Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File:                     z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier:          ARRY3J9wRpsGrORRrPg68gyq/C0bBCkBJ8Ls+2yw79c=
Subject key identifier:   73:9A:CE:D3:BA:F7:62:7F:1C:53:76:DE:43:8F:C8:02:23:C1:5C:4E
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer:       /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial:       019CAB6BA63FCDBB01D34EC72879037AEAFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number:          11A6
Signing time:             Sun 01 Mar 2026 22:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:24 +0000
Files and hashes:         1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: aeFQiwLCCAtb1nIcxHVzcoKMnhyy+1DMk8GSE1KuUsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:a6:3f:cd:bb:01:d3:4e:c7:28:79:03:7a:ea:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
        Validity
            Not Before: Mar  1 22:01:24 2026 GMT
            Not After : Mar  2 22:01:24 2026 GMT
        Subject: CN=739aced3baf7627f1c5376de438fc80223c15c4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:79:8b:20:98:03:92:2c:03:9e:35:bc:43:e6:
                    bd:ef:1a:d3:f8:94:25:d4:67:f0:86:ba:a6:b1:73:
                    d2:c9:fa:25:9a:c3:a1:c5:0a:c0:ca:f4:7b:1c:51:
                    25:c4:6b:21:16:74:e9:e3:ca:09:8f:50:43:e9:8e:
                    95:ef:4c:d2:66:7a:e9:46:0d:04:2a:35:30:b3:6d:
                    5e:0d:e1:de:23:8d:91:e7:b9:98:41:d5:da:e7:93:
                    70:3a:82:1a:50:dc:f7:b3:a8:d2:21:da:02:ae:6a:
                    92:a6:78:c2:08:ec:a5:ca:a3:0d:53:e8:5f:f2:fd:
                    21:d9:c4:dd:68:cb:ac:f1:eb:da:86:93:b2:f3:21:
                    15:cb:63:a2:b0:8f:c7:e1:d5:0e:bb:73:f9:87:bc:
                    7a:30:67:4e:24:c9:08:a3:56:6b:24:be:de:45:c6:
                    55:76:9e:1b:99:96:ff:3c:ea:78:80:8d:f8:6f:3b:
                    f6:73:40:45:e9:aa:df:95:18:f9:d4:85:9d:fb:2d:
                    61:15:e8:30:f2:d6:dc:f0:88:54:6d:3f:b9:66:5b:
                    6d:09:33:e0:4a:46:cb:aa:a8:54:9d:b3:65:9a:c3:
                    c5:55:55:4a:c6:78:46:91:d6:b3:ba:d5:f9:2f:16:
                    49:a4:4b:87:bb:4d:bd:e1:e8:eb:79:22:26:8a:d1:
                    6d:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:9A:CE:D3:BA:F7:62:7F:1C:53:76:DE:43:8F:C8:02:23:C1:5C:4E
            X509v3 Authority Key Identifier:
                keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:8f:8c:84:63:25:05:47:d3:37:94:dc:af:b7:75:e0:f7:8f:
         b3:a2:87:2a:1e:21:dd:c5:f3:09:1e:fc:55:6c:21:3b:8e:9a:
         6f:87:64:da:2a:6c:50:3c:20:d4:b7:b6:92:4d