Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          U2q4w9kDD3DMWDfqm0bH0vZubxjZGNW0cg2OzNxM/9E=
Subject key identifier:   45:72:5D:EB:DA:FE:FC:EE:90:8F:4D:19:40:20:7B:E8:3B:23:72:B6
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       019CAD5938B630BCBF11211778E2C8334437
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          07C0
Signing time:             Mon 02 Mar 2026 07:00:31 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:31 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:31 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: N1yysFbLj+4GHkCjShWzDBfbPQU4tuWWlB7Cr8iAgOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:38:b6:30:bc:bf:11:21:17:78:e2:c8:33:44:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Mar  2 07:00:31 2026 GMT
            Not After : Mar  3 07:00:31 2026 GMT
        Subject: CN=45725debdafefcee908f4d1940207be83b2372b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:01:d9:77:af:07:9b:5b:65:fe:47:5c:21:d1:
                    e5:37:a1:8c:f7:3b:44:64:f2:92:5f:a8:65:49:a3:
                    f6:8c:12:8a:f4:c9:7d:56:b3:b8:9b:b6:b9:34:96:
                    fd:50:62:f5:b1:c0:61:c4:ca:6b:ec:2a:bd:66:f6:
                    d7:90:89:9d:f1:59:c8:6e:5e:f3:c0:39:95:d0:1d:
                    d7:1d:a9:d6:13:62:2c:2d:21:37:e4:ca:60:5c:64:
                    16:0e:01:35:ae:81:ac:79:38:0e:da:a1:a8:d9:a8:
                    41:a7:de:53:d4:0b:de:fd:14:fd:c0:87:5c:b9:d2:
                    bc:31:eb:b4:4c:f1:29:67:fc:26:4a:ee:ca:1e:34:
                    31:98:82:d7:ff:80:1d:e3:76:82:7e:66:b2:42:ed:
                    5e:a4:b7:f5:e5:4f:63:b2:41:5f:bc:c3:3c:70:49:
                    fc:ce:92:65:42:16:b3:b6:64:a9:a8:c4:dd:cc:7b:
                    ed:d9:e3:43:f2:4c:5d:41:f3:36:98:4c:a0:bc:75:
                    52:66:e1:ca:f9:c8:b3:2f:4b:a7:cc:27:5d:4f:52:
                    98:7f:4f:84:06:0a:b8:cd:88:8f:ab:9e:27:8f:1b:
                    d8:b3:99:da:e6:02:b9:27:a3:09:93:b8:14:11:04:
                    e1:b4:46:83:2b:dd:0e:80:28:cf:cd:78:c5:96:eb:
                    0a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:72:5D:EB:DA:FE:FC:EE:90:8F:4D:19:40:20:7B:E8:3B:23:72:B6
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:68:51:44:79:d1:cb:dc:1c:ef:86:6e:78:18:1a:f6:24:41:
         fc:2f:a8:20:c2:cf:2a:00:2a:43:fc:fb:22:4b:bc:7d:58:3f:
         7e:f4:4e:2c:24:63:49:4d:52:54:ec:a8:82:f5:9f:9c:55:83:
         f2:f5:62:84:b4:5b:b9:9f:4b:98:9d:ab:b3:9f:a1:d6:6f:fd:
         cf:90:a8:27:e5:ce:db:0a:dc:ad:c6:ca:64:88:21:64:af:1c:
         df:e3:c0:70:26:2b:78:27:cc:92:55:33:2a:59:8d:c8:b2:30:
         0c:af:d2:70:dc:e5:81:67:37:36:b1:64:d5:33:3c:1c:4e:77:
         25:ed:91:b5:54:51:10:01:7e:a0:87:94:89:de:9b:71:28:f9:
         9c:a7:67:4d:27:08:fc:bd:2a:ea:cc:6f:db:bb:54:4d:26:dd:
         d2:0e:23:cc:cb:ae:12:d0:84:b7:d8:a4:58:c8:fc:75:46:b6:
         30:2d:af:3f:1e:1d:2d:56:70:93:67:f9:7f:41:57:b4:b7:df:
         e3:e0:e1:23:fb:d6:95:ee:3d:a2:da:02:ff:18:99:6e:28:fa:
         2d:0a:b5:75:14:ef:fa:8e:cb:2c:5c:62:cb:aa:d4:ee:44:91:
         6a:77:e9:02:e4:3f:91:63:0b:c0:be:36:93:af:55:77:22:24:
         5b:49:16:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWTi2MLy/ESEXeOLIM0Q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjYwMzAyMDcwMDMxWhcNMjYwMzAzMDcwMDMxWjAzMTEwLwYDVQQD
Eyg0NTcyNWRlYmRhZmVmY2VlOTA4ZjRkMTk0MDIwN2JlODNiMjM3MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAHZd68Hm1tl/kdcIdHlN6GM9ztE
ZPKSX6hlSaP2jBKK9Ml9VrO4m7a5NJb9UGL1scBhxMpr7Cq9ZvbXkImd8VnIbl7z
wDmV0B3XHanWE2IsLSE35MpgXGQWDgE1roGseTgO2qGo2ahBp95T1Ave/RT9wIdc
udK8Meu0TPEpZ/wmSu7KHjQxmILX/4Ad43aCfmayQu1epLf15U9jskFfvMM8cEn8
zpJlQhaztmSpqMTdzHvt2eND8kxdQfM2mEygvHVSZuHK+cizL0unzCddT1KYf0+E
Bgq4zYiPq54njxvYs5na5gK5J6MJk7gUEQThtEaDK90OgCjPzXjFlusKGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVyXeva/vzukI9NGUAge+g7I3K2MB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmhRRHnR
y9wc74ZueBga9iRB/C+oIMLPKgAqQ/z7Iku8fVg/fvROLCRjSU1SVOyogvWfnFWD
8vVihLRbuZ9LmJ2rs5+h1m/9z5CoJ+XO2wrcrcbKZIghZK8c3+PAcCYreCfMklUz
KlmNyLIwDK/ScNzlgWc3NrFk1TM8HE53Je2RtVRREAF+oIeUid6bcSj5nKdnTScI
/L0q6sxv27tUTSbd0g4jzMuuEtCEt9ikWMj8dUa2MC2vPx4dLVZwk2f5f0FXtLff
4+DhI/vWle49otoC/xiZbij6LQq1dRTv+o7LLFxiy6rU7kSRanfpAuQ/kWMLwL42
k69VdyIkW0kWlg==
-----END CERTIFICATE-----