Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
File:                     VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json)
Hash identifier:          AYd8NkbiV7av1EHkgnDXSrIHLJBOLaJubULVaYgnY/s=
Subject key identifier:   53:CC:28:78:9D:A1:B8:41:70:05:19:68:6D:75:95:DC:97:63:54:6E
Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59
Certificate issuer:       /CN=56442d378a87932b76daf92ce8fc9ef341ebc759
Certificate serial:       019D9B880E18CC7B0DEB27E11DE5F5541DE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
Manifest number:          0E84
Signing time:             Fri 17 Apr 2026 13:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:18 +0000
Files and hashes:         1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: 3uMqe5eU6TE4aky9g7nO2MhiEIhtN8wF6x0GW51anK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:88:0e:18:cc:7b:0d:eb:27:e1:1d:e5:f5:54:1d:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759
        Validity
            Not Before: Apr 17 13:01:18 2026 GMT
            Not After : Apr 18 13:01:18 2026 GMT
        Subject: CN=53cc28789da1b841700519686d7595dc9763546e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ad:e8:69:aa:cf:5f:cc:df:e8:6f:fb:63:86:
                    0b:ce:f6:ce:40:3a:eb:bd:90:bc:1a:08:bb:8c:33:
                    fa:20:e7:59:36:df:8f:bd:7a:ab:f6:67:5b:6c:8b:
                    39:6e:5c:29:7f:34:10:98:cc:2f:92:05:3f:e2:18:
                    c6:2b:84:3f:34:21:23:4f:60:aa:ad:d0:c9:8e:a4:
                    b8:58:f4:3e:3a:e6:51:ce:35:b3:33:df:46:79:8e:
                    10:65:cc:14:e8:82:a7:5a:f5:0e:fd:c9:6e:14:c9:
                    fe:ce:f9:89:b9:5d:5e:26:c5:45:c8:a8:0f:1b:6b:
                    62:9a:24:4a:68:88:78:26:ee:6b:dc:3a:47:c1:39:
                    dc:30:75:68:3a:62:98:8d:a9:40:20:b4:04:81:2c:
                    27:f4:3c:31:eb:7b:d0:dd:1c:3f:40:ee:79:2b:af:
                    93:78:83:0d:1d:24:29:22:55:74:08:30:9f:df:16:
                    30:54:42:16:07:aa:96:93:97:03:30:62:22:64:b5:
                    0f:7b:df:40:79:38:4c:ab:22:95:27:6a:ef:8e:61:
                    39:78:f0:5c:a3:47:39:13:f8:8b:ea:8f:ed:04:c3:
                    74:26:49:67:ec:9e:9d:4e:97:38:a5:10:5e:6c:5d:
                    3a:71:de:5f:f1:bf:9d:8b:41:dd:73:79:f6:74:b3:
                    3c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:CC:28:78:9D:A1:B8:41:70:05:19:68:6D:75:95:DC:97:63:54:6E
            X509v3 Authority Key Identifier:
                keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:c5:97:be:04:eb:25:75:a1:7c:ed:bf:60:69:62:2a:69:6c:
         7c:70:14:97:2e:c3:1d:7b:12:c9:ba:fa:bd:c1:59:62:0a:e3:
         66:b8:06:77:cb:62:ed:c5:fc:22:ba:31:53:59:68:1b:ad:0a:
         2f:2f:1f:05:ed:ff:fd:35:10:6b:a9:e1:2e:ef:a5:2e:19:dc:
         47:aa:52:8e:35:ad:a9:5d:b9:aa:1f:d7:bc:58:d8:6d:ca:cc:
         e3:65:a9:79:3b:2b:2b:5d:42:fa:4e:e0:90:65:44:f2:88:d5:
         d1:2a:cf:e6:52:7d:3e:0d:3a:74:4b:f1:52:d8:34:a7:45:c4:
         14:32:bc:c0:bd:59:eb:ce:f5:55:17:83:4c:9f:db:d5:92:e4:
         47:30:c5:aa:c7:f4:cc:cf:fd:27:4b:77:b0:9b:95:c6:fc:de:
         b0:c7:30:42:09:21:a0:8d:f0:80:4e:b1:ca:f6:f7:e4:b3:3d:
         73:25:61:01:71:e0:f3:1d:14:74:d0:a4:c1:05:37:6f:2b:8b:
         fd:85:cd:35:3a:11:ae:d1:59:91:92:b7:cb:16:c9:df:fb:1a:
         ac:98:32:49:cd:4f:a2:77:e9:8e:23:18:0c:8c:72:41:a1:a9:
         32:8f:61:16:29:ea:a4:71:11:e3:33:69:90:7b:5a:53:09:52:
         30:3d:6a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2biA4YzHsN6yfhHeX1VB3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl
YmM3NTkwHhcNMjYwNDE3MTMwMTE4WhcNMjYwNDE4MTMwMTE4WjAzMTEwLwYDVQQD
Eyg1M2NjMjg3ODlkYTFiODQxNzAwNTE5Njg2ZDc1OTVkYzk3NjM1NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq3oaarPX8zf6G/7Y4YLzvbOQDrr
vZC8Ggi7jDP6IOdZNt+PvXqr9mdbbIs5blwpfzQQmMwvkgU/4hjGK4Q/NCEjT2Cq
rdDJjqS4WPQ+OuZRzjWzM99GeY4QZcwU6IKnWvUO/cluFMn+zvmJuV1eJsVFyKgP
G2timiRKaIh4Ju5r3DpHwTncMHVoOmKYjalAILQEgSwn9Dwx63vQ3Rw/QO55K6+T
eIMNHSQpIlV0CDCf3xYwVEIWB6qWk5cDMGIiZLUPe99AeThMqyKVJ2rvjmE5ePBc
o0c5E/iL6o/tBMN0Jkln7J6dTpc4pRBebF06cd5f8b+di0Hdc3n2dLM83wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPMKHidobhBcAUZaG11ldyXY1RuMB8GA1UdIwQY
MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt
OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi
LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy8WXvgTr
JXWhfO2/YGliKmlsfHAUly7DHXsSybr6vcFZYgrjZrgGd8ti7cX8IroxU1loG60K
Ly8fBe3//TUQa6nhLu+lLhncR6pSjjWtqV25qh/XvFjYbcrM42WpeTsrK11C+k7g
kGVE8ojV0SrP5lJ9Pg06dEvxUtg0p0XEFDK8wL1Z6871VReDTJ/b1ZLkRzDFqsf0
zM/9J0t3sJuVxvzesMcwQgkhoI3wgE6xyvb35LM9cyVhAXHg8x0UdNCkwQU3byuL
/YXNNToRrtFZkZK3yxbJ3/sarJgySc1PonfpjiMYDIxyQaGpMo9hFinqpHER4zNp
kHtaUwlSMD1qFQ==
-----END CERTIFICATE-----