Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          UKCqSmiQkBGshkbue1p6RkoEWM7i3a3Mb7lX+pkfdD8=
Subject key identifier:   7A:67:6B:DD:D2:15:32:54:89:F6:B3:C3:88:CE:C0:51:33:C1:30:F5
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       019D2AE0359773A49F6063525B48075F611D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          10F0
Signing time:             Thu 26 Mar 2026 16:00:30 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:30 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:30 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: Vc01b7lUeyUWP4KKR9wt8B5H43eHd2x13UzPYkUp4R4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:35:97:73:a4:9f:60:63:52:5b:48:07:5f:61:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Mar 26 16:00:30 2026 GMT
            Not After : Mar 27 16:00:30 2026 GMT
        Subject: CN=7a676bddd215325489f6b3c388cec05133c130f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fa:9a:02:c9:9a:ad:6e:26:60:19:cf:ae:77:
                    8d:fa:04:4f:ec:06:eb:0d:db:50:58:24:01:13:46:
                    47:f9:57:2a:b5:36:0c:42:c1:d8:d4:39:eb:03:f7:
                    2b:95:67:47:17:11:ff:9f:b8:13:8e:31:f1:df:b0:
                    b0:7d:77:42:24:71:c9:4f:90:4b:3e:0b:e6:9a:3e:
                    82:96:d8:83:3a:44:cb:72:f9:55:a7:ec:20:ad:5c:
                    8b:7e:9f:14:b0:4f:46:f0:8c:7b:52:ea:70:ac:ce:
                    33:de:27:4d:97:f4:3d:86:47:dc:6f:3b:08:86:41:
                    78:53:df:f8:72:93:81:0d:a3:1f:4d:73:98:46:88:
                    79:82:62:c7:66:8f:08:47:a9:72:89:7a:92:72:8b:
                    6d:d7:fd:a5:b3:3d:6d:64:76:e6:0b:a7:41:a0:9e:
                    50:98:17:8a:a9:1a:90:d1:97:76:a5:4b:4a:c8:45:
                    21:d1:34:93:12:b5:59:43:54:1c:b2:2d:7a:22:18:
                    c3:af:03:2d:bc:52:cb:70:61:70:d9:2d:3a:dd:49:
                    a1:a5:fb:69:cf:d9:db:8b:f0:4c:79:2d:6d:7b:e2:
                    f8:86:4c:da:53:e1:3c:38:2d:f3:f6:2c:8a:26:3d:
                    10:0d:b6:2f:de:31:09:c8:0d:f7:13:93:31:89:cb:
                    d1:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:67:6B:DD:D2:15:32:54:89:F6:B3:C3:88:CE:C0:51:33:C1:30:F5
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:ca:85:7f:5a:b2:21:1b:fe:c7:ff:c0:fc:21:29:28:6e:f3:
         d2:10:9d:78:00:1c:6a:c9:3a:11:91:d6:56:a2:ec:5d:41:95:
         4d:9d:35:07:c5:0b:24:6a:4d:63:2d:d7:58:00:c6:8e:60:a3:
         77:a5:f1:75:8c:33:f2:9f:0c:b8:37:7f:b4:17:18:ab:15:55:
         71:42:ab:66:b7:83:19:31:e8:ca:fa:89:43:ba:98:b6:c4:d7:
         98:43:72:51:8e:64:9e:8d:f7:6e:24:45:42:ef:bc:1f:d0:48:
         0a:f5:5c:f4:5e:3c:fe:09:9f:f3:17:1b:30:92:ff:e6:a5:44:
         6d:95:d0:97:e6:8d:28:d3:88:39:ba:d5:8a:03:b0:ea:32:97:
         f8:a5:bf:95:ef:61:49:87:6d:ab:4e:04:33:88:bc:36:05:52:
         6e:7d:d8:fd:dd:06:e0:d5:c2:55:1f:25:c5:c9:bc:b3:3f:e1:
         d3:9f:99:1e:85:ee:2c:46:66:4c:b9:42:b7:30:6c:6a:05:03:
         e7:a9:6c:bb:a6:3f:fc:68:3b:e7:af:15:93:c6:20:21:37:7c:
         33:cd:8d:d7:ff:f8:0b:48:cc:32:71:74:72:93:87:ad:b1:2e:
         64:f6:05:37:33:b2:7c:14:78:de:5d:04:0c:2f:d2:ce:84:19:
         04:38:8a:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4DWXc6SfYGNSW0gHX2EdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjYwMzI2MTYwMDMwWhcNMjYwMzI3MTYwMDMwWjAzMTEwLwYDVQQD
Eyg3YTY3NmJkZGQyMTUzMjU0ODlmNmIzYzM4OGNlYzA1MTMzYzEzMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/qaAsmarW4mYBnPrneN+gRP7Abr
DdtQWCQBE0ZH+VcqtTYMQsHY1DnrA/crlWdHFxH/n7gTjjHx37CwfXdCJHHJT5BL
Pgvmmj6CltiDOkTLcvlVp+wgrVyLfp8UsE9G8Ix7UupwrM4z3idNl/Q9hkfcbzsI
hkF4U9/4cpOBDaMfTXOYRoh5gmLHZo8IR6lyiXqScott1/2lsz1tZHbmC6dBoJ5Q
mBeKqRqQ0Zd2pUtKyEUh0TSTErVZQ1Qcsi16IhjDrwMtvFLLcGFw2S063Umhpftp
z9nbi/BMeS1te+L4hkzaU+E8OC3z9iyKJj0QDbYv3jEJyA33E5MxicvRAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpna93SFTJUifazw4jOwFEzwTD1MB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfsqFf1qy
IRv+x//A/CEpKG7z0hCdeAAcask6EZHWVqLsXUGVTZ01B8ULJGpNYy3XWADGjmCj
d6XxdYwz8p8MuDd/tBcYqxVVcUKrZreDGTHoyvqJQ7qYtsTXmENyUY5kno33biRF
Qu+8H9BICvVc9F48/gmf8xcbMJL/5qVEbZXQl+aNKNOIObrVigOw6jKX+KW/le9h
SYdtq04EM4i8NgVSbn3Y/d0G4NXCVR8lxcm8sz/h05+ZHoXuLEZmTLlCtzBsagUD
56lsu6Y//Gg7568Vk8YgITd8M82N1//4C0jMMnF0cpOHrbEuZPYFNzOyfBR43l0E
DC/SzoQZBDiKyA==
-----END CERTIFICATE-----