Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          vFG3ngTcoJFhSJD0OdbcS3m0G1el8F0DkCPaD/GH4+c=
Subject key identifier:   37:3F:14:6F:38:B1:38:DE:48:76:DB:FF:8B:6A:EC:C0:0D:9E:B0:4C
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       019CADFE719D866CB51F6C35FC77C305C3F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0E09
Signing time:             Mon 02 Mar 2026 10:00:59 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:59 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:59 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: 8dxCQE0wjfgbM49CotglwUyxsYzB6EMO0vBBj63TZCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 10:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:71:9d:86:6c:b5:1f:6c:35:fc:77:c3:05:c3:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Mar  2 10:00:59 2026 GMT
            Not After : Mar  3 10:00:59 2026 GMT
        Subject: CN=373f146f38b138de4876dbff8b6aecc00d9eb04c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:94:b7:73:8b:a3:2c:a1:f0:47:57:40:1e:c2:
                    33:2c:78:99:fc:bc:80:65:e1:88:d8:51:3f:95:10:
                    72:99:53:c5:ef:66:51:80:c5:a9:5f:7a:c7:14:70:
                    ec:51:5e:1b:4a:3f:a1:32:cd:27:3a:5a:34:10:43:
                    71:ec:ec:f1:05:4f:b8:9d:4f:f3:92:07:43:04:c5:
                    da:0f:6a:55:76:ec:1e:4e:fe:31:94:5b:e2:ca:f4:
                    2d:5b:78:60:27:f4:b1:69:45:8e:45:40:8d:e0:3c:
                    2a:64:aa:31:12:33:c9:e0:c7:57:f9:98:44:64:54:
                    c1:d0:e0:a7:25:15:10:6c:ed:77:16:f8:60:08:05:
                    28:32:ce:1b:44:23:a8:cb:96:d9:4b:30:50:70:34:
                    df:28:3a:1b:36:b2:4d:4d:19:94:27:17:48:20:8e:
                    03:ed:d2:69:d4:7f:28:7d:7a:64:2c:da:e6:a5:d8:
                    8d:7f:0e:21:a0:ac:df:46:26:e3:9a:d4:2f:d5:56:
                    e9:e5:78:cb:b4:c0:46:d1:9e:f9:31:fa:9e:8e:41:
                    42:94:70:8c:c1:9d:96:78:5b:67:53:57:fe:ed:da:
                    46:ce:59:9d:cf:cb:d9:ca:91:01:d0:de:9c:65:4a:
                    05:6d:80:98:18:70:c6:39:b7:39:c5:f5:97:c5:48:
                    15:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:3F:14:6F:38:B1:38:DE:48:76:DB:FF:8B:6A:EC:C0:0D:9E:B0:4C
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:85:1a:0e:69:9b:4c:f3:71:c9:63:32:b5:f9:a4:06:71:1b:
         8e:77:8c:47:f8:f4:9a:0e:23:f8:92:79:76:55:84:94:54:ab:
         33:37:5e:53:69:b8:1b:f2:0f:5f:4c:c3:a2:95:b8:2d:62:02:
         ba:3d:98:ed:91:03:dc:00:5b:60:b9:c8:91:bd:7a:94:80:6e:
         65:61:1a:e8:3d:2f:7c:3e:74:98:7a:51:40:6b:cd:41:97:a9:
         f2:b5:c5:7c:bf:39:b1:06:9c:65:fe:8b:fa:26:ff:c8:3e:c9:
         10:b4:c3:26:ac:83:a2:77:20:46:1b:87:44:ec:8b:f2:e6:66:
         7c:9b:ca:d5:de:f1:e4:c6:94:ef:91:02:99:e2:1f:0e:5d:0f:
         3b:f0:f6:72:2d:ae:5e:7f:ba:26:1a:51:39:a1:87:2b:13:7b:
         9a:8c:3c:68:d9:72:6d:9b:18:4c:e9:15:5a:c6:ff:82:8a:15:
         46:53:1a:d1:a2:7f:00:96:83:3f:a1:2c:49:6f:2b:dd:30:03:
         f8:1d:e5:f0:0a:a1:8b:fd:b1:ba:37:59:93:03:70:2f:33:7a:
         a1:15:13:8f:33:a7:7a:38:17:8b:a8:83:ec:6f:27:69:80:0f:
         67:e9:ff:0a:92:a7:e3:e0:a0:15:76:4e:f7:05:4e:9b:c0:39:
         03:f2:50:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/nGdhmy1H2w1/HfDBcPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjYwMzAyMTAwMDU5WhcNMjYwMzAzMTAwMDU5WjAzMTEwLwYDVQQD
EygzNzNmMTQ2ZjM4YjEzOGRlNDg3NmRiZmY4YjZhZWNjMDBkOWViMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupS3c4ujLKHwR1dAHsIzLHiZ/LyA
ZeGI2FE/lRBymVPF72ZRgMWpX3rHFHDsUV4bSj+hMs0nOlo0EENx7OzxBU+4nU/z
kgdDBMXaD2pVduweTv4xlFviyvQtW3hgJ/SxaUWORUCN4DwqZKoxEjPJ4MdX+ZhE
ZFTB0OCnJRUQbO13FvhgCAUoMs4bRCOoy5bZSzBQcDTfKDobNrJNTRmUJxdIII4D
7dJp1H8ofXpkLNrmpdiNfw4hoKzfRibjmtQv1Vbp5XjLtMBG0Z75MfqejkFClHCM
wZ2WeFtnU1f+7dpGzlmdz8vZypEB0N6cZUoFbYCYGHDGObc5xfWXxUgV9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDc/FG84sTjeSHbb/4tq7MANnrBMMB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOIUaDmmb
TPNxyWMytfmkBnEbjneMR/j0mg4j+JJ5dlWElFSrMzdeU2m4G/IPX0zDopW4LWIC
uj2Y7ZED3ABbYLnIkb16lIBuZWEa6D0vfD50mHpRQGvNQZep8rXFfL85sQacZf6L
+ib/yD7JELTDJqyDoncgRhuHROyL8uZmfJvK1d7x5MaU75ECmeIfDl0PO/D2ci2u
Xn+6JhpROaGHKxN7mow8aNlybZsYTOkVWsb/gooVRlMa0aJ/AJaDP6EsSW8r3TAD
+B3l8Aqhi/2xujdZkwNwLzN6oRUTjzOnejgXi6iD7G8naYAPZ+n/CpKn4+CgFXZO
9wVOm8A5A/JQpg==
-----END CERTIFICATE-----