Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft
File:                     z5dREMc5t0-E1BcDxIgoMnJ73cw.mft (raw, json)
Hash identifier:          +to6qaEIcgICH/5facaAdFH3Nx4Z6tO+lYPEAnRKQko=
Subject key identifier:   9A:5C:70:D8:32:32:3E:89:16:2E:8D:DB:33:D7:03:46:C7:1B:64:10
Authority key identifier: CF:97:51:10:C7:39:B7:4F:84:D4:17:03:C4:88:28:32:72:7B:DD:CC
Certificate issuer:       /CN=cf975110c739b74f84d41703c4882832727bddcc
Certificate serial:       019CAD59603300367541678ED5E9800315AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft
Manifest number:          17D4
Signing time:             Mon 02 Mar 2026 07:00:41 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:41 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:41 +0000
Files and hashes:         1: z5dREMc5t0-E1BcDxIgoMnJ73cw.crl (hash: 41H3fvn355hgZBHXN4OhS9T00BOPK9xAa9x1TB6dfd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:60:33:00:36:75:41:67:8e:d5:e9:80:03:15:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf975110c739b74f84d41703c4882832727bddcc
        Validity
            Not Before: Mar  2 07:00:41 2026 GMT
            Not After : Mar  3 07:00:41 2026 GMT
        Subject: CN=9a5c70d832323e89162e8ddb33d70346c71b6410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:19:76:b0:8c:e3:9a:9c:e9:bc:ed:cd:a6:6d:
                    7c:21:39:39:22:c3:c8:08:f8:5a:b1:02:3f:30:23:
                    17:11:81:e9:1d:97:00:87:ea:1f:96:12:f6:7a:1e:
                    8e:e0:7c:95:f7:6f:7e:b0:99:14:1c:05:67:17:63:
                    b7:3b:b6:de:9c:02:06:da:8a:61:d4:bc:32:d2:82:
                    48:81:cf:b5:cb:b1:df:33:1c:f2:9b:f6:dc:69:4d:
                    56:3e:98:37:8d:53:50:f7:fe:11:17:43:1e:35:cc:
                    f5:43:87:f5:dd:0f:4b:9e:78:44:81:ae:a9:34:78:
                    bf:cc:78:98:9a:06:e7:ad:42:57:70:55:96:af:c0:
                    14:2d:a0:f0:17:b0:e6:96:46:08:ad:46:3f:5a:df:
                    17:ff:47:37:d7:f6:ba:30:42:b0:c5:6a:66:8e:dd:
                    7c:68:5c:be:7e:2c:d0:5e:75:c0:38:d8:af:e9:4c:
                    75:a9:b7:4f:98:2b:eb:fa:1d:06:7b:7a:14:9e:ea:
                    54:5e:6f:54:37:28:f6:11:e8:8e:2f:63:6c:48:5a:
                    aa:48:f3:98:86:00:9b:64:17:5f:87:7e:04:a0:79:
                    db:4c:db:66:4e:9c:26:f2:c2:d4:3e:ed:ab:55:05:
                    ea:28:a9:2c:df:25:89:6d:78:90:9c:dc:8f:fe:1b:
                    f6:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:5C:70:D8:32:32:3E:89:16:2E:8D:DB:33:D7:03:46:C7:1B:64:10
