Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          pet3OJcsol256+djXYd3n0C1mOvhgD2Mp+4+td94q3c=
Subject key identifier:   51:25:14:2A:DF:54:69:86:58:43:3F:5D:45:E6:00:CF:25:7A:6F:48
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       019D28F31696FE3CCC38F2665ECA185BD840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0D8A
Signing time:             Thu 26 Mar 2026 07:01:52 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:52 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:52 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: cMvUrKPBS9kAKXF2i6OmnP7jvsJ5+7ccxdrxxBmJdNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:16:96:fe:3c:cc:38:f2:66:5e:ca:18:5b:d8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Mar 26 07:01:52 2026 GMT
            Not After : Mar 27 07:01:52 2026 GMT
        Subject: CN=5125142adf54698658433f5d45e600cf257a6f48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6e:dc:33:19:55:3f:3a:ae:92:7d:80:ab:02:
                    8f:34:2a:5f:c6:29:b4:d7:aa:d7:58:96:4d:11:9e:
                    cb:59:4a:8c:3d:35:dc:d7:b0:8f:e6:9c:eb:1d:58:
                    42:54:7c:0c:13:bb:2a:15:ee:ae:3e:30:81:5d:9f:
                    2f:7f:bb:5d:d1:0b:b1:70:d0:26:7a:35:fc:38:10:
                    4d:f8:75:dd:df:b8:c1:5b:7f:40:73:fd:68:35:a9:
                    2e:5d:cf:b4:8b:c4:e3:74:62:9b:15:0b:06:27:38:
                    29:7b:32:6a:06:aa:bd:cf:71:9c:b2:b7:bf:c6:5e:
                    c7:a9:62:c8:bf:93:dc:a0:dd:fa:15:69:47:21:e5:
                    6f:29:8f:4b:5b:ed:6d:22:ed:9b:4a:02:8f:41:16:
                    a0:24:04:ef:40:7a:8b:df:16:9f:a5:dc:e0:31:6b:
                    0c:78:4f:60:d6:0d:d3:ae:12:4f:5e:9b:8f:b6:f9:
                    87:6e:58:4a:98:2f:39:ad:32:51:8f:ba:26:b2:e5:
                    bd:c7:8c:9e:56:3b:c6:29:5b:2d:2e:2c:6b:40:90:
                    63:c3:9d:ae:09:b7:90:03:5b:be:ea:c5:4a:c2:f5:
                    10:d7:ee:f0:84:5a:45:df:f6:f7:a7:ed:80:4a:05:
                    59:f5:5b:ef:d1:8c:4a:19:c2:1c:74:9a:04:29:6b:
                    a3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:25:14:2A:DF:54:69:86:58:43:3F:5D:45:E6:00:CF:25:7A:6F:48
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:3f:55:66:37:60:09:b7:bd:71:d2:60:03:93:fc:1f:43:cc:
         50:46:7d:a3:3d:63:ad:d3:92:16:a1:b7:76:5c:21:3b:cd:15:
         c3:31:88:00:fc:4a:9a:b0:24:23:24:df:b0:c4:37:f7:3a:dd:
         ff:a1:22:ff:6d:75:d6:70:4b:e5:60:ba:e2:9e:c3:35:65:0e:
         ac:b1:d3:3f:90:86:c8:77:3f:2f:b0:6b:aa:d7:64:8b:8a:aa:
         79:54:85:b5:3c:8d:2e:91:17:fb:d0:77:ef:de:c6:a1:99:06:
         06:7b:a4:4c:b2:6b:01:fa:ef:f5:f7:cb:f0:ab:30:a8:29:29:
         dc:c9:1c:69:d5:c3:3c:3e:64:50:81:c9:eb:72:3f:35:f2:39:
         1b:fc:7d:b8:fa:75:4d:44:ac:6c:f1:53:66:e5:16:9d:20:d9:
         10:be:c1:99:a3:87:8b:6f:ca:18:df:92:3b:42:7e:02:e1:a2:
         23:cd:c4:ec:e8:44:ad:e8:f7:d1:f7:4c:9e:32:ae:d0:d0:f6:
         1e:d9:c2:59:93:c3:19:bd:bf:15:7e:c1:ac:29:7b:98:fa:98:
         d5:9d:95:e5:d3:68:63:7c:57:60:af:6f:26:50:ce:1a:b3:22:
         75:51:1b:29:14:48:d0:d6:50:fb:a2:9b:f0:df:5c:31:26:18:
         60:63:14:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8xaW/jzMOPJmXsoYW9hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjYwMzI2MDcwMTUyWhcNMjYwMzI3MDcwMTUyWjAzMTEwLwYDVQQD
Eyg1MTI1MTQyYWRmNTQ2OTg2NTg0MzNmNWQ0NWU2MDBjZjI1N2E2ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW7cMxlVPzqukn2AqwKPNCpfxim0
16rXWJZNEZ7LWUqMPTXc17CP5pzrHVhCVHwME7sqFe6uPjCBXZ8vf7td0QuxcNAm
ejX8OBBN+HXd37jBW39Ac/1oNakuXc+0i8TjdGKbFQsGJzgpezJqBqq9z3Gcsre/
xl7HqWLIv5PcoN36FWlHIeVvKY9LW+1tIu2bSgKPQRagJATvQHqL3xafpdzgMWsM
eE9g1g3TrhJPXpuPtvmHblhKmC85rTJRj7omsuW9x4yeVjvGKVstLixrQJBjw52u
CbeQA1u+6sVKwvUQ1+7whFpF3/b3p+2ASgVZ9Vvv0YxKGcIcdJoEKWuj1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFElFCrfVGmGWEM/XUXmAM8lem9IMB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXT9VZjdg
Cbe9cdJgA5P8H0PMUEZ9oz1jrdOSFqG3dlwhO80VwzGIAPxKmrAkIyTfsMQ39zrd
/6Ei/2111nBL5WC64p7DNWUOrLHTP5CGyHc/L7Brqtdki4qqeVSFtTyNLpEX+9B3
797GoZkGBnukTLJrAfrv9ffL8KswqCkp3MkcadXDPD5kUIHJ63I/NfI5G/x9uPp1
TUSsbPFTZuUWnSDZEL7BmaOHi2/KGN+SO0J+AuGiI83E7OhErej30fdMnjKu0ND2
HtnCWZPDGb2/FX7BrCl7mPqY1Z2V5dNoY3xXYK9vJlDOGrMidVEbKRRI0NZQ+6Kb
8N9cMSYYYGMUQQ==
-----END CERTIFICATE-----