Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
File:                     z32kMRhYgiWjduwhScczbEYzZEA.mft (raw, json)
Hash identifier:          n3i3DXuVH9YjlVDx1nZ8maHwXC4eQwzkFnNZml4v+ug=
Subject key identifier:   D5:D5:31:3E:35:BB:F7:B8:E2:B5:E5:89:D6:A5:E3:C6:94:96:C4:2F
Authority key identifier: CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40
Certificate issuer:       /CN=cf7da43118588225a376ec2149c7336c46336440
Certificate serial:       019CAB33FCE2BC818D98D93697CA6B3D93B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
Manifest number:          1064
Signing time:             Sun 01 Mar 2026 21:00:36 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:36 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:36 +0000
Files and hashes:         1: z32kMRhYgiWjduwhScczbEYzZEA.crl (hash: AmDdQO9fwIF8hspYpLaaYKxWDPAYcEIBFWmIGUH5Bx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:33:fc:e2:bc:81:8d:98:d9:36:97:ca:6b:3d:93:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7da43118588225a376ec2149c7336c46336440
        Validity
            Not Before: Mar  1 21:00:36 2026 GMT
            Not After : Mar  2 21:00:36 2026 GMT
        Subject: CN=d5d5313e35bbf7b8e2b5e589d6a5e3c69496c42f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:2a:f8:29:da:8c:86:bc:cd:df:cf:0a:71:28:
                    a2:11:7a:9e:8a:d4:ab:e0:25:03:f5:01:d5:c1:09:
                    cd:4c:2d:82:47:9b:69:d2:28:be:2b:a0:0f:cd:96:
                    86:3d:59:45:82:c3:8b:cd:47:56:71:06:fc:13:51:
                    ea:30:26:25:04:8e:29:ad:68:8e:8b:22:24:90:04:
                    73:24:c6:c3:fe:23:97:ad:aa:cc:87:72:91:c9:e3:
                    2b:bd:56:7a:7a:6e:c6:d8:87:a9:ab:7e:dc:20:0f:
                    74:60:b2:16:84:e0:2d:ea:10:e4:21:bd:1d:ed:bc:
                    2b:1a:5e:5e:0c:ef:36:b3:b8:72:14:1c:56:66:18:
                    bd:5a:0e:e1:ac:aa:8c:de:be:2a:4a:9d:23:4f:24:
                    ca:75:fe:95:f3:fe:65:b7:ba:00:26:8b:8f:e4:84:
                    8f:31:57:a0:dc:e9:8f:7b:f9:d1:99:37:9d:08:6b:
                    39:4f:39:f6:06:dc:11:ba:f5:d3:93:3b:d5:45:33:
                    e9:64:07:32:13:f7:51:1e:cd:86:0d:1a:08:81:5e:
                    ee:9d:21:cf:ce:00:5e:d6:89:04:69:73:ee:59:a9:
                    1e:b1:04:9d:21:b3:7c:0f:42:3d:5d:17:aa:7f:26:
                    cd:e1:9f:78:d0:50:f6:18:93:b7:36:15:b6:87:33:
                    50:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D5:31:3E:35:BB:F7:B8:E2:B5:E5:89:D6:A5:E3:C6:94:96:C4:2F
            X509v3 Authority Key Identifier:
                keyid:CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:9c:76:83:88:79:20:98:31:76:57:ce:a6:78:62:9c:1a:d3:
         39:e7:7a:90:3f:3b:7e:d4:ff:b0:75:99:93:7e:51:fb:e2:0b:
         3a:18:e8:5a:b1:b5:b0:e4:55:2c:c4:35:d3:17:4a:74:8d:94:
         1d:c3:79:00:f6:b6:1d:45:f1:53:a1:9d:6c:e1:ae:00:e5:1b:
         ad:97:82:21:d5:0b:c3:5c:d6:f4:0c:5d:50:f3:77:32:98:13:
         58:1f:d6:af:73:b4:ad:51:64:27:b4:94:a6:61:93:93:24:11:
         0e:86:87:3b:2d:b4:42:26:1d:7f:2e:42:ae:d2:23:a8:2f:d7:
         c9:03:f9:32:5d:02:5f:d9:35:15:cc:52:4d:b6:9e:8b:8b:67:
         a7:e6:73:af:fa:95:a3:0b:48:27:dc:c0:35:23:0a:a3:92:11:
         3d:5f:53:2d:c5:d2:29:a9:81:f2:df:2a:8e:9c:4b:86:41:7a:
         fc:c3:2e:7b:e9:c1:dc:0d:37:36:d5:71:36:ad:15:be:5a:7e:
         ea:62:32:84:22:67:af:1f:eb:47:2c:08:08:a0:3b:62:5c:74:
         90:3f:1c:7c:cc:40:d8:12:a3:5f:2b:4a:1e:fa:91:72:c2:3a:
         d7:80:5a:3c:84:38:82:7b:ea:28:e7:26:31:dd:60:6c:16:27:
         8c:13:cd:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrM/zivIGNmNk2l8prPZO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2RhNDMxMTg1ODgyMjVhMzc2ZWMyMTQ5YzczMzZjNDYz
MzY0NDAwHhcNMjYwMzAxMjEwMDM2WhcNMjYwMzAyMjEwMDM2WjAzMTEwLwYDVQQD
EyhkNWQ1MzEzZTM1YmJmN2I4ZTJiNWU1ODlkNmE1ZTNjNjk0OTZjNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSr4KdqMhrzN388KcSiiEXqeitSr
4CUD9QHVwQnNTC2CR5tp0ii+K6APzZaGPVlFgsOLzUdWcQb8E1HqMCYlBI4prWiO
iyIkkARzJMbD/iOXrarMh3KRyeMrvVZ6em7G2Iepq37cIA90YLIWhOAt6hDkIb0d
7bwrGl5eDO82s7hyFBxWZhi9Wg7hrKqM3r4qSp0jTyTKdf6V8/5lt7oAJouP5ISP
MVeg3OmPe/nRmTedCGs5Tzn2BtwRuvXTkzvVRTPpZAcyE/dRHs2GDRoIgV7unSHP
zgBe1okEaXPuWakesQSdIbN8D0I9XReqfybN4Z940FD2GJO3NhW2hzNQ9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXVMT41u/e44rXlidal48aUlsQvMB8GA1UdIwQY
MBaAFM99pDEYWIIlo3bsIUnHM2xGM2RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUt
YzVmMTdlYWI0MWQ1LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUtYzVmMTdlYWI0MWQ1
LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJx2g4h5
IJgxdlfOpnhinBrTOed6kD87ftT/sHWZk35R++ILOhjoWrG1sORVLMQ10xdKdI2U
HcN5APa2HUXxU6GdbOGuAOUbrZeCIdULw1zW9AxdUPN3MpgTWB/Wr3O0rVFkJ7SU
pmGTkyQRDoaHOy20QiYdfy5CrtIjqC/XyQP5Ml0CX9k1FcxSTbaei4tnp+Zzr/qV
owtIJ9zANSMKo5IRPV9TLcXSKamB8t8qjpxLhkF6/MMue+nB3A03NtVxNq0Vvlp+
6mIyhCJnrx/rRywICKA7Ylx0kD8cfMxA2BKjXytKHvqRcsI614BaPIQ4gnvqKOcm
Md1gbBYnjBPNNA==
-----END CERTIFICATE-----