Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft
File:                     ZpDQciFADjewHnSnEvrnxtcDFZU.mft (raw, json)
Hash identifier:          3oFWfAmbO2Sg6jihFXVFDkQiKSu9gGelKJynhBfCLAQ=
Subject key identifier:   22:37:8A:93:54:9B:27:49:7D:BC:37:CA:6C:1D:E7:E8:82:21:12:1F
Authority key identifier: 66:90:D0:72:21:40:0E:37:B0:1E:74:A7:12:FA:E7:C6:D7:03:15:95
Certificate issuer:       /CN=6690d07221400e37b01e74a712fae7c6d7031595
Certificate serial:       019CAAC6D8881CDA7F05ACCDC08A060ECD47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZpDQciFADjewHnSnEvrnxtcDFZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft
Manifest number:          12F3
Signing time:             Sun 01 Mar 2026 19:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:24 +0000
Files and hashes:         1: ZpDQciFADjewHnSnEvrnxtcDFZU.crl (hash: cBbqMmJEXTMuXIMb9QVxtl6SIqpip26GfUP0tUuNC0c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZpDQciFADjewHnSnEvrnxtcDFZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:d8:88:1c:da:7f:05:ac:cd:c0:8a:06:0e:cd:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6690d07221400e37b01e74a712fae7c6d7031595
        Validity
            Not Before: Mar  1 19:01:24 2026 GMT
            Not After : Mar  2 19:01:24 2026 GMT
        Subject: CN=22378a93549b27497dbc37ca6c1de7e88221121f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a5:db:ac:da:db:31:96:7a:75:36:a6:a8:61:
                    38:79:68:99:24:56:bd:6e:a2:ad:17:7b:e6:cb:e0:
                    5b:24:a3:cc:ab:3b:1a:92:f4:04:0b:a0:b1:04:05:
                    34:c7:fd:1c:d7:06:d6:68:46:16:2b:ca:2c:65:f7:
                    b2:5c:96:57:39:8d:c3:cb:eb:7e:77:5e:b8:90:af:
                    e0:78:8d:c4:4f:e2:cc:9e:df:90:c1:49:00:42:d0:
                    b8:24:18:7f:f3:33:4e:4d:9b:25:60:0e:6e:e3:e6:
                    ea:b9:b7:71:ee:c8:00:d4:7e:b7:aa:a8:0f:41:b9:
                    57:1d:e6:d1:79:e3:bd:ea:92:a5:53:24:21:1b:41:
                    26:41:0a:9d:7c:46:bb:83:1f:37:94:8a:f3:43:f9:
                    36:a3:f3:78:eb:c5:65:7e:1f:1a:04:aa:42:90:a2:
                    41:df:bc:f5:1b:ac:be:98:a6:85:e4:7d:0f:43:36:
                    ce:26:5d:d4:a0:1b:fd:89:86:16:c7:5d:87:bb:d7:
                    60:94:66:ae:6c:19:b1:da:a6:cb:65:f0:11:5b:ff:
                    14:dc:54:a2:2b:ed:2c:6f:70:04:f8:ae:9c:39:71:
                    3e:cd:d2:f2:85:d6:46:a5:88:13:a3:75:f9:c1:24:
                    ae:61:5c:78:35:31:d4:a6:11:8f:64:bd:82:6e:13:
                    12:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:37:8A:93:54:9B:27:49:7D:BC:37:CA:6C:1D:E7:E8:82:21:12:1F
            X509v3 Authority Key Identifier:
