Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          3K2vIwtmCnvxVNHOoy0cRvZvzrdFZCEd6vbSdzdrKgE=
Subject key identifier:   5D:96:F8:02:EE:9F:AE:4D:85:4A:72:94:9B:BB:E0:C5:0C:4F:DB:72
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019D28F2D6F91DB0A79AF77C8C4B82593AB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          16A2
Signing time:             Thu 26 Mar 2026 07:01:36 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:36 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:36 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: 13CD5j223cZa3hm39GNolH0eNhb50dKzaNfjMNI42HM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:d6:f9:1d:b0:a7:9a:f7:7c:8c:4b:82:59:3a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Mar 26 07:01:36 2026 GMT
            Not After : Mar 27 07:01:36 2026 GMT
        Subject: CN=5d96f802ee9fae4d854a72949bbbe0c50c4fdb72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4a:3e:23:25:a0:81:44:9d:3b:c4:0c:ce:f6:
                    e8:c0:1b:16:a3:47:b5:47:2b:ed:cb:ef:76:02:15:
                    5b:4e:a0:68:e9:f6:5b:8e:45:61:04:a2:ff:d3:98:
                    a7:57:5e:4f:da:57:fe:27:e2:c8:16:1f:6d:a7:3b:
                    c2:fc:30:14:bf:cf:25:95:70:89:fb:e2:6e:9d:e1:
                    0a:2e:70:1b:72:09:a5:1a:53:ca:31:d0:55:15:2f:
                    45:44:8b:f4:e5:eb:9a:f4:d0:c8:d2:99:3b:69:3f:
                    bd:29:02:f0:df:8f:ac:7f:c3:3d:91:e7:ef:55:e6:
                    ca:58:46:c5:6b:58:74:83:94:93:31:10:41:51:f9:
                    e1:d4:ed:e2:81:79:cb:a1:07:89:97:5c:4a:6f:86:
                    98:e7:09:c7:be:6e:fd:6f:70:8e:77:5a:30:71:6b:
                    18:bd:58:58:6f:a6:9a:2e:27:b2:8b:21:0b:a4:d2:
                    ef:14:ce:34:5a:22:f7:32:86:24:5f:09:19:b6:7c:
                    1b:41:6b:ad:38:dc:c8:4f:62:14:58:ef:5d:d2:19:
                    55:29:c0:b5:46:44:f3:07:0b:e4:7d:cb:dd:c6:28:
                    4a:b8:af:c0:88:33:ab:4d:e0:63:bd:ec:5a:7e:e9:
                    e1:34:41:af:d9:63:98:f0:67:af:7e:cc:6b:06:70:
                    a1:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:96:F8:02:EE:9F:AE:4D:85:4A:72:94:9B:BB:E0:C5:0C:4F:DB:72
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:a8:d7:0a:86:6c:30:18:f3:69:92:e8:37:6c:b9:1a:d5:ac:
         63:24:9a:d9:2d:7c:f2:61:7d:ca:2a:28:0e:ab:c6:f8:00:b8:
         e5:58:7b:14:ea:0e:66:db:5b:32:d7:d0:7e:22:51:53:31:67:
         1e:95:be:8d:6d:bc:3e:1a:5b:b9:7a:77:9d:5a:45:a1:f6:1e:
         9b:44:5d:74:c6:cc:07:3e:1b:3b:6a:a0:0b:9e:69:1a:fa:10:
         29:ca:43:5e:ad:64:f3:10:d2:7c:07:29:d0:af:8d:f0:08:da:
         78:e6:a3:24:19:ae:ea:cb:4b:d6:43:97:90:3f:8b:fe:1f:b4:
         7b:ae:e4:ca:d5:e0:8b:75:f3:29:60:cc:78:ac:e5:fa:08:51:
         2f:0c:0e:a9:b6:ec:69:20:89:90:37:42:be:98:1d:1a:a7:e1:
         67:04:04:7e:3c:83:8a:1d:9a:06:d3:2c:69:f2:4d:d1:b0:77:
         53:bd:64:af:77:8e:d0:bc:2c:b5:e6:cf:68:ed:24:0c:cd:ae:
         fe:da:ac:4f:c9:18:60:9b:d6:41:d2:18:d2:39:af:c8:05:61:
         c3:25:3d:61:3f:67:a3:71:54:34:0c:97:e2:df:3e:76:c1:fd:
         93:d5:ee:7d:b5:3a:78:71:43:e5:0f:8c:99:25:1d:28:bf:7e:
         34:a7:d0:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8tb5HbCnmvd8jEuCWTqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjYwMzI2MDcwMTM2WhcNMjYwMzI3MDcwMTM2WjAzMTEwLwYDVQQD
Eyg1ZDk2ZjgwMmVlOWZhZTRkODU0YTcyOTQ5YmJiZTBjNTBjNGZkYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ko+IyWggUSdO8QMzvbowBsWo0e1
Ryvty+92AhVbTqBo6fZbjkVhBKL/05inV15P2lf+J+LIFh9tpzvC/DAUv88llXCJ
++JuneEKLnAbcgmlGlPKMdBVFS9FRIv05eua9NDI0pk7aT+9KQLw34+sf8M9kefv
VebKWEbFa1h0g5STMRBBUfnh1O3igXnLoQeJl1xKb4aY5wnHvm79b3COd1owcWsY
vVhYb6aaLieyiyELpNLvFM40WiL3MoYkXwkZtnwbQWutONzIT2IUWO9d0hlVKcC1
RkTzBwvkfcvdxihKuK/AiDOrTeBjvexafunhNEGv2WOY8GevfsxrBnChKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2W+ALun65NhUpylJu74MUMT9tyMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHKjXCoZs
MBjzaZLoN2y5GtWsYySa2S188mF9yiooDqvG+AC45Vh7FOoOZttbMtfQfiJRUzFn
HpW+jW28PhpbuXp3nVpFofYem0RddMbMBz4bO2qgC55pGvoQKcpDXq1k8xDSfAcp
0K+N8AjaeOajJBmu6stL1kOXkD+L/h+0e67kytXgi3XzKWDMeKzl+ghRLwwOqbbs
aSCJkDdCvpgdGqfhZwQEfjyDih2aBtMsafJN0bB3U71kr3eO0LwstebPaO0kDM2u
/tqsT8kYYJvWQdIY0jmvyAVhwyU9YT9no3FUNAyX4t8+dsH9k9XufbU6eHFD5Q+M
mSUdKL9+NKfQvw==
-----END CERTIFICATE-----