Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          oz7QLCT3bvBo+e1jp+Ud0U7JKMpFQeTBZoX88UtFBrc=
Subject key identifier:   5A:3B:D2:37:29:0A:3F:B3:D3:8E:DD:04:8B:DB:CD:AA:3E:17:C0:8B
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       019D27A8F602FA6A3D035E5913C43FA5F2D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          0C26
Signing time:             Thu 26 Mar 2026 01:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:17 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: Vt08BNkoJoALIGiRhzL6B3UqHJF/YL5B3wcerFairmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:f6:02:fa:6a:3d:03:5e:59:13:c4:3f:a5:f2:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Mar 26 01:01:17 2026 GMT
            Not After : Mar 27 01:01:17 2026 GMT
        Subject: CN=5a3bd237290a3fb3d38edd048bdbcdaa3e17c08b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5a:e5:4d:98:25:d9:01:f3:99:32:8e:39:50:
                    34:22:3e:7a:d0:92:da:de:09:0d:7c:ac:c6:5a:c9:
                    ee:f7:f1:8a:1b:bb:e0:f0:7a:13:0e:90:2f:d0:d3:
                    6c:cd:e4:a8:55:81:13:00:d2:25:74:2e:2a:85:76:
                    67:e3:62:1e:52:09:e4:13:ff:5c:91:a8:e4:ba:0e:
                    e7:3e:a6:bb:98:07:b2:46:f7:f8:61:7d:43:84:26:
                    36:f8:1b:c8:ae:c8:cf:ca:f1:f2:0b:62:8e:f4:0b:
                    68:02:58:5f:6a:fd:32:d7:5e:d6:5b:19:bd:b0:6a:
                    6c:eb:b5:30:13:98:30:2a:c3:25:22:f8:1b:a7:7f:
                    45:f4:a4:99:3b:4c:08:b7:fa:39:58:67:93:e7:68:
                    54:b7:c0:7c:b8:38:9f:6f:10:17:36:5c:1c:d2:56:
                    93:ca:55:a2:22:42:be:90:74:26:6b:ae:a4:05:bc:
                    cf:ad:bc:00:40:76:c4:20:8a:07:01:a8:4b:60:e1:
                    ab:51:61:da:34:c9:9d:9b:51:f5:ec:f6:9d:e6:b1:
                    ff:d4:ca:93:88:27:bb:d7:d5:22:0e:1f:c4:39:0b:
                    22:d9:85:f8:af:ae:c9:73:bc:98:c8:d2:27:85:39:
                    9d:ad:72:a9:66:13:c8:4f:b8:b5:4d:f7:99:4f:8f:
                    f1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:3B:D2:37:29:0A:3F:B3:D3:8E:DD:04:8B:DB:CD:AA:3E:17:C0:8B
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:7b:76:f7:6d:2c:de:8e:0b:8d:70:8d:30:d7:25:77:f5:b7:
         87:18:5e:6e:9c:12:a0:4a:e8:f7:db:22:15:91:78:a2:24:5d:
         8b:a1:2b:60:5e:6f:52:91:30:5b:bc:be:61:fa:07:be:d3:28:
         e1:1e:25:af:1c:f3:cc:36:dc:59:f0:4f:08:8e:89:a3:66:73:
         e4:da:1b:df:5a:87:63:88:b1:c0:03:63:13:e3:0f:99:3e:b2:
         ad:dd:a1:c6:25:9b:73:43:0c:d1:59:aa:eb:ef:f9:ec:29:48:
         e2:f4:4f:89:c7:c7:ea:ef:91:0c:df:9a:b2:a9:5e:6b:f0:7f:
         60:01:86:ef:55:9f:2d:ef:a2:d2:23:6a:39:56:e4:fc:02:86:
         0e:67:de:db:12:22:60:81:b0:7a:d0:00:d2:0d:67:56:05:c0:
         7a:4f:83:bd:9f:cb:53:c4:c9:46:0b:80:25:f0:57:d8:be:5b:
         89:f5:84:e1:7a:86:e1:ac:9c:6a:90:65:05:a9:12:3d:d1:90:
         33:25:97:2a:34:6b:ae:9b:c8:e1:19:9e:a3:f1:a3:ca:37:9f:
         73:a2:94:72:58:b6:f6:30:a1:b8:0b:89:65:d4:5c:dd:6b:b3:
         74:a7:4a:da:56:54:1d:62:d5:ee:a3:1c:b5:f2:d4:c5:ac:ef:
         b9:21:42:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqPYC+mo9A15ZE8Q/pfLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjYwMzI2MDEwMTE3WhcNMjYwMzI3MDEwMTE3WjAzMTEwLwYDVQQD
Eyg1YTNiZDIzNzI5MGEzZmIzZDM4ZWRkMDQ4YmRiY2RhYTNlMTdjMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVrlTZgl2QHzmTKOOVA0Ij560JLa
3gkNfKzGWsnu9/GKG7vg8HoTDpAv0NNszeSoVYETANIldC4qhXZn42IeUgnkE/9c
kajkug7nPqa7mAeyRvf4YX1DhCY2+BvIrsjPyvHyC2KO9AtoAlhfav0y117WWxm9
sGps67UwE5gwKsMlIvgbp39F9KSZO0wIt/o5WGeT52hUt8B8uDifbxAXNlwc0laT
ylWiIkK+kHQma66kBbzPrbwAQHbEIIoHAahLYOGrUWHaNMmdm1H17Pad5rH/1MqT
iCe719UiDh/EOQsi2YX4r67Jc7yYyNInhTmdrXKpZhPIT7i1TfeZT4/xPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFo70jcpCj+z047dBIvbzao+F8CLMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEHt2920s
3o4LjXCNMNcld/W3hxhebpwSoEro99siFZF4oiRdi6ErYF5vUpEwW7y+YfoHvtMo
4R4lrxzzzDbcWfBPCI6Jo2Zz5Nob31qHY4ixwANjE+MPmT6yrd2hxiWbc0MM0Vmq
6+/57ClI4vRPicfH6u+RDN+asqlea/B/YAGG71WfLe+i0iNqOVbk/AKGDmfe2xIi
YIGwetAA0g1nVgXAek+DvZ/LU8TJRguAJfBX2L5bifWE4XqG4aycapBlBakSPdGQ
MyWXKjRrrpvI4Rmeo/Gjyjefc6KUcli29jChuAuJZdRc3WuzdKdK2lZUHWLV7qMc
tfLUxazvuSFCCw==
-----END CERTIFICATE-----