Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
File:                     ZQXsmbwMbKl7--a9UkTeywKGbis.mft (raw, json)
Hash identifier:          cdxzjWUrTssFulclTTMwov9SyVlliC+Z1rdf7dAET4o=
Subject key identifier:   E8:0D:6A:B7:54:D1:C0:57:A1:7A:2C:0B:2F:AD:E3:8E:39:1E:4F:6E
Authority key identifier: 65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B
Certificate issuer:       /CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
Certificate serial:       019CAB349A19F07881F2F5938D8795C2023E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
Manifest number:          0D3A
Signing time:             Sun 01 Mar 2026 21:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 21:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 21:01:17 +0000
Files and hashes:         1: ZQXsmbwMbKl7--a9UkTeywKGbis.crl (hash: MzyWSM9TltxeEaqjDP75jadltQ+2NI/wrfUEWCDwglY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:9a:19:f0:78:81:f2:f5:93:8d:87:95:c2:02:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
        Validity
            Not Before: Mar  1 21:01:17 2026 GMT
            Not After : Mar  2 21:01:17 2026 GMT
        Subject: CN=e80d6ab754d1c057a17a2c0b2fade38e391e4f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:38:a6:65:2b:3a:08:d4:0b:81:3d:12:2e:35:
                    8c:99:2c:9a:bd:97:83:f5:06:26:40:29:b3:32:90:
                    b1:b5:aa:3e:bc:df:0d:44:82:e0:36:86:6a:95:5b:
                    7a:30:56:7c:96:53:a7:6b:c0:8c:c6:51:1c:0e:52:
                    ce:48:5f:bb:a8:77:eb:98:76:7b:fb:13:76:73:df:
                    e9:ef:9d:c4:87:12:15:fd:85:6d:90:1c:9b:f2:94:
                    90:ba:fc:97:d4:90:65:e5:87:e2:bc:b8:a1:6e:4a:
                    34:e1:91:1e:1b:7c:2f:b0:cd:f1:26:ec:5a:a2:c7:
                    2f:d1:10:15:77:32:70:a6:c6:18:3d:24:15:bc:3f:
                    df:6e:61:22:31:e4:e8:70:53:22:63:3d:bf:00:37:
                    71:aa:68:55:63:6c:29:27:df:98:4a:fa:8e:c6:5c:
                    31:11:f9:48:40:12:a2:e4:b5:6d:25:c2:7b:d7:ff:
                    1d:5b:1b:3c:36:04:47:0f:ba:a8:e2:ce:54:8d:82:
                    31:96:bd:c0:5e:04:12:02:6b:d4:f8:f1:26:18:7a:
                    8b:fb:9b:20:ee:58:83:86:f9:29:94:04:b7:49:ea:
                    97:48:8c:7c:33:80:ae:95:4c:c0:7e:a6:04:ca:68:
                    03:07:38:42:60:08:dd:f2:11:3e:d7:12:f7:88:6b:
                    67:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:0D:6A:B7:54:D1:C0:57:A1:7A:2C:0B:2F:AD:E3:8E:39:1E:4F:6E
            X509v3 Authority Key Identifier:
                keyid:65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:9b:63:2c:6e:ef:06:86:33:96:66:f1:02:46:6c:35:a7:8e:
         af:77:da:d5:10:93:d6:24:4e:42:bb:5b:1c:e6:97:5b:50:2e:
         d6:46:66:99:3e:96:be:56:cb:33:04:5a:ef:d4:2a:6a:aa:23:
         42:e3:60:aa:99:b3:32:ff:a8:e4:8d:4d:bc:69:23:1f:5c:3a:
         da:6a:a5:d8:d9:db:ce:05:f3:4d:1f:e8:0a:ed:ac:dc:99:16:
         32:33:e3:41:d6:9a:5b:fb:7d:93:6d:2b:fd:ea:99:2b:ae:ac:
         49:be:9c:e1:07:a0:c7:90:23:49:d0:5e:b4:77:96:b1:66:fa:
         fd:93:4b:db:fd:16:c7:6b:31:1e:ee:c8:e1:cb:38:7f:19:6d:
         ea:b0:2e:b8:4e:60:f8:85:27:68:c8:93:8a:72:3e:fa:05:4b:
         06:b8:e9:1d:df:48:0a:f3:95:86:52:f7:ce:0f:3b:a0:38:24:
         90:77:8c:35:1e:05:b3:3b:20:d6:38:e2:d1:0c:f4:30:07:3a:
         ad:79:d2:10:d6:1d:d3:a1:6a:a6:54:72:39:c3:30:d9:81:e0:
         98:f9:12:fc:6f:71:f6:fc:76:24:ac:31:dd:b4:38:d4:ac:4a:
         41:1a:88:44:1f:8e:d3:d2:2a:59:06:ad:10:bf:05:76:4b:d7:
         a4:d5:53:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNJoZ8HiB8vWTjYeVwgI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDVlYzk5YmMwYzZjYTk3YmZiZTZiZDUyNDRkZWNiMDI4
NjZlMmIwHhcNMjYwMzAxMjEwMTE3WhcNMjYwMzAyMjEwMTE3WjAzMTEwLwYDVQQD
EyhlODBkNmFiNzU0ZDFjMDU3YTE3YTJjMGIyZmFkZTM4ZTM5MWU0ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzimZSs6CNQLgT0SLjWMmSyavZeD
9QYmQCmzMpCxtao+vN8NRILgNoZqlVt6MFZ8llOna8CMxlEcDlLOSF+7qHfrmHZ7
+xN2c9/p753EhxIV/YVtkByb8pSQuvyX1JBl5YfivLihbko04ZEeG3wvsM3xJuxa
oscv0RAVdzJwpsYYPSQVvD/fbmEiMeTocFMiYz2/ADdxqmhVY2wpJ9+YSvqOxlwx
EflIQBKi5LVtJcJ71/8dWxs8NgRHD7qo4s5UjYIxlr3AXgQSAmvU+PEmGHqL+5sg
7liDhvkplAS3SeqXSIx8M4CulUzAfqYEymgDBzhCYAjd8hE+1xL3iGtnnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgNardU0cBXoXosCy+t4445Hk9uMB8GA1UdIwQY
MBaAFGUF7Jm8DGype/vmvVJE3ssChm4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEt
ZmRhNWRkNTkwZjE2LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEtZmRhNWRkNTkwZjE2
LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdptjLG7v
BoYzlmbxAkZsNaeOr3fa1RCT1iROQrtbHOaXW1Au1kZmmT6WvlbLMwRa79Qqaqoj
QuNgqpmzMv+o5I1NvGkjH1w62mql2NnbzgXzTR/oCu2s3JkWMjPjQdaaW/t9k20r
/eqZK66sSb6c4Qegx5AjSdBetHeWsWb6/ZNL2/0Wx2sxHu7I4cs4fxlt6rAuuE5g
+IUnaMiTinI++gVLBrjpHd9ICvOVhlL3zg87oDgkkHeMNR4Fszsg1jji0Qz0MAc6
rXnSENYd06FqplRyOcMw2YHgmPkS/G9x9vx2JKwx3bQ41KxKQRqIRB+O09IqWQat
EL8FdkvXpNVTSw==
-----END CERTIFICATE-----