuWEFvX21PNk1ZRTZBanhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMTg0YmQtYjVkMi00YjljLTkxNmItZDA0NTZmNzI5ODcz
LzEvdmRaQkJhR2R6VnhuWEFvX21PNk1ZRTZBanhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEE7Fo4Tm
iiwBF+y8/VDfakMJ7K/gzktglO4EwjDy4oqont/gb+ev3UOAylp5cfaj9QwbvR20
BrBLjFXJSeR1sDVMvgFIOOSE9luTzXKKI0DzuJtV2m+KJ8skxg7ld9D73pgiS3YX
qBFKU+IGrJAsoQt3nNJYs38GHqH7hBTrULVFUoQ1YIwCo8t4abwWP+2U6ZwIzaDx
lgduA+5ebSzakh/irEJk+JpRYQ2VRNP+2xzEAZFGXwJskbIp9bR05v/TSFZf2X/C
HVC8eSs+UQ2mn/LLiRo/i6uRROTnTjN+k0X1k3sOaOZvaNTGJEJT+vf1yxC5pBHv
yujMmwPMoobMEw==
-----END CERTIFICATE-----