            X509v3 Authority Key Identifier:
                keyid:CF:97:51:10:C7:39:B7:4F:84:D4:17:03:C4:88:28:32:72:7B:DD:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:be:a6:74:25:a1:40:3d:3b:1b:d4:a8:87:26:cd:3e:9a:f8:
         26:93:21:16:34:e5:59:9b:3f:63:d7:ac:4d:3c:54:7a:cb:d0:
         12:ee:1b:8b:68:ec:9b:89:05:2d:5c:89:57:be:02:3a:a7:c0:
         46:0a:ee:7b:65:2f:4f:c2:a5:84:cf:78:c2:f2:d4:23:68:00:
         9e:ac:5e:8e:db:cb:75:96:37:3e:a5:9f:bb:57:b2:e0:01:f3:
         d6:da:aa:23:cf:22:a3:0c:2d:ad:e3:20:70:02:b3:0e:23:5c:
         be:8d:91:0e:fe:50:05:e9:7c:c6:ff:e4:0b:d5:65:16:a8:6e:
         e7:5b:f3:15:34:2e:83:9b:e6:d3:d4:7c:0d:cf:66:a5:ff:19:
         d5:d3:60:69:86:1d:b6:e4:10:97:6a:bc:92:da:fc:82:7a:bd:
         52:57:f5:02:34:84:57:a6:a6:36:a4:73:f7:df:b7:64:b3:dc:
         3c:8f:72:73:e1:8c:44:84:d4:17:8a:be:01:53:85:ef:1e:b1:
         c3:76:93:02:a4:89:9c:b2:99:ec:b3:a4:6e:52:a1:29:7e:25:
         df:0b:10:5f:04:a5:da:db:5e:85:72:ea:b1:87:a1:6a:9f:56:
         6d:a0:a2:d9:64:b1:c7:fd:f8:4f:bd:96:a1:05:a6:4d:51:a3:
         24:b4:19:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWWAzADZ1QWeO1emAAxWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOTc1MTEwYzczOWI3NGY4NGQ0MTcwM2M0ODgyODMyNzI3
YmRkY2MwHhcNMjYwMzAyMDcwMDQxWhcNMjYwMzAzMDcwMDQxWjAzMTEwLwYDVQQD
Eyg5YTVjNzBkODMyMzIzZTg5MTYyZThkZGIzM2Q3MDM0NmM3MWI2NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxl2sIzjmpzpvO3Npm18ITk5IsPI
CPhasQI/MCMXEYHpHZcAh+oflhL2eh6O4HyV929+sJkUHAVnF2O3O7benAIG2oph
1Lwy0oJIgc+1y7HfMxzym/bcaU1WPpg3jVNQ9/4RF0MeNcz1Q4f13Q9LnnhEga6p
NHi/zHiYmgbnrUJXcFWWr8AULaDwF7DmlkYIrUY/Wt8X/0c31/a6MEKwxWpmjt18
aFy+fizQXnXAONiv6Ux1qbdPmCvr+h0Ge3oUnupUXm9UNyj2EeiOL2NsSFqqSPOY
hgCbZBdfh34EoHnbTNtmTpwm8sLUPu2rVQXqKKks3yWJbXiQnNyP/hv2LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpccNgyMj6JFi6N2zPXA0bHG2QQMB8GA1UdIwQY
MBaAFM+XURDHObdPhNQXA8SIKDJye93MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83ODc2NGItOTVlYi00MGMwLWFkMDQt
ZGFiNjhmZDg3ODZiLzEvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy83ODc2NGItOTVlYi00MGMwLWFkMDQtZGFiNjhmZDg3ODZi
LzEvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATL6mdCWh
QD07G9SohybNPpr4JpMhFjTlWZs/Y9esTTxUesvQEu4bi2jsm4kFLVyJV74COqfA
Rgrue2UvT8KlhM94wvLUI2gAnqxejtvLdZY3PqWfu1ey4AHz1tqqI88iowwtreMg
cAKzDiNcvo2RDv5QBel8xv/kC9VlFqhu51vzFTQug5vm09R8Dc9mpf8Z1dNgaYYd
tuQQl2q8ktr8gnq9Ulf1AjSEV6amNqRz99+3ZLPcPI9yc+GMRITUF4q+AVOF7x6x
w3aTAqSJnLKZ7LOkblKhKX4l3wsQXwSl2ttehXLqsYehap9WbaCi2WSxx/34T72W
oQWmTVGjJLQZbw==
-----END CERTIFICATE-----