Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          9ZWt+2s1J8MSXsMGzubTzXklyhPeJ4ypk5w5NfazKGU=
Subject key identifier:   CB:E9:25:34:A8:11:E1:C8:9B:BD:C4:6E:84:C9:8B:6E:F4:91:B0:27
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       019CAA586C8E400C2A115AE30C03DE125CBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 17:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:47 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: r11fOLBeUTxfKNOFQVCNJksnlR4N1hesDGPRv/EIPzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:6c:8e:40:0c:2a:11:5a:e3:0c:03:de:12:5c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Mar  1 17:00:47 2026 GMT
            Not After : Mar  2 17:00:47 2026 GMT
        Subject: CN=cbe92534a811e1c89bbdc46e84c98b6ef491b027
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:10:d5:dc:68:ec:06:71:87:ce:c4:07:5f:43:
                    d9:bd:2d:ca:c1:95:b4:a9:ac:93:0f:c1:52:53:7e:
                    3e:0e:c0:ac:9d:82:7a:01:1b:a1:f2:f6:d8:75:0f:
                    4a:f8:9f:5b:7b:4e:e6:9e:47:dc:ff:95:4c:e5:6a:
                    9a:50:a4:aa:a6:a0:62:48:5f:87:91:2b:fc:1e:07:
                    a2:20:e0:be:1b:93:a0:c0:78:19:7b:f3:c2:3f:c5:
                    f5:ed:52:89:4e:7c:03:ce:96:4a:d7:b5:f8:ec:82:
                    39:85:95:a1:72:e6:43:32:e0:2a:f3:17:63:af:5d:
                    f7:ba:1c:a2:75:3f:0e:0e:e9:40:43:f2:5e:37:e7:
                    df:75:37:41:8b:05:c2:f2:05:41:b9:86:8c:eb:a6:
                    ff:cb:33:55:6a:80:46:3e:ae:0d:96:63:d3:e6:32:
                    02:3c:0c:cf:2e:d9:5e:46:fa:9c:09:a9:7a:64:cd:
                    71:f3:a9:2e:49:7e:c4:7d:d6:9a:91:a8:3d:5c:54:
                    c0:0d:f1:49:80:0f:eb:d0:69:b8:0a:a8:e9:d7:d8:
                    10:ae:2b:66:57:12:46:88:57:95:82:db:78:4d:8a:
                    d6:6a:16:b5:7d:80:b0:37:64:ad:71:46:b3:3a:8a:
                    4e:ef:ea:40:4b:bf:0e:dc:99:d5:48:91:02:c0:10:
                    87:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:E9:25:34:A8:11:E1:C8:9B:BD:C4:6E:84:C9:8B:6E:F4:91:B0:27
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:e3:07:a2:00:14:11:a7:c0:ba:b9:8a:2e:d9:c2:b0:93:26:
         4b:e7:6b:fc:f8:52:ff:23:08:64:17:08:79:fa:9e:88:b9:40:
         8a:9a:b3:b3:e0:2c:d5:c0:b6:b8:86:00:ec:ab:88:6b:de:42:
         ff:c6:c6:bd:c1:e1:85:6e:bd:cd:13:9b:68:7c:f6:8c:9f:bb:
         b3:a7:01:af:9d:f2:82:cb:6d:48:b5:df:22:0b:07:1e:fc:be:
         c0:6b:22:58:a1:2f:44:7f:f0:56:d5:2f:67:d5:0f:4d:94:34:
         4b:8c:f0:49:4e:79:01:bb:f6:72:8c:62:c0:2d:e8:f8:34:80:
         30:a4:e4:b7:82:7a:66:99:5a:59:1e:bc:f9:57:01:ad:4f:f9:
         c6:3d:98:44:fe:25:6f:cb:94:8f:d4:fc:e9:3f:87:b3:46:6f:
         c8:d4:24:bf:e9:c7:72:59:d4:55:bc:88:41:76:ad:e0:63:06:
         76:18:6e:08:10:76:fe:73:45:01:36:68:1b:ab:d8:d2:f2:d3:
         6d:1a:cf:51:3e:d6:1f:30:30:6d:fa:ce:3e:db:fc:b3:f8:bf:
         74:69:36:43:ec:68:02:24:4a:d3:ff:b1:27:c0:f0:cc:d4:cf:
         d3:fe:4f:2e:e4:13:b9:03:70:42:b0:f7:e4:dc:e2:fd:47:7b:
         44:46:2e:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWGyOQAwqEVrjDAPeEly7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjYwMzAxMTcwMDQ3WhcNMjYwMzAyMTcwMDQ3WjAzMTEwLwYDVQQD
EyhjYmU5MjUzNGE4MTFlMWM4OWJiZGM0NmU4NGM5OGI2ZWY0OTFiMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxDV3GjsBnGHzsQHX0PZvS3KwZW0
qayTD8FSU34+DsCsnYJ6ARuh8vbYdQ9K+J9be07mnkfc/5VM5WqaUKSqpqBiSF+H
kSv8HgeiIOC+G5OgwHgZe/PCP8X17VKJTnwDzpZK17X47II5hZWhcuZDMuAq8xdj
r133uhyidT8ODulAQ/JeN+ffdTdBiwXC8gVBuYaM66b/yzNVaoBGPq4NlmPT5jIC
PAzPLtleRvqcCal6ZM1x86kuSX7Efdaakag9XFTADfFJgA/r0Gm4Cqjp19gQritm
VxJGiFeVgtt4TYrWaha1fYCwN2StcUazOopO7+pAS78O3JnVSJECwBCHKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvpJTSoEeHIm73EboTJi270kbAnMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+MHogAU
EafAurmKLtnCsJMmS+dr/PhS/yMIZBcIefqeiLlAipqzs+As1cC2uIYA7KuIa95C
/8bGvcHhhW69zRObaHz2jJ+7s6cBr53ygsttSLXfIgsHHvy+wGsiWKEvRH/wVtUv
Z9UPTZQ0S4zwSU55Abv2coxiwC3o+DSAMKTkt4J6ZplaWR68+VcBrU/5xj2YRP4l
b8uUj9T86T+Hs0ZvyNQkv+nHclnUVbyIQXat4GMGdhhuCBB2/nNFATZoG6vY0vLT
bRrPUT7WHzAwbfrOPtv8s/i/dGk2Q+xoAiRK0/+xJ8DwzNTP0/5PLuQTuQNwQrD3
5Nzi/Ud7REYuog==
-----END CERTIFICATE-----