Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          ZOEo9zTes+4pjjMR/aHZMb1VtCfTG3bYl8v8FDvYYV0=
Subject key identifier:   88:4D:9C:51:64:9D:54:82:0F:E2:6E:04:E2:FE:99:52:6D:00:FA:33
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       019CAB6B4626C60855D179E38A5F1B75950D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          132B
Signing time:             Sun 01 Mar 2026 22:01:00 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:00 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:00 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: PmPgRvy5gLDflraXcapO1cdv0R8huz1y6zc+qz0RXvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:46:26:c6:08:55:d1:79:e3:8a:5f:1b:75:95:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Mar  1 22:01:00 2026 GMT
            Not After : Mar  2 22:01:00 2026 GMT
        Subject: CN=884d9c51649d54820fe26e04e2fe99526d00fa33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:98:8c:07:2b:e1:fa:fd:d3:4c:1e:95:7d:fb:
                    e2:c8:51:94:17:dd:b2:dc:b9:0d:85:0d:c2:17:e5:
                    c9:c7:8f:8f:26:44:21:45:b0:57:83:c4:2d:a4:34:
                    ac:f9:8c:b0:dc:0a:4b:ca:6f:b1:4f:4a:c5:a5:f3:
                    1a:70:9c:69:73:b2:b4:72:54:d3:a9:d2:6b:7b:79:
                    f3:11:a3:c5:9e:66:43:c0:a1:cd:ca:22:6a:c0:ce:
                    81:54:61:be:45:67:1d:ce:4c:ee:96:4d:67:a7:43:
                    1f:81:aa:58:fc:81:3a:91:01:ff:01:6b:c3:c2:85:
                    e0:13:de:c0:29:9a:56:0a:80:cf:ab:ae:64:3d:5f:
                    fc:c5:dc:2e:a0:fa:e7:25:8c:ce:ad:e9:91:b9:03:
                    2e:cc:61:40:c3:15:97:f9:15:cb:94:4b:fc:be:3e:
                    6d:06:14:02:39:6c:1e:d9:7c:c4:fb:9f:1a:a4:46:
                    30:07:ba:7c:36:ab:72:f1:97:7c:23:7d:96:33:77:
                    48:d8:a4:e9:70:81:b3:ad:26:31:35:e0:22:0f:ac:
                    be:c2:72:59:cb:82:65:65:34:08:c6:f2:80:d8:62:
                    18:e7:ed:05:55:1a:ed:86:ba:70:51:b3:e5:b9:ba:
                    55:22:70:03:3d:cb:31:33:42:ea:95:a1:02:08:32:
                    a1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:4D:9C:51:64:9D:54:82:0F:E2:6E:04:E2:FE:99:52:6D:00:FA:33
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:b2:45:f2:b2:4a:2b:bc:f0:2a:fa:73:a1:0f:14:2f:eb:9f:
         03:dc:e6:26:08:46:48:23:ec:4e:71:48:81:f6:ee:56:bb:0b:
         68:b5:97:73:47:35:e4:a0:a7:7a:70:d7:cc:63:43:aa:33:50:
         21:89:f8:cf:ca:2a:b1:2a:5d:79:2a:2f:04:96:8e:ef:9d:6f:
         e5:f2:98:96:44:19:de:aa:74:b5:c0:78:cd:51:07:1d:39:7f:
         58:2c:ed:c4:6f:24:9a:25:a1:55:1c:9b:58:b3:35:94:4b:27:
         b8:ca:95:05:b1:2d:ce:a9:bb:a0:50:e2:7a:2f:c2:f6:b8:2f:
         af:66:16:73:57:94:45:31:02:34:28:70:dc:d3:d8:eb:d6:ee:
         1d:90:81:19:db:a1:d3:7b:95:e0:bc:1f:a0:db:b7:8d:3a:96:
         3f:05:0c:93:74:5a:39:a4:f6:8c:f8:cd:03:80:fc:82:46:42:
         f1:97:55:af:d4:3a:e1:d7:6b:83:3e:15:1d:7c:f4:67:af:38:
         12:5c:73:bf:23:d9:69:ff:0e:c8:55:54:80:87:ae:20:7a:2d:
         cc:48:06:91:ec:d3:62:be:bd:9c:a4:27:2e:8f:27:27:d0:29:
         e2:c1:31:d8:55:f2:e2:7a:a3:0a:d8:19:f4:5f:b2:82:03:e1:
         8f:72:68:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0YmxghV0Xnjil8bdZUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjYwMzAxMjIwMTAwWhcNMjYwMzAyMjIwMTAwWjAzMTEwLwYDVQQD
Eyg4ODRkOWM1MTY0OWQ1NDgyMGZlMjZlMDRlMmZlOTk1MjZkMDBmYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJiMByvh+v3TTB6VffviyFGUF92y
3LkNhQ3CF+XJx4+PJkQhRbBXg8QtpDSs+Yyw3ApLym+xT0rFpfMacJxpc7K0clTT
qdJre3nzEaPFnmZDwKHNyiJqwM6BVGG+RWcdzkzulk1np0MfgapY/IE6kQH/AWvD
woXgE97AKZpWCoDPq65kPV/8xdwuoPrnJYzOremRuQMuzGFAwxWX+RXLlEv8vj5t
BhQCOWwe2XzE+58apEYwB7p8Nqty8Zd8I32WM3dI2KTpcIGzrSYxNeAiD6y+wnJZ
y4JlZTQIxvKA2GIY5+0FVRrthrpwUbPlubpVInADPcsxM0LqlaECCDKhpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhNnFFknVSCD+JuBOL+mVJtAPozMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA7JF8rJK
K7zwKvpzoQ8UL+ufA9zmJghGSCPsTnFIgfbuVrsLaLWXc0c15KCnenDXzGNDqjNQ
IYn4z8oqsSpdeSovBJaO751v5fKYlkQZ3qp0tcB4zVEHHTl/WCztxG8kmiWhVRyb
WLM1lEsnuMqVBbEtzqm7oFDiei/C9rgvr2YWc1eURTECNChw3NPY69buHZCBGduh
03uV4LwfoNu3jTqWPwUMk3RaOaT2jPjNA4D8gkZC8ZdVr9Q64ddrgz4VHXz0Z684
ElxzvyPZaf8OyFVUgIeuIHotzEgGkezTYr69nKQnLo8nJ9Ap4sEx2FXy4nqjCtgZ
9F+yggPhj3JoXw==
-----END CERTIFICATE-----