                keyid:66:90:D0:72:21:40:0E:37:B0:1E:74:A7:12:FA:E7:C6:D7:03:15:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpDQciFADjewHnSnEvrnxtcDFZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:6a:9b:43:60:3b:1b:1d:d2:3f:b2:05:7e:1e:48:ba:f5:b7:
         ec:4a:6b:93:10:bb:90:60:c6:ea:5b:ee:94:f9:b0:04:24:86:
         fc:c7:84:a1:a2:f6:8e:de:11:9b:0d:49:4a:76:04:fe:4c:95:
         32:d3:d3:c5:1c:32:40:d7:3e:f2:be:34:5a:dd:0d:5e:81:17:
         bd:bf:95:98:d4:90:6a:db:4e:38:bd:d8:9b:d9:75:1c:ac:bd:
         53:ab:4a:0a:56:14:f5:f5:d9:1b:52:2f:74:e1:63:d8:b6:c1:
         e9:a4:d5:10:8c:7d:ba:f8:dc:48:c3:f4:61:9c:ab:98:a9:44:
         0d:9c:67:69:ac:c1:22:7f:22:36:7d:aa:94:1d:12:ef:ff:30:
         6c:b8:66:a5:d1:62:0e:8d:40:d1:fc:bc:78:1e:63:47:ef:fc:
         3b:43:85:3a:93:06:04:db:2e:a5:31:b1:38:ae:cb:e8:2b:a8:
         3d:63:e9:c8:b6:57:3a:b6:c8:31:9b:a2:6a:15:41:3f:ba:b7:
         bd:43:e6:82:1d:4b:1f:6a:91:5d:ac:cc:39:31:c0:8e:cc:36:
         f4:30:ee:0c:88:7c:10:54:26:12:a8:aa:c3:04:17:ed:1c:34:
         91:68:a5:d0:1b:30:5d:c2:a6:fb:f3:33:1c:98:b6:4e:8d:06:
         36:d6:1a:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxtiIHNp/BazNwIoGDs1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTBkMDcyMjE0MDBlMzdiMDFlNzRhNzEyZmFlN2M2ZDcw
MzE1OTUwHhcNMjYwMzAxMTkwMTI0WhcNMjYwMzAyMTkwMTI0WjAzMTEwLwYDVQQD
EygyMjM3OGE5MzU0OWIyNzQ5N2RiYzM3Y2E2YzFkZTdlODgyMjExMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKXbrNrbMZZ6dTamqGE4eWiZJFa9
bqKtF3vmy+BbJKPMqzsakvQEC6CxBAU0x/0c1wbWaEYWK8osZfeyXJZXOY3Dy+t+
d164kK/geI3ET+LMnt+QwUkAQtC4JBh/8zNOTZslYA5u4+bqubdx7sgA1H63qqgP
QblXHebReeO96pKlUyQhG0EmQQqdfEa7gx83lIrzQ/k2o/N468Vlfh8aBKpCkKJB
37z1G6y+mKaF5H0PQzbOJl3UoBv9iYYWx12Hu9dglGaubBmx2qbLZfARW/8U3FSi
K+0sb3AE+K6cOXE+zdLyhdZGpYgTo3X5wSSuYVx4NTHUphGPZL2CbhMScwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCI3ipNUmydJfbw3ymwd5+iCIRIfMB8GA1UdIwQY
MBaAFGaQ0HIhQA43sB50pxL658bXAxWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBEUWNpRkFEamV3SG5TbkV2cm54dGNERlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kNTY1YjItZGMxOC00NDYwLWJmMDIt
NDYxYWNiOGExYzlmLzEvWnBEUWNpRkFEamV3SG5TbkV2cm54dGNERlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kNTY1YjItZGMxOC00NDYwLWJmMDItNDYxYWNiOGExYzlm
LzEvWnBEUWNpRkFEamV3SG5TbkV2cm54dGNERlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs2qbQ2A7
Gx3SP7IFfh5IuvW37EprkxC7kGDG6lvulPmwBCSG/MeEoaL2jt4Rmw1JSnYE/kyV
MtPTxRwyQNc+8r40Wt0NXoEXvb+VmNSQattOOL3Ym9l1HKy9U6tKClYU9fXZG1Iv
dOFj2LbB6aTVEIx9uvjcSMP0YZyrmKlEDZxnaazBIn8iNn2qlB0S7/8wbLhmpdFi
Do1A0fy8eB5jR+/8O0OFOpMGBNsupTGxOK7L6CuoPWPpyLZXOrbIMZuiahVBP7q3
vUPmgh1LH2qRXazMOTHAjsw29DDuDIh8EFQmEqiqwwQX7Rw0kWil0BswXcKm+/Mz
HJi2To0GNtYaZQ==
-----END CERTIFICATE-----