Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          ZXeFHue3x23lACVlPScd9barJNgeji89rNsooTg5yeE=
Subject key identifier:   BC:A1:1C:79:56:68:FA:09:49:7A:5F:08:C1:16:70:E3:40:DB:5B:5C
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019CAC0FD4899E42510E9759EC3A16EE3043
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          16B3
Signing time:             Mon 02 Mar 2026 01:00:44 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:44 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:44 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: N58i/1hdDOuILsIUmY8tIy94OfuXBP6VzTgjBcVtgYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:d4:89:9e:42:51:0e:97:59:ec:3a:16:ee:30:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Mar  2 01:00:44 2026 GMT
            Not After : Mar  3 01:00:44 2026 GMT
        Subject: CN=bca11c795668fa09497a5f08c11670e340db5b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:52:0c:52:cf:09:44:5c:2f:cb:f1:4c:43:80:
                    d3:57:26:77:15:42:50:4f:96:7d:b8:91:86:bb:c9:
                    ce:17:b3:2a:5c:f8:42:e9:06:9e:8f:f0:63:12:72:
                    d5:ac:01:2d:7f:a1:cd:32:9f:b3:33:48:5e:b4:b0:
                    59:1e:29:03:03:a1:01:f7:fb:e8:95:33:89:54:3f:
                    6b:c7:a3:0b:5e:2b:5a:5c:f5:b5:d1:34:37:09:24:
                    19:27:aa:1f:4f:3e:6a:7f:17:d3:84:8c:ab:9f:9d:
                    40:73:97:86:ce:97:8b:fe:f2:59:e5:7b:7f:b9:0f:
                    2c:1a:9f:f3:7a:86:95:4a:ab:df:53:f0:4f:d2:53:
                    37:5c:2f:7f:19:b9:dd:1a:66:9e:dc:c1:cc:a8:36:
                    55:af:6b:0a:ef:46:c4:5f:c4:84:33:96:c5:1b:8f:
                    8c:ee:a3:44:1d:38:4d:be:73:f4:2c:87:97:6b:a7:
                    c6:a1:09:7c:9e:5c:8c:4a:41:55:7c:ff:9f:d0:ae:
                    c4:f5:6e:2a:3a:4f:db:1f:51:68:c1:0d:3e:39:96:
                    d7:25:6b:02:b3:dc:2a:9f:b9:bd:88:f5:1e:ac:0f:
                    65:72:d4:ea:84:42:c5:ed:68:4b:e4:00:91:a3:c2:
                    a2:c3:3c:37:02:db:7a:5a:d8:47:81:2a:b2:9b:65:
                    52:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:A1:1C:79:56:68:FA:09:49:7A:5F:08:C1:16:70:E3:40:DB:5B:5C
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:e8:d0:cd:b2:3a:53:78:e8:eb:1d:4f:22:68:00:e7:06:0b:
         30:f2:b6:00:b7:1b:f8:be:3a:5f:27:03:df:0c:5b:45:2f:84:
         41:7d:63:58:73:3c:a0:e0:46:00:4c:d1:cf:e1:b1:72:bd:c1:
         36:c1:97:1f:0b:c6:16:71:10:bc:2d:27:7a:5d:2c:16:48:35:
         14:53:b4:94:a5:b6:22:14:4e:2a:2a:87:d8:d6:33:89:8b:55:
         4b:3b:43:bb:02:fd:7d:46:0a:2a:c7:cc:41:0a:8c:41:68:f8:
         ba:a7:fe:7a:07:c5:2b:a3:8b:db:70:6b:bd:90:d3:8c:0b:5f:
         ed:04:37:d9:67:d9:df:db:1d:85:74:7e:94:d9:80:af:ae:5e:
         3d:b9:74:54:ad:37:d0:6c:b1:a1:41:b6:7b:5d:77:27:d9:57:
         52:d3:e8:f6:bd:5b:4e:13:f9:99:6a:cb:28:df:a5:30:11:ac:
         7d:c6:e7:b1:ef:4a:a0:7d:55:e9:52:b6:a1:76:53:f7:5e:e7:
         65:90:19:b0:e4:f6:3c:86:d5:4f:16:91:15:83:a3:d5:0b:47:
         49:42:3f:db:e1:39:00:39:b1:39:88:0c:eb:c1:3f:bb:3f:df:
         94:9b:65:dc:f9:8b:d5:16:03:7b:d5:56:70:9a:60:b0:9f:de:
         ee:9d:a9:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD9SJnkJRDpdZ7DoW7jBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjYwMzAyMDEwMDQ0WhcNMjYwMzAzMDEwMDQ0WjAzMTEwLwYDVQQD
EyhiY2ExMWM3OTU2NjhmYTA5NDk3YTVmMDhjMTE2NzBlMzQwZGI1YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11IMUs8JRFwvy/FMQ4DTVyZ3FUJQ
T5Z9uJGGu8nOF7MqXPhC6Qaej/BjEnLVrAEtf6HNMp+zM0hetLBZHikDA6EB9/vo
lTOJVD9rx6MLXitaXPW10TQ3CSQZJ6ofTz5qfxfThIyrn51Ac5eGzpeL/vJZ5Xt/
uQ8sGp/zeoaVSqvfU/BP0lM3XC9/GbndGmae3MHMqDZVr2sK70bEX8SEM5bFG4+M
7qNEHThNvnP0LIeXa6fGoQl8nlyMSkFVfP+f0K7E9W4qOk/bH1FowQ0+OZbXJWsC
s9wqn7m9iPUerA9lctTqhELF7WhL5ACRo8Kiwzw3Att6WthHgSqym2VSwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyhHHlWaPoJSXpfCMEWcONA21tcMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeujQzbI6
U3jo6x1PImgA5wYLMPK2ALcb+L46XycD3wxbRS+EQX1jWHM8oOBGAEzRz+Gxcr3B
NsGXHwvGFnEQvC0nel0sFkg1FFO0lKW2IhROKiqH2NYziYtVSztDuwL9fUYKKsfM
QQqMQWj4uqf+egfFK6OL23BrvZDTjAtf7QQ32WfZ39sdhXR+lNmAr65ePbl0VK03
0GyxoUG2e113J9lXUtPo9r1bThP5mWrLKN+lMBGsfcbnse9KoH1V6VK2oXZT917n
ZZAZsOT2PIbVTxaRFYOj1QtHSUI/2+E5ADmxOYgM68E/uz/flJtl3PmL1RYDe9VW
cJpgsJ/e7p2pdQ==
-----END CERTIFICATE-----