Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
File:                     ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft (raw, json)
Hash identifier:          BQz/aFE43l4KjkB9j1zv6empx4FqVCYI5MS/7niUlqQ=
Subject key identifier:   A8:30:ED:CC:7B:C7:D5:05:BA:02:DC:74:35:D2:16:C9:F3:FE:D1:AC
Authority key identifier: 65:A0:7D:49:24:68:22:8A:A3:06:A6:6B:05:6A:02:28:C5:52:EC:5C
Certificate issuer:       /CN=65a07d492468228aa306a66b056a0228c552ec5c
Certificate serial:       019CAB6BA8A494986DABFFC2FE457704334A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
Manifest number:          0F5B
Signing time:             Sun 01 Mar 2026 22:01:25 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:25 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:25 +0000
Files and hashes:         1: ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl (hash: FPEiNNFzLJfLsgh/yX0Y9KDv94GBHg9zPSFxMKDN3QM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:a8:a4:94:98:6d:ab:ff:c2:fe:45:77:04:33:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65a07d492468228aa306a66b056a0228c552ec5c
        Validity
            Not Before: Mar  1 22:01:25 2026 GMT
            Not After : Mar  2 22:01:25 2026 GMT
        Subject: CN=a830edcc7bc7d505ba02dc7435d216c9f3fed1ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ed:80:1e:2c:20:e5:34:46:bb:79:00:8f:94:
                    2c:e3:2d:be:1f:a3:44:73:34:83:b9:5d:bf:a5:1b:
                    43:32:f2:11:dc:d9:04:a7:37:bc:82:f8:5a:0d:56:
                    0e:fd:53:14:41:7a:7f:65:b3:22:76:76:1f:e8:79:
                    52:21:0f:59:d3:07:21:5a:32:9b:8c:de:db:47:e7:
                    71:0c:4f:3b:ce:5f:eb:4e:43:fd:ba:27:30:2c:e1:
                    01:19:40:1f:e4:02:fc:9c:01:b9:79:df:58:a5:2d:
                    16:46:2d:3e:e0:56:64:89:a3:50:68:09:c8:ba:c6:
                    af:fb:77:34:e2:79:a7:58:e1:10:39:3a:64:58:a5:
                    ea:e8:2a:ea:7f:7c:6b:2c:8a:75:92:8e:88:c7:ff:
                    fc:cc:2c:c9:b1:1c:d0:56:91:82:c6:96:85:90:5b:
                    e0:c9:8c:c5:88:44:19:ff:cd:d2:7d:16:a8:22:bd:
                    fc:51:3b:b6:c1:81:04:d8:b3:b3:06:11:8e:40:a1:
                    6c:15:2d:c1:44:c4:62:ad:6c:a7:c7:7c:75:38:37:
                    63:c0:51:2d:33:47:d2:97:3a:71:9b:82:03:6b:a2:
                    f4:ab:9a:f1:3e:64:0a:6f:cd:62:9f:98:bf:e2:73:
                    7d:c2:e6:d9:b7:86:a1:74:98:1e:d3:f3:b2:a9:b2:
                    6e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:30:ED:CC:7B:C7:D5:05:BA:02:DC:74:35:D2:16:C9:F3:FE:D1:AC
            X509v3 Authority Key Identifier:
                keyid:65:A0:7D:49:24:68:22:8A:A3:06:A6:6B:05:6A:02:28:C5:52:EC:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:aa:79:29:55:7b:aa:a4:ac:b4:d5:55:30:55:98:c4:31:10:
         43:70:f0:c5:a0:1f:45:26:59:d3:ac:9c:24:51:00:b0:96:26:
         47:b0:0f:eb:34:c9:55:9a:28:b9:de:9b:87:e4:14:a8:82:f6:
         69:10:eb:04:03:a4:06:24:8d:44:a7:df:9c:b2:8b:5e:12:9a:
         78:de:9d:a7:e7:e1:93:30:5f:19:c6:97:4f:c8:d8:9b:34:6c:
         d9:54:9a:ff:2b:34:9b:bc:13:a7:7f:e6:a0:b0:80:f1:18:f1:
         f9:fc:1b:2e:d3:73:12:f4:f6:6d:b0:ad:c3:67:7e:ae:50:6e:
         af:ba:a2:66:08:7c:86:fb:8f:60:fb:41:e3:5d:b0:0a:dc:44:
         70:be:49:12:f4:1f:8f:1a:33:ba:40:a1:ea:4f:0a:89:a7:ec:
         b6:ae:5f:fa:f2:f7:dd:e8:96:38:e8:3a:56:ec:4d:b8:f5:2c:
         ca:7b:94:bf:6b:ce:3b:26:d6:fd:5e:5f:57:55:59:3a:3a:c6:
         90:1c:f8:5e:e6:3a:c6:66:c0:12:43:fe:cf:31:33:23:d2:fc:
         05:41:f1:a7:2a:91:c9:38:64:de:cf:34:00:5f:bb:d3:fa:5f:
         70:90:31:35:fc:6c:a5:ba:f8:a8:a4:1f:1c:6f:7e:1f:01:c5:
         b9:ae:f2:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6iklJhtq//C/kV3BDNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTA3ZDQ5MjQ2ODIyOGFhMzA2YTY2YjA1NmEwMjI4YzU1
MmVjNWMwHhcNMjYwMzAxMjIwMTI1WhcNMjYwMzAyMjIwMTI1WjAzMTEwLwYDVQQD
EyhhODMwZWRjYzdiYzdkNTA1YmEwMmRjNzQzNWQyMTZjOWYzZmVkMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+2AHiwg5TRGu3kAj5Qs4y2+H6NE
czSDuV2/pRtDMvIR3NkEpze8gvhaDVYO/VMUQXp/ZbMidnYf6HlSIQ9Z0wchWjKb
jN7bR+dxDE87zl/rTkP9uicwLOEBGUAf5AL8nAG5ed9YpS0WRi0+4FZkiaNQaAnI
usav+3c04nmnWOEQOTpkWKXq6Crqf3xrLIp1ko6Ix//8zCzJsRzQVpGCxpaFkFvg
yYzFiEQZ/83SfRaoIr38UTu2wYEE2LOzBhGOQKFsFS3BRMRirWynx3x1ODdjwFEt
M0fSlzpxm4IDa6L0q5rxPmQKb81in5i/4nN9wubZt4ahdJge0/OyqbJuuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgw7cx7x9UFugLcdDXSFsnz/tGsMB8GA1UdIwQY
MBaAFGWgfUkkaCKKowamawVqAijFUuxcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8xODMyOTgtZmI5OS00ZThmLTgyNjQt
ZWIwM2JiYTY1YTk2LzEvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8xODMyOTgtZmI5OS00ZThmLTgyNjQtZWIwM2JiYTY1YTk2
LzEvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlKp5KVV7
qqSstNVVMFWYxDEQQ3DwxaAfRSZZ06ycJFEAsJYmR7AP6zTJVZooud6bh+QUqIL2
aRDrBAOkBiSNRKffnLKLXhKaeN6dp+fhkzBfGcaXT8jYmzRs2VSa/ys0m7wTp3/m
oLCA8Rjx+fwbLtNzEvT2bbCtw2d+rlBur7qiZgh8hvuPYPtB412wCtxEcL5JEvQf
jxozukCh6k8Kiafstq5f+vL33eiWOOg6VuxNuPUsynuUv2vOOybW/V5fV1VZOjrG
kBz4XuY6xmbAEkP+zzEzI9L8BUHxpyqRyThk3s80AF+70/pfcJAxNfxspbr4qKQf
HG9+HwHFua7yig==
-----END CERTIFICATE-----