Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          9zEWDia3YF/6+YT3UCRrHlj+AEq+oF5Lrfry0iZeRnc=
Subject key identifier:   69:06:CE:4E:83:3B:0F:11:78:F0:21:14:10:04:9D:54:4B:5E:E2:47
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019D9998E7A28AB7CC277468AFFCDEA2679C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          172E
Signing time:             Fri 17 Apr 2026 04:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:27 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: qWX/Sknen07GOu0XzhlqsGV9CSLLMFP2Ktpx/WUD7p0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:98:e7:a2:8a:b7:cc:27:74:68:af:fc:de:a2:67:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Apr 17 04:00:27 2026 GMT
            Not After : Apr 18 04:00:27 2026 GMT
        Subject: CN=6906ce4e833b0f1178f0211410049d544b5ee247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:9d:bd:c1:52:ff:08:35:2f:28:da:96:8c:03:
                    87:f2:bc:f0:63:5d:d8:be:33:e8:3c:9e:ea:2c:3e:
                    da:31:b1:5a:99:10:f5:e4:ff:79:d0:5a:0b:c7:05:
                    82:d6:5c:cc:b2:40:7f:f7:8b:fb:ed:c0:1f:e2:39:
                    32:6a:6f:e7:02:5e:44:27:b8:2b:f8:c6:a3:70:5b:
                    ab:1e:fa:f4:7d:49:ab:71:40:88:2e:da:2e:17:a2:
                    13:6f:23:e0:96:d0:6b:98:59:90:23:93:93:a3:61:
                    93:f5:fd:4b:64:a8:69:61:bb:f4:1c:9f:65:dd:23:
                    5d:d5:3d:66:69:4b:05:17:16:55:b1:1e:0e:c8:eb:
                    f3:df:8c:af:e9:5f:0a:78:5a:49:05:09:da:13:53:
                    5d:1f:1e:70:b5:fe:61:22:5e:d7:00:d6:8f:d2:7b:
                    15:35:9c:3a:38:0b:6a:57:76:b2:31:59:19:5f:f2:
                    c0:c0:4f:07:db:0b:ff:92:90:bf:af:55:bb:67:46:
                    10:d0:73:c9:cd:59:98:31:15:11:26:d3:eb:82:e4:
                    1c:fa:44:75:db:d2:6c:f3:49:49:ec:57:52:71:79:
                    ac:1f:30:ae:7e:c6:b5:90:c8:93:ff:43:da:60:c6:
                    e8:21:4f:f0:0d:da:77:c5:7e:86:e5:1f:6c:f8:df:
                    19:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:06:CE:4E:83:3B:0F:11:78:F0:21:14:10:04:9D:54:4B:5E:E2:47
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:41:c9:dc:9f:1c:26:af:84:aa:32:a9:b9:d4:d2:48:8e:ab:
         3b:2f:ed:a0:6a:90:c3:40:19:87:3f:ab:b8:84:7a:50:3e:8c:
         70:d8:d3:5e:fe:7e:a6:e8:32:36:86:18:e2:41:70:4c:9b:2c:
         7e:ed:e4:42:72:b5:4d:a6:16:07:ed:33:4f:d9:6d:2e:26:0d:
         14:3b:af:17:cd:06:9b:56:fd:91:a6:4b:2d:e1:5e:fc:49:fc:
         e6:b8:c6:84:40:1c:81:85:db:6a:5a:19:c5:7e:3f:71:12:c3:
         cb:7b:78:dc:02:fd:19:9f:04:9b:0c:1e:19:82:f1:d2:0c:52:
         ee:03:1d:c4:a7:09:6a:a0:e4:61:35:fa:19:1f:17:ad:01:75:
         71:bc:79:9c:62:e4:28:73:cf:bc:f6:c0:9c:9a:26:13:c8:d1:
         6a:e7:94:4a:d9:41:64:ec:9c:b7:c7:29:f0:20:3c:f3:d1:a9:
         0c:ef:3b:f9:83:5f:7f:ea:72:37:8d:43:50:9c:24:93:84:40:
         5c:cb:e1:05:9e:26:3e:ef:a0:62:b1:3f:e2:8f:61:70:1a:5f:
         47:a8:d9:17:30:cd:b7:7e:d2:28:41:34:7f:1f:cf:b1:0c:23:
         bf:8e:5f:31:d7:d1:d4:4b:8b:7c:0e:cc:b0:69:19:6e:9b:56:
         60:d5:e0:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmOeiirfMJ3Ror/zeomecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjYwNDE3MDQwMDI3WhcNMjYwNDE4MDQwMDI3WjAzMTEwLwYDVQQD
Eyg2OTA2Y2U0ZTgzM2IwZjExNzhmMDIxMTQxMDA0OWQ1NDRiNWVlMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ29wVL/CDUvKNqWjAOH8rzwY13Y
vjPoPJ7qLD7aMbFamRD15P950FoLxwWC1lzMskB/94v77cAf4jkyam/nAl5EJ7gr
+MajcFurHvr0fUmrcUCILtouF6ITbyPgltBrmFmQI5OTo2GT9f1LZKhpYbv0HJ9l
3SNd1T1maUsFFxZVsR4OyOvz34yv6V8KeFpJBQnaE1NdHx5wtf5hIl7XANaP0nsV
NZw6OAtqV3ayMVkZX/LAwE8H2wv/kpC/r1W7Z0YQ0HPJzVmYMRURJtPrguQc+kR1
29Js80lJ7FdScXmsHzCufsa1kMiT/0PaYMboIU/wDdp3xX6G5R9s+N8ZrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkGzk6DOw8RePAhFBAEnVRLXuJHMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXUHJ3J8c
Jq+EqjKpudTSSI6rOy/toGqQw0AZhz+ruIR6UD6McNjTXv5+pugyNoYY4kFwTJss
fu3kQnK1TaYWB+0zT9ltLiYNFDuvF80Gm1b9kaZLLeFe/En85rjGhEAcgYXbaloZ
xX4/cRLDy3t43AL9GZ8EmwweGYLx0gxS7gMdxKcJaqDkYTX6GR8XrQF1cbx5nGLk
KHPPvPbAnJomE8jRaueUStlBZOyct8cp8CA889GpDO87+YNff+pyN41DUJwkk4RA
XMvhBZ4mPu+gYrE/4o9hcBpfR6jZFzDNt37SKEE0fx/PsQwjv45fMdfR1EuLfA7M
sGkZbptWYNXguw==
-----END CERTIFICATE-----