Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
File:                     ZLPjZgb6UsOkchyMoPszCZU0GVo.mft (raw, json)
Hash identifier:          811dXeMgGHf3hgxRNDlpAdTWVSpCu4kXEyJ/cY15Nsg=
Subject key identifier:   C7:09:95:F0:D0:B8:A8:1A:E8:7C:B5:12:F9:81:CF:E4:65:D0:E3:C5
Authority key identifier: 64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A
Certificate issuer:       /CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
Certificate serial:       019D329AF3A3D4723FCF85E0E69E61899837
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
Manifest number:          1889
Signing time:             Sat 28 Mar 2026 04:01:48 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:48 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:48 +0000
Files and hashes:         1: ZLPjZgb6UsOkchyMoPszCZU0GVo.crl (hash: 2fJQwezNyhpHiFhbClYlMqay5lgKcgL16zsswUm9IUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:f3:a3:d4:72:3f:cf:85:e0:e6:9e:61:89:98:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
        Validity
            Not Before: Mar 28 04:01:48 2026 GMT
            Not After : Mar 29 04:01:48 2026 GMT
        Subject: CN=c70995f0d0b8a81ae87cb512f981cfe465d0e3c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:68:53:1f:6c:02:5e:6e:e8:b9:b9:05:18:73:
                    9e:bc:cc:3e:0d:79:f0:b6:31:11:18:85:b8:73:89:
                    03:a9:de:16:01:ea:87:4f:0a:68:a2:a0:84:bb:60:
                    71:f3:14:eb:ed:18:b9:82:97:a8:6b:2a:7c:f2:25:
                    ad:01:7c:07:68:1f:f7:dd:d8:e9:fe:1e:b7:c6:49:
                    d4:ff:2a:e2:31:ac:71:13:b4:a8:ea:0d:70:d2:b0:
                    38:80:5f:4f:52:07:46:89:24:98:26:16:73:b2:11:
                    01:53:92:8c:3d:2a:23:80:2c:0e:56:4b:95:47:80:
                    cd:0a:bc:56:0f:58:a5:34:36:e7:6d:be:90:00:0d:
                    11:ea:14:38:75:c8:4f:cc:77:ef:b0:de:97:6a:69:
                    38:a5:ea:df:58:ee:bd:ab:3c:18:1c:ea:cf:09:a6:
                    5e:79:f7:24:e5:cc:75:d8:f5:83:d7:97:47:0e:03:
                    14:0f:e0:8c:27:fc:0d:d1:90:c3:73:bd:13:e4:59:
                    4a:df:ab:81:aa:85:0f:97:a7:e5:82:bd:ec:4c:0c:
                    ac:e6:0b:6e:ce:46:a2:0d:25:b3:5a:85:cc:7d:3f:
                    f6:aa:c1:ee:0f:f0:d5:f2:9f:d7:6b:81:d8:64:b8:
                    6e:24:5d:fd:0a:a7:c6:81:db:ab:42:43:bc:2a:a2:
                    bd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:09:95:F0:D0:B8:A8:1A:E8:7C:B5:12:F9:81:CF:E4:65:D0:E3:C5
            X509v3 Authority Key Identifier:
                keyid:64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b8:f1:fd:e1:0a:1b:7c:24:05:1c:ae:db:98:f6:3c:fd:4b:
         0b:23:29:56:14:ff:d4:a4:66:85:61:e0:65:f0:cd:5c:15:8c:
         7d:06:95:df:3a:0b:c6:84:80:cc:6e:94:25:0c:32:1c:dd:2d:
         5a:23:32:e0:74:24:83:4d:e8:9a:01:37:7f:09:52:e6:f8:15:
         b2:87:ae:8f:e9:c0:6f:07:3c:e3:25:00:55:ac:6b:fa:e9:4e:
         ea:87:55:d3:16:64:1a:1c:20:d6:4e:d5:56:27:65:0f:d7:7e:
         eb:2e:f5:aa:93:b5:a1:8f:f4:a2:79:c0:3d:92:60:cb:d8:cb:
         8e:82:3e:d2:ff:1e:91:6f:b1:f0:76:5f:02:81:9a:e7:c5:08:
         7b:1e:71:27:a4:0d:62:a5:13:f4:c3:6f:38:74:00:5d:67:8c:
         f8:39:2e:3b:87:c4:0d:fe:07:43:88:e3:90:29:a2:85:5b:96:
         96:f5:21:6e:3d:b0:ea:d1:f0:09:0f:cb:97:a1:7d:d7:b2:d4:
         d6:81:c3:9a:bc:1c:01:f5:d6:4d:58:14:c3:19:7d:ca:35:9b:
         3c:e9:a6:e7:2d:b2:c5:f7:80:dd:85:16:bd:fd:f7:05:6d:35:
         1f:60:44:23:86:65:a9:17:e0:29:78:74:e9:a6:cd:6e:b9:5c:
         48:15:2f:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymvOj1HI/z4Xg5p5hiZg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjNlMzY2MDZmYTUyYzNhNDcyMWM4Y2EwZmIzMzA5OTUz
NDE5NWEwHhcNMjYwMzI4MDQwMTQ4WhcNMjYwMzI5MDQwMTQ4WjAzMTEwLwYDVQQD
EyhjNzA5OTVmMGQwYjhhODFhZTg3Y2I1MTJmOTgxY2ZlNDY1ZDBlM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2hTH2wCXm7oubkFGHOevMw+DXnw
tjERGIW4c4kDqd4WAeqHTwpooqCEu2Bx8xTr7Ri5gpeoayp88iWtAXwHaB/33djp
/h63xknU/yriMaxxE7So6g1w0rA4gF9PUgdGiSSYJhZzshEBU5KMPSojgCwOVkuV
R4DNCrxWD1ilNDbnbb6QAA0R6hQ4dchPzHfvsN6Xamk4perfWO69qzwYHOrPCaZe
efck5cx12PWD15dHDgMUD+CMJ/wN0ZDDc70T5FlK36uBqoUPl6flgr3sTAys5gtu
zkaiDSWzWoXMfT/2qsHuD/DV8p/Xa4HYZLhuJF39CqfGgdurQkO8KqK9GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcJlfDQuKga6Hy1EvmBz+Rl0OPFMB8GA1UdIwQY
MBaAFGSz42YG+lLDpHIcjKD7MwmVNBlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUt
MGUzODFiZDQxM2QzLzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUtMGUzODFiZDQxM2Qz
LzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLjx/eEK
G3wkBRyu25j2PP1LCyMpVhT/1KRmhWHgZfDNXBWMfQaV3zoLxoSAzG6UJQwyHN0t
WiMy4HQkg03omgE3fwlS5vgVsoeuj+nAbwc84yUAVaxr+ulO6odV0xZkGhwg1k7V
VidlD9d+6y71qpO1oY/0onnAPZJgy9jLjoI+0v8ekW+x8HZfAoGa58UIex5xJ6QN
YqUT9MNvOHQAXWeM+DkuO4fEDf4HQ4jjkCmihVuWlvUhbj2w6tHwCQ/Ll6F917LU
1oHDmrwcAfXWTVgUwxl9yjWbPOmm5y2yxfeA3YUWvf33BW01H2BEI4ZlqRfgKXh0
6abNbrlcSBUvnw==
-----END CERTIFICATE-----