Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          YssVpmbOXjLCUbN+sAlrdw8OflmeYlCB8ISeg18gYgM=
Subject key identifier:   83:39:C9:C1:FA:61:52:86:E2:42:CC:B0:A1:E7:73:8F:E8:A8:BF:EE
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019D27A868E6B6D1012B802FD2C6F721304F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          16F3
Signing time:             Thu 26 Mar 2026 01:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:41 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: TR7TbL5WPYqlOBfzlFfvJDGR1k1RYSo7eoYF59h9GAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:68:e6:b6:d1:01:2b:80:2f:d2:c6:f7:21:30:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Mar 26 01:00:41 2026 GMT
            Not After : Mar 27 01:00:41 2026 GMT
        Subject: CN=8339c9c1fa615286e242ccb0a1e7738fe8a8bfee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ee:12:4d:2b:34:3b:54:39:f9:d7:d8:94:0f:
                    09:36:22:98:2b:90:a0:40:7f:09:01:f5:e9:bd:c9:
                    e7:02:68:da:c6:e7:86:90:1d:69:93:00:eb:c9:a0:
                    5f:c8:5f:7d:8c:79:59:cf:14:89:7a:11:5b:fa:19:
                    f3:68:06:0b:be:9d:78:38:17:06:13:81:81:04:e3:
                    fd:44:54:cc:13:38:fd:e9:95:57:09:4d:e6:92:44:
                    2a:dc:76:83:d7:ad:ce:d8:50:23:c9:b9:7b:34:1a:
                    c1:19:12:0b:92:d5:f7:62:7a:02:83:02:94:82:71:
                    9d:65:7b:a8:20:a0:95:7b:09:75:c0:e4:0b:06:1d:
                    dc:48:e5:d7:00:0b:37:68:4c:74:d8:3c:5e:b9:f6:
                    fd:50:6b:8d:1e:5f:c9:37:e6:cd:c6:c9:d8:44:60:
                    f4:53:d0:6c:2e:bb:1c:f0:e3:82:2f:73:4f:3b:ca:
                    df:f7:1d:01:21:27:ba:6e:5c:91:3a:c2:46:dd:f5:
                    6e:90:b5:e3:14:ad:7b:13:8f:c4:72:fd:48:9e:28:
                    e8:e6:9a:1e:f4:bd:4e:68:03:b2:8c:03:fc:ff:b7:
                    ac:65:60:fe:48:4c:26:44:45:a2:18:15:db:75:68:
                    98:0f:b0:3a:ad:83:ff:99:c7:6b:b4:9e:a8:7c:91:
                    c2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:39:C9:C1:FA:61:52:86:E2:42:CC:B0:A1:E7:73:8F:E8:A8:BF:EE
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:c2:2c:56:d3:05:9b:33:47:f3:da:af:b1:31:bf:35:a6:cd:
         d9:fb:f4:fc:d7:af:35:61:ea:7d:df:24:62:81:fd:cf:5d:60:
         a1:e0:74:d0:14:dd:0f:8d:c4:6d:48:05:37:5b:e5:84:65:ff:
         27:d2:6c:f3:e3:55:2a:3a:71:fd:9a:2c:69:6d:99:7b:bf:f4:
         57:93:51:74:5a:12:38:b6:6a:61:2f:9b:4d:9f:6a:2b:5c:52:
         6e:a2:17:78:de:cd:11:bf:37:b6:25:71:13:e9:06:d7:3a:f1:
         61:c6:7f:46:b8:c2:9d:b8:1c:47:65:d5:24:56:c6:ab:7a:11:
         40:24:60:1e:a3:73:61:33:ee:48:91:80:8e:b3:15:0a:93:32:
         c1:88:24:6f:c8:6d:e3:d4:52:e7:0a:2b:98:35:0e:ef:42:1b:
         7e:ea:f7:9c:1e:e7:4c:c1:1b:45:0b:6e:a7:f0:9a:41:f4:0f:
         80:b6:77:62:83:0d:b8:b2:53:ef:71:3a:fc:32:6f:6c:3f:a7:
         fe:3b:85:a7:40:d4:fd:4d:64:27:c5:74:a1:74:ad:9a:00:01:
         59:a6:f3:5a:17:df:8b:2c:d8:7e:76:b8:25:78:1b:69:52:a9:
         2d:ec:0c:c4:3b:3c:96:b5:d5:f1:6f:a9:cf:3a:fc:b3:47:6d:
         42:91:08:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqGjmttEBK4Av0sb3ITBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjYwMzI2MDEwMDQxWhcNMjYwMzI3MDEwMDQxWjAzMTEwLwYDVQQD
Eyg4MzM5YzljMWZhNjE1Mjg2ZTI0MmNjYjBhMWU3NzM4ZmU4YThiZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze4STSs0O1Q5+dfYlA8JNiKYK5Cg
QH8JAfXpvcnnAmjaxueGkB1pkwDryaBfyF99jHlZzxSJehFb+hnzaAYLvp14OBcG
E4GBBOP9RFTMEzj96ZVXCU3mkkQq3HaD163O2FAjybl7NBrBGRILktX3YnoCgwKU
gnGdZXuoIKCVewl1wOQLBh3cSOXXAAs3aEx02Dxeufb9UGuNHl/JN+bNxsnYRGD0
U9BsLrsc8OOCL3NPO8rf9x0BISe6blyROsJG3fVukLXjFK17E4/Ecv1Inijo5poe
9L1OaAOyjAP8/7esZWD+SEwmREWiGBXbdWiYD7A6rYP/mcdrtJ6ofJHC+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIM5ycH6YVKG4kLMsKHnc4/oqL/uMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMIsVtMF
mzNH89qvsTG/NabN2fv0/NevNWHqfd8kYoH9z11goeB00BTdD43EbUgFN1vlhGX/
J9Js8+NVKjpx/ZosaW2Ze7/0V5NRdFoSOLZqYS+bTZ9qK1xSbqIXeN7NEb83tiVx
E+kG1zrxYcZ/RrjCnbgcR2XVJFbGq3oRQCRgHqNzYTPuSJGAjrMVCpMywYgkb8ht
49RS5wormDUO70Ibfur3nB7nTMEbRQtup/CaQfQPgLZ3YoMNuLJT73E6/DJvbD+n
/juFp0DU/U1kJ8V0oXStmgABWabzWhffiyzYfna4JXgbaVKpLewMxDs8lrXV8W+p
zzr8s0dtQpEItw==
-----END CERTIFICATE-----