Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          /ZV8LGo6h0Dv9Ivup4OAl4J1Am86YrNbmMyUSqbws4Y=
Subject key identifier:   07:B0:28:56:12:89:AF:88:7C:74:28:0E:7B:81:DF:10:8F:40:27:F8
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       019CAB6B1DBFDD566D44493CCDB5AA90AFE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:00:49 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:49 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:49 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: iIwSamsPhU4qOpSp0qAiu228dfPPiyHxZfYM2UZnYCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:1d:bf:dd:56:6d:44:49:3c:cd:b5:aa:90:af:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Mar  1 22:00:49 2026 GMT
            Not After : Mar  2 22:00:49 2026 GMT
        Subject: CN=07b028561289af887c74280e7b81df108f4027f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cd:c1:0c:47:45:5d:d5:49:60:7b:1f:7f:3e:
                    ab:b6:0a:1c:1d:01:45:1b:d3:db:2d:04:c0:d8:34:
                    bc:92:e6:f9:fa:44:d2:07:f0:6a:80:86:b1:f5:64:
                    01:9e:41:c5:ad:a9:ef:03:7f:06:8d:94:6a:19:1b:
                    35:af:a6:f8:d8:72:18:46:30:f3:64:a7:d0:9b:97:
                    80:6d:d4:0d:45:7c:20:04:8f:0e:a8:6e:f4:fc:7e:
                    6c:90:f8:2c:d7:b6:17:8f:56:fd:39:8e:18:2f:1a:
                    23:71:04:63:28:b2:7a:87:ec:6c:7d:41:5d:af:fa:
                    2b:a0:39:d8:8c:12:d2:7e:b9:d2:d0:cb:76:73:73:
                    0f:4f:13:b1:b0:16:35:bc:09:4e:5f:7b:15:ce:82:
                    d9:53:38:15:07:61:f4:e6:f3:60:65:ef:00:3c:0f:
                    8f:bc:c1:0d:ca:1e:f9:36:c6:42:cb:2b:33:41:d4:
                    e4:45:c4:b1:93:53:f4:62:70:40:0d:e1:a7:74:bd:
                    4f:71:d5:57:4e:78:00:c4:77:86:37:c8:09:a6:9f:
                    7a:fa:13:bf:88:52:d5:6d:33:11:df:4b:b6:1d:98:
                    74:e7:14:af:ae:f9:60:89:1d:e1:0c:50:6d:d7:2a:
                    c2:d8:83:3f:27:de:9d:b0:c4:d3:2b:5c:ea:c5:57:
                    71:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:B0:28:56:12:89:AF:88:7C:74:28:0E:7B:81:DF:10:8F:40:27:F8
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:fd:e1:8e:50:87:1d:cb:e6:7c:2d:a0:c5:dd:83:ca:e1:7a:
         a5:66:ae:59:08:ad:61:00:34:3e:c9:29:dc:94:e9:94:a7:7b:
         84:72:b3:10:38:3b:8f:1d:09:e2:a6:be:c3:c0:78:5e:de:cb:
         3f:bf:10:a8:82:5f:2a:2d:64:29:1d:1d:a7:b7:0a:73:d8:e7:
         90:22:b6:69:52:31:d2:f1:70:2f:2b:7d:60:f2:08:c7:1b:81:
         dd:9f:2f:e7:93:6f:b3:f3:48:1c:9f:1a:a7:14:54:24:fe:51:
         45:6e:39:f8:79:ec:f0:85:3d:a1:48:a3:db:a0:76:1e:83:0d:
         da:5a:ec:3f:9f:48:7b:3b:bf:7f:99:b0:9a:0c:79:00:9b:27:
         88:a3:43:6b:13:96:26:f9:c6:cc:86:56:34:84:87:4b:e6:51:
         1c:c1:42:d8:b7:0b:1d:d5:89:77:23:62:94:13:ec:e7:df:bd:
         ab:f9:5a:a8:f3:13:fa:c7:d1:26:e3:96:3e:49:ac:02:19:4b:
         d9:5b:3f:cc:80:d5:d0:4a:5d:ca:d2:35:41:09:71:b7:1e:14:
         e5:01:76:43:d1:34:45:08:f4:59:b1:a0:ad:50:ca:bf:32:8f:
         43:1b:98:b6:b3:aa:dc:c4:01:e2:bc:27:8c:f1:94:6f:ac:7d:
         74:32:33:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrax2/3VZtREk8zbWqkK/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjYwMzAxMjIwMDQ5WhcNMjYwMzAyMjIwMDQ5WjAzMTEwLwYDVQQD
EygwN2IwMjg1NjEyODlhZjg4N2M3NDI4MGU3YjgxZGYxMDhmNDAyN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM3BDEdFXdVJYHsffz6rtgocHQFF
G9PbLQTA2DS8kub5+kTSB/BqgIax9WQBnkHFranvA38GjZRqGRs1r6b42HIYRjDz
ZKfQm5eAbdQNRXwgBI8OqG70/H5skPgs17YXj1b9OY4YLxojcQRjKLJ6h+xsfUFd
r/oroDnYjBLSfrnS0Mt2c3MPTxOxsBY1vAlOX3sVzoLZUzgVB2H05vNgZe8APA+P
vMENyh75NsZCyyszQdTkRcSxk1P0YnBADeGndL1PcdVXTngAxHeGN8gJpp96+hO/
iFLVbTMR30u2HZh05xSvrvlgiR3hDFBt1yrC2IM/J96dsMTTK1zqxVdxOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAewKFYSia+IfHQoDnuB3xCPQCf4MB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/3hjlCH
HcvmfC2gxd2DyuF6pWauWQitYQA0Pskp3JTplKd7hHKzEDg7jx0J4qa+w8B4Xt7L
P78QqIJfKi1kKR0dp7cKc9jnkCK2aVIx0vFwLyt9YPIIxxuB3Z8v55Nvs/NIHJ8a
pxRUJP5RRW45+Hns8IU9oUij26B2HoMN2lrsP59Iezu/f5mwmgx5AJsniKNDaxOW
JvnGzIZWNISHS+ZRHMFC2LcLHdWJdyNilBPs59+9q/laqPMT+sfRJuOWPkmsAhlL
2Vs/zIDV0EpdytI1QQlxtx4U5QF2Q9E0RQj0WbGgrVDKvzKPQxuYtrOq3MQB4rwn
jPGUb6x9dDIzUA==
-----END CERTIFICATE-----