Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          zdvEy8qR0xI/le9Cu8uo4+IaqYGy41xIkhcIH6yV5A4=
Subject key identifier:   38:F6:D1:AE:C8:07:B4:6D:E7:78:3F:88:56:C3:D9:9F:41:8C:17:40
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       019CAB6B61BC5C88F6775AB5037A6A063563
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          10F3
Signing time:             Sun 01 Mar 2026 22:01:07 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:07 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:07 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: P5BlM5ZvjdYPf/qGGA0xwmVZQCCdQc0nQoQj38HyKlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:61:bc:5c:88:f6:77:5a:b5:03:7a:6a:06:35:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Mar  1 22:01:07 2026 GMT
            Not After : Mar  2 22:01:07 2026 GMT
        Subject: CN=38f6d1aec807b46de7783f8856c3d99f418c1740
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:bf:79:79:1d:63:fc:7f:94:58:ba:aa:9f:5e:
                    00:c2:fc:9d:e5:37:10:41:6b:b7:19:4b:e5:33:56:
                    ed:45:91:c6:64:a6:84:a4:5b:81:46:91:99:9f:8c:
                    56:76:0e:f3:f7:69:0e:64:66:8f:91:00:8c:21:f2:
                    ca:49:a1:b5:a7:46:07:88:70:41:21:11:f5:5c:24:
                    28:fa:04:f6:c7:68:56:e8:04:44:32:45:18:bd:52:
                    a0:0e:5a:23:5b:1a:54:00:a5:44:0e:b1:33:ea:86:
                    3c:b0:ea:43:e4:59:21:b9:15:f1:ed:ab:18:f4:09:
                    e5:4d:2f:25:54:55:b6:88:43:3a:5b:ac:5d:21:9b:
                    44:5f:a3:95:bb:dc:31:ac:82:2c:02:2b:58:be:68:
                    49:68:13:9d:3e:bd:c2:b8:ba:47:5b:43:70:6f:fc:
                    74:65:9a:8d:a1:e7:da:fb:37:ad:97:47:57:c0:bc:
                    46:24:f5:9d:af:0e:16:9b:40:c3:c3:e9:94:3f:ca:
                    23:a1:6f:b0:7e:e6:d3:34:53:73:f4:b0:67:26:b8:
                    16:26:fb:4a:18:95:06:36:06:09:c8:93:fa:41:72:
                    93:3b:31:ca:32:f1:7c:ca:ba:74:e0:f8:00:83:5a:
                    9d:cb:e8:43:77:b5:c0:53:b1:49:65:13:33:a3:b4:
                    8b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:F6:D1:AE:C8:07:B4:6D:E7:78:3F:88:56:C3:D9:9F:41:8C:17:40
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:85:98:f5:93:7d:6b:7e:ab:00:87:5b:ac:f9:09:d1:ee:27:
         a7:0d:a4:f1:ff:d2:63:0c:01:21:62:9d:6c:54:d3:e6:58:fa:
         77:62:6a:c9:26:c1:b3:6b:ec:87:6f:2b:ba:d4:8a:8f:bd:4a:
         0a:1f:20:44:9c:cd:4e:17:24:d4:1d:ba:7b:70:70:51:b7:9f:
         43:cd:58:d5:0f:bb:79:ca:19:5f:53:a6:8a:a0:98:c8:e8:59:
         69:3d:21:24:37:86:bf:1c:df:89:48:05:f2:7a:b1:5e:a4:78:
         f6:54:50:b7:9e:aa:2b:25:2c:95:ae:68:49:b1:f9:13:15:5c:
         aa:7a:e9:b0:09:21:7e:cb:74:d3:8a:72:f8:dd:77:66:3a:23:
         40:dc:44:74:49:a5:f9:9b:f7:ee:ae:58:27:e4:55:4e:21:6a:
         9c:a3:5e:bd:38:a2:40:6e:29:d1:5d:77:19:1b:13:36:b9:29:
         5f:ce:24:b3:12:e9:f6:61:cf:53:83:f8:6b:8c:36:ba:45:d3:
         0b:31:f3:1c:ce:f3:e6:9a:54:4a:c5:6f:4b:90:56:38:14:e8:
         c4:a6:c6:19:bc:08:e2:9b:f1:7a:a4:44:c7:ff:72:47:1d:eb:
         84:76:66:11:94:f2:41:aa:ae:fe:40:fb:ec:c5:25:6b:29:f9:
         da:d5:3c:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra2G8XIj2d1q1A3pqBjVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjYwMzAxMjIwMTA3WhcNMjYwMzAyMjIwMTA3WjAzMTEwLwYDVQQD
EygzOGY2ZDFhZWM4MDdiNDZkZTc3ODNmODg1NmMzZDk5ZjQxOGMxNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr95eR1j/H+UWLqqn14Awvyd5TcQ
QWu3GUvlM1btRZHGZKaEpFuBRpGZn4xWdg7z92kOZGaPkQCMIfLKSaG1p0YHiHBB
IRH1XCQo+gT2x2hW6AREMkUYvVKgDlojWxpUAKVEDrEz6oY8sOpD5FkhuRXx7asY
9AnlTS8lVFW2iEM6W6xdIZtEX6OVu9wxrIIsAitYvmhJaBOdPr3CuLpHW0Nwb/x0
ZZqNoefa+zetl0dXwLxGJPWdrw4Wm0DDw+mUP8ojoW+wfubTNFNz9LBnJrgWJvtK
GJUGNgYJyJP6QXKTOzHKMvF8yrp04PgAg1qdy+hDd7XAU7FJZRMzo7SLcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDj20a7IB7Rt53g/iFbD2Z9BjBdAMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVoWY9ZN9
a36rAIdbrPkJ0e4npw2k8f/SYwwBIWKdbFTT5lj6d2JqySbBs2vsh28rutSKj71K
Ch8gRJzNThck1B26e3BwUbefQ81Y1Q+7ecoZX1OmiqCYyOhZaT0hJDeGvxzfiUgF
8nqxXqR49lRQt56qKyUsla5oSbH5ExVcqnrpsAkhfst004py+N13ZjojQNxEdEml
+Zv37q5YJ+RVTiFqnKNevTiiQG4p0V13GRsTNrkpX84ksxLp9mHPU4P4a4w2ukXT
CzHzHM7z5ppUSsVvS5BWOBToxKbGGbwI4pvxeqREx/9yRx3rhHZmEZTyQaqu/kD7
7MUlayn52tU83A==
-----END CERTIFICATE-----