Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
File:                     sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft (raw, json)
Hash identifier:          X6vzmzWI/QS7dlSBY3QoiwuKsKAXstHMCPRfzELE1Pw=
Subject key identifier:   A7:7B:5A:4E:23:E7:3A:A3:D0:E6:22:A4:F7:F4:ED:EE:29:E2:3B:9A
Authority key identifier: B1:9D:46:A6:A3:36:35:3A:90:F1:74:FA:99:0F:C2:24:12:01:EB:1C
Certificate issuer:       /CN=b19d46a6a336353a90f174fa990fc2241201eb1c
Certificate serial:       019CAC7DC1FD728EDD71FBCF47D6E45F46C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
Manifest number:          07CD
Signing time:             Mon 02 Mar 2026 03:00:48 +0000
Manifest this update:     Mon 02 Mar 2026 03:00:48 +0000
Manifest next update:     Tue 03 Mar 2026 03:00:48 +0000
Files and hashes:         1: sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl (hash: tBueCoWpVaktuo51pIVjW2kVoTg7FdgTmJ0j9BAMdn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7d:c1:fd:72:8e:dd:71:fb:cf:47:d6:e4:5f:46:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b19d46a6a336353a90f174fa990fc2241201eb1c
        Validity
            Not Before: Mar  2 03:00:48 2026 GMT
            Not After : Mar  3 03:00:48 2026 GMT
        Subject: CN=a77b5a4e23e73aa3d0e622a4f7f4edee29e23b9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:08:3f:00:bf:68:fd:08:b5:b5:fe:ce:73:df:
                    d1:d5:0b:db:c6:ac:bd:3d:32:e8:ef:9c:1d:e8:6d:
                    5c:31:fe:32:62:fb:9a:96:bf:0d:0c:9f:7c:52:02:
                    cc:90:bc:50:29:f8:5f:e3:0b:c8:b7:02:55:52:ff:
                    b1:4e:0c:f4:82:06:08:27:8f:d1:a3:d8:3e:39:f6:
                    ac:5e:93:3b:27:0e:a3:e4:56:9d:fd:fb:57:a1:5e:
                    18:64:59:e7:47:21:82:41:98:39:2e:d9:9d:10:1e:
                    9a:cb:78:98:6a:a0:a9:5a:9c:34:2b:6c:9f:6c:75:
                    9f:50:da:14:2f:79:e0:4e:08:08:8e:98:6b:5d:d4:
                    a4:9f:ff:5a:1c:a9:c0:1e:0b:d4:53:db:d4:d3:97:
                    47:30:25:22:6d:39:6e:40:6a:38:97:f6:cf:31:a3:
                    68:96:82:6d:48:1c:51:13:4f:92:c7:45:7e:fa:d1:
                    9c:5b:17:3c:aa:a5:bd:eb:62:94:38:45:ab:95:7b:
                    f4:44:21:b7:63:61:63:52:a6:dd:d1:f9:87:2d:53:
                    db:d2:78:fe:1d:98:07:62:7b:81:aa:a3:98:79:1f:
                    c0:e5:48:60:38:94:25:f9:6e:42:db:b4:4a:63:79:
                    f0:ed:d1:e9:04:37:3e:df:c9:82:8b:0d:cd:b4:1f:
                    73:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:7B:5A:4E:23:E7:3A:A3:D0:E6:22:A4:F7:F4:ED:EE:29:E2:3B:9A
            X509v3 Authority Key Identifier:
                keyid:B1:9D:46:A6:A3:36:35:3A:90:F1:74:FA:99:0F:C2:24:12:01:EB:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:9c:e4:01:04:e8:e8:bd:4e:e1:45:ab:49:76:2c:2c:99:89:
         20:a7:44:db:62:04:09:38:b7:b0:1e:03:d3:55:15:bf:63:61:
         c4:42:d9:3a:15:2a:96:97:7c:e1:49:cb:1c:02:ef:a2:99:42:
         7c:d1:6b:9f:29:ff:70:a2:a0:2d:fc:d6:d4:20:b6:5f:d3:f8:
         69:0e:90:f1:8a:1e:85:65:f6:43:19:6e:eb:e8:f9:07:eb:5f:
         b4:d4:91:63:19:ed:ae:eb:d6:9d:98:a6:49:cc:a4:bb:30:93:
         14:24:83:ff:a0:80:b5:2f:8f:bf:b1:a3:6a:a3:36:2c:31:8d:
         4d:71:ef:ca:21:7e:6e:22:d4:b0:12:c8:f7:62:fb:e2:6f:ec:
         7a:12:c9:d2:4a:e7:0c:af:02:9d:3c:be:df:f4:9c:ac:6c:b0:
         c6:be:27:60:e6:95:03:1d:16:22:4c:35:33:6f:12:d1:df:43:
         27:15:05:e5:50:69:f2:d5:2c:ba:dc:f2:1b:4a:fe:7f:6e:e9:
         b0:7a:36:7b:fb:25:66:24:91:a8:76:90:7c:a7:58:3f:96:95:
         d5:4f:5c:f0:47:0b:ec:3a:bb:7b:02:7a:fe:cd:c3:ca:94:bb:
         d7:c0:e6:c5:cf:2b:6f:1b:f6:45:37:3c:d2:62:b5:6b:cd:b7:
         38:3c:5e:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfcH9co7dcfvPR9bkX0bCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOWQ0NmE2YTMzNjM1M2E5MGYxNzRmYTk5MGZjMjI0MTIw
MWViMWMwHhcNMjYwMzAyMDMwMDQ4WhcNMjYwMzAzMDMwMDQ4WjAzMTEwLwYDVQQD
EyhhNzdiNWE0ZTIzZTczYWEzZDBlNjIyYTRmN2Y0ZWRlZTI5ZTIzYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wg/AL9o/Qi1tf7Oc9/R1Qvbxqy9
PTLo75wd6G1cMf4yYvualr8NDJ98UgLMkLxQKfhf4wvItwJVUv+xTgz0ggYIJ4/R
o9g+OfasXpM7Jw6j5Fad/ftXoV4YZFnnRyGCQZg5LtmdEB6ay3iYaqCpWpw0K2yf
bHWfUNoUL3ngTggIjphrXdSkn/9aHKnAHgvUU9vU05dHMCUibTluQGo4l/bPMaNo
loJtSBxRE0+Sx0V++tGcWxc8qqW962KUOEWrlXv0RCG3Y2FjUqbd0fmHLVPb0nj+
HZgHYnuBqqOYeR/A5UhgOJQl+W5C27RKY3nw7dHpBDc+38mCiw3NtB9znwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKd7Wk4j5zqj0OYipPf07e4p4juaMB8GA1UdIwQY
MBaAFLGdRqajNjU6kPF0+pkPwiQSAescMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lMmY0ZTEtYTcwYS00Y2ExLTkyMWMt
NTk0YzY5ZmIwNzExLzEvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lMmY0ZTEtYTcwYS00Y2ExLTkyMWMtNTk0YzY5ZmIwNzEx
LzEvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapzkAQTo
6L1O4UWrSXYsLJmJIKdE22IECTi3sB4D01UVv2NhxELZOhUqlpd84UnLHALvoplC
fNFrnyn/cKKgLfzW1CC2X9P4aQ6Q8YoehWX2Qxlu6+j5B+tftNSRYxntruvWnZim
ScykuzCTFCSD/6CAtS+Pv7GjaqM2LDGNTXHvyiF+biLUsBLI92L74m/sehLJ0krn
DK8CnTy+3/ScrGywxr4nYOaVAx0WIkw1M28S0d9DJxUF5VBp8tUsutzyG0r+f27p
sHo2e/slZiSRqHaQfKdYP5aV1U9c8EcL7Dq7ewJ6/s3DypS718Dmxc8rbxv2RTc8
0mK1a823ODxecw==
-----END CERTIFICATE-----