Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft
File:                     A0BZzz9bz7oJObTF2cPThs7NTOw.mft (raw, json)
Hash identifier:          Eh42vI3qVw6UQYo6Q1KEHKqBTemBkpqCpRv3lVv3D7k=
Subject key identifier:   98:49:A8:D5:9A:21:0E:45:EC:6E:B2:52:B7:0D:0B:5D:80:6F:7D:7B
Authority key identifier: 03:40:59:CF:3F:5B:CF:BA:09:39:B4:C5:D9:C3:D3:86:CE:CD:4C:EC
Certificate issuer:       /CN=034059cf3f5bcfba0939b4c5d9c3d386cecd4cec
Certificate serial:       019E1C7D568937CB157BA334BD30746068A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft
Manifest number:          02D1
Signing time:             Tue 12 May 2026 14:00:36 +0000
Manifest this update:     Tue 12 May 2026 14:00:36 +0000
Manifest next update:     Wed 13 May 2026 14:00:36 +0000
Files and hashes:         1: A0BZzz9bz7oJObTF2cPThs7NTOw.crl (hash: L2nxH3lnBK4svPNTnSCzHOtTYMAc9SRi9N/pBwC7mo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:7d:56:89:37:cb:15:7b:a3:34:bd:30:74:60:68:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=034059cf3f5bcfba0939b4c5d9c3d386cecd4cec
        Validity
            Not Before: May 12 14:00:36 2026 GMT
            Not After : May 13 14:00:36 2026 GMT
        Subject: CN=9849a8d59a210e45ec6eb252b70d0b5d806f7d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:58:ba:57:39:99:38:90:cd:dc:d2:93:bb:6b:
                    0e:2c:6a:c7:1d:0a:73:c4:00:5c:f1:2e:ce:a6:d2:
                    d9:cd:ba:42:15:69:75:31:94:a0:61:61:9e:14:95:
                    ef:bf:27:f5:6c:26:a1:2c:c0:76:61:2a:c1:93:4b:
                    4b:19:d8:41:50:60:dc:ea:1b:02:2d:e8:f9:f4:93:
                    de:31:6c:3c:79:2d:ba:20:8d:5d:4b:b4:ee:03:90:
                    a9:85:dd:1b:7f:90:4f:bd:53:49:dc:0b:75:ec:98:
                    26:8c:c1:5b:c8:cb:27:f0:6f:9b:8a:d9:0a:fa:09:
                    15:98:6d:66:28:5b:49:4a:b0:2e:3a:d8:d1:62:70:
                    db:ce:28:6e:58:c2:d6:99:b0:02:f1:1b:49:22:3e:
                    ea:43:9e:78:f4:76:c7:a3:95:19:54:26:03:bc:89:
                    4b:17:51:1e:65:8b:6b:c5:b8:ba:13:15:88:91:df:
                    f8:2d:a2:71:ec:17:94:be:fe:2a:05:b1:93:00:0f:
                    f6:7c:12:1f:7d:32:71:d7:a0:62:dd:f3:42:8f:cf:
                    ac:2b:fa:d4:eb:95:9e:97:74:7c:92:d8:80:4c:a6:
                    b6:5f:49:71:52:85:ef:d6:00:c0:1d:69:9b:8a:aa:
                    f1:83:0d:6e:f7:db:cb:2d:09:84:ab:dd:7c:b4:2d:
                    78:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:49:A8:D5:9A:21:0E:45:EC:6E:B2:52:B7:0D:0B:5D:80:6F:7D:7B
            X509v3 Authority Key Identifier:
                keyid:03:40:59:CF:3F:5B:CF:BA:09:39:B4:C5:D9:C3:D3:86:CE:CD:4C:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:15:a9:b1:d0:95:7a:14:55:00:34:c9:4b:1e:3a:dd:0a:15:
         15:d1:7d:88:32:01:09:5f:98:ae:1c:b9:90:47:dc:e5:da:ac:
         cd:91:8e:c3:f1:1b:05:c3:8a:de:49:f0:44:c8:a2:84:ea:31:
         28:65:86:9d:ea:98:47:b1:ee:f8:b5:51:cb:cf:81:da:f3:8b:
         b2:5a:42:24:06:b8:46:03:8a:4d:17:fc:c3:0c:d2:33:6a:dd:
         56:91:3d:5c:fb:59:c0:c5:02:29:df:c9:03:ce:08:92:77:97:
         fb:12:e1:bd:45:ed:d9:52:09:3e:ff:f9:ea:76:1c:28:28:3d:
         2b:23:04:74:88:4d:20:8b:32:45:1f:98:fa:27:bd:90:91:72:
         0a:e8:f8:56:84:45:eb:80:bc:21:95:19:66:2b:7f:7b:5e:d0:
         7b:6d:ad:ca:e3:8c:fb:59:ae:10:04:32:e6:d1:da:f4:52:06:
         5b:ea:59:6a:ac:ac:8a:93:12:52:9a:36:73:ab:fd:41:8a:53:
         4c:92:37:73:9b:84:4f:6c:43:47:a3:72:19:91:db:a5:3c:90:
         5b:07:b1:88:40:6b:0a:21:85:8b:a2:2e:05:b7:2b:22:90:15:
         cd:70:3b:c9:03:aa:d5:75:f3:af:7f:06:61:a1:b5:1c:4d:27:
         36:ab:18:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfVaJN8sVe6M0vTB0YGilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNDA1OWNmM2Y1YmNmYmEwOTM5YjRjNWQ5YzNkMzg2Y2Vj
ZDRjZWMwHhcNMjYwNTEyMTQwMDM2WhcNMjYwNTEzMTQwMDM2WjAzMTEwLwYDVQQD
Eyg5ODQ5YThkNTlhMjEwZTQ1ZWM2ZWIyNTJiNzBkMGI1ZDgwNmY3ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFi6VzmZOJDN3NKTu2sOLGrHHQpz
xABc8S7OptLZzbpCFWl1MZSgYWGeFJXvvyf1bCahLMB2YSrBk0tLGdhBUGDc6hsC
Lej59JPeMWw8eS26II1dS7TuA5Cphd0bf5BPvVNJ3At17JgmjMFbyMsn8G+bitkK
+gkVmG1mKFtJSrAuOtjRYnDbzihuWMLWmbAC8RtJIj7qQ5549HbHo5UZVCYDvIlL
F1EeZYtrxbi6ExWIkd/4LaJx7BeUvv4qBbGTAA/2fBIffTJx16Bi3fNCj8+sK/rU
65Wel3R8ktiATKa2X0lxUoXv1gDAHWmbiqrxgw1u99vLLQmEq918tC14swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhJqNWaIQ5F7G6yUrcNC12Ab317MB8GA1UdIwQY
MBaAFANAWc8/W8+6CTm0xdnD04bOzUzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jNDUxZjYtODY2YS00MDkxLWFhODgt
ZjBhYmI5NTU4ZDQ1LzEvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jNDUxZjYtODY2YS00MDkxLWFhODgtZjBhYmI5NTU4ZDQ1
LzEvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArRWpsdCV
ehRVADTJSx463QoVFdF9iDIBCV+Yrhy5kEfc5dqszZGOw/EbBcOK3knwRMiihOox
KGWGneqYR7Hu+LVRy8+B2vOLslpCJAa4RgOKTRf8wwzSM2rdVpE9XPtZwMUCKd/J
A84IkneX+xLhvUXt2VIJPv/56nYcKCg9KyMEdIhNIIsyRR+Y+ie9kJFyCuj4VoRF
64C8IZUZZit/e17Qe22tyuOM+1muEAQy5tHa9FIGW+pZaqysipMSUpo2c6v9QYpT
TJI3c5uET2xDR6NyGZHbpTyQWwexiEBrCiGFi6IuBbcrIpAVzXA7yQOq1XXzr38G
YaG1HE0nNqsYgQ==
-----END CERTIFICATE-----