Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          e0kmM4WPEoisfAVsTh2S9uqJ7d/FDVEOcTqmW3FAmQo=
Subject key identifier:   7A:2F:E7:2D:7E:31:99:CC:D3:C1:06:3F:16:02:D0:8B:87:A0:EF:44
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       019CAD592D435AAE900FEAFE80BDBCF7E2DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          10AF
Signing time:             Mon 02 Mar 2026 07:00:28 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:28 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:28 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: RotC4af5wr7CyF+Sk8Nd/9NxS5nzaNWsJxwAwRxJI+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:2d:43:5a:ae:90:0f:ea:fe:80:bd:bc:f7:e2:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Mar  2 07:00:28 2026 GMT
            Not After : Mar  3 07:00:28 2026 GMT
        Subject: CN=7a2fe72d7e3199ccd3c1063f1602d08b87a0ef44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:0d:06:95:c6:eb:01:b9:75:00:fa:78:0d:97:
                    f7:f2:f2:3d:15:b8:f1:5f:b3:03:c4:59:4c:d9:a0:
                    2f:bf:02:5d:5f:41:e8:4c:4b:e3:8f:e6:fe:19:39:
                    04:55:10:ac:ea:96:17:58:d5:cd:95:58:93:f2:99:
                    87:f2:d6:e5:7f:60:4e:ba:15:8d:50:ff:7d:c7:65:
                    bd:6e:04:0d:e1:96:30:34:90:d7:a1:bb:4a:da:a3:
                    b1:32:dc:25:3b:b6:1e:b8:09:dc:23:7a:87:d0:6f:
                    0e:ab:0d:e2:4d:72:25:91:1e:39:79:d7:8c:01:5a:
                    5a:47:35:35:17:ec:fe:d3:fb:2e:50:58:8e:1a:01:
                    16:58:83:9d:ba:06:14:28:fc:63:d5:44:40:50:a5:
                    c0:2e:73:f5:1c:bc:16:8d:5d:93:08:30:ec:77:3d:
                    f8:a8:e3:97:4b:15:e6:c5:e4:27:aa:7d:6f:14:13:
                    6c:34:da:c6:34:ef:60:38:ad:07:61:e8:48:b2:3d:
                    4a:95:75:b1:2e:4b:77:fd:dd:48:22:7a:0f:cf:15:
                    1b:22:a6:26:a0:db:76:1c:df:52:2e:4b:97:bd:6f:
                    e2:29:bd:bb:1f:d0:00:a5:ec:93:45:82:cb:4d:5c:
                    e8:cb:db:fb:4f:a6:51:cc:cb:4e:54:fb:8d:07:88:
                    30:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:2F:E7:2D:7E:31:99:CC:D3:C1:06:3F:16:02:D0:8B:87:A0:EF:44
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:dd:28:7c:57:33:7e:5c:9a:cd:8b:60:f8:47:a5:9f:69:d2:
         5a:3c:46:7e:2e:bb:ff:fb:e2:31:3a:da:d2:e1:1f:0d:00:17:
         02:6b:81:aa:81:34:f1:8e:82:b6:78:11:f3:f2:e8:fd:8a:ce:
         53:d5:4d:48:9e:45:94:6d:b0:e6:fe:1b:02:dd:eb:16:d5:bd:
         91:d2:f5:e0:dd:c6:92:d8:66:92:7c:c1:56:67:45:8d:ef:0e:
         36:01:72:e5:99:65:a9:51:48:53:a7:a1:bd:14:c6:25:0c:79:
         45:53:8e:79:8c:1b:79:0d:79:8d:cf:2b:9d:54:40:e8:2e:91:
         72:8a:2f:be:fc:21:8b:fb:ed:2b:6b:bd:ce:f9:a6:df:c4:05:
         c4:a0:b6:fb:2d:63:76:b9:bf:98:26:0e:0b:ba:48:1e:d1:cd:
         fe:48:68:11:2c:93:c0:9f:ec:5b:e7:ec:b2:f0:bb:b9:bb:0f:
         c6:e9:ed:89:b7:cd:0d:94:80:7d:2b:8e:cf:6b:7a:e6:e4:06:
         50:35:21:59:ab:88:7a:64:b2:ad:ac:b0:5a:29:9e:52:73:66:
         c7:f1:d7:b2:d4:87:65:0e:59:12:c2:40:a1:5a:98:7f:e1:d5:
         38:69:37:85:9b:14:0e:17:42:8d:26:33:80:cc:55:f0:0e:7f:
         ff:0a:47:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWS1DWq6QD+r+gL289+LfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjYwMzAyMDcwMDI4WhcNMjYwMzAzMDcwMDI4WjAzMTEwLwYDVQQD
Eyg3YTJmZTcyZDdlMzE5OWNjZDNjMTA2M2YxNjAyZDA4Yjg3YTBlZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7A0GlcbrAbl1APp4DZf38vI9Fbjx
X7MDxFlM2aAvvwJdX0HoTEvjj+b+GTkEVRCs6pYXWNXNlViT8pmH8tblf2BOuhWN
UP99x2W9bgQN4ZYwNJDXobtK2qOxMtwlO7YeuAncI3qH0G8Oqw3iTXIlkR45edeM
AVpaRzU1F+z+0/suUFiOGgEWWIOdugYUKPxj1URAUKXALnP1HLwWjV2TCDDsdz34
qOOXSxXmxeQnqn1vFBNsNNrGNO9gOK0HYehIsj1KlXWxLkt3/d1IInoPzxUbIqYm
oNt2HN9SLkuXvW/iKb27H9AApeyTRYLLTVzoy9v7T6ZRzMtOVPuNB4gw4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHov5y1+MZnM08EGPxYC0IuHoO9EMB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQd0ofFcz
flyazYtg+Eeln2nSWjxGfi67//viMTra0uEfDQAXAmuBqoE08Y6CtngR8/Lo/YrO
U9VNSJ5FlG2w5v4bAt3rFtW9kdL14N3GkthmknzBVmdFje8ONgFy5ZllqVFIU6eh
vRTGJQx5RVOOeYwbeQ15jc8rnVRA6C6Rcoovvvwhi/vtK2u9zvmm38QFxKC2+y1j
drm/mCYOC7pIHtHN/khoESyTwJ/sW+fssvC7ubsPxuntibfNDZSAfSuOz2t65uQG
UDUhWauIemSyraywWimeUnNmx/HXstSHZQ5ZEsJAoVqYf+HVOGk3hZsUDhdCjSYz
gMxV8A5//wpHBA==
-----END CERTIFICATE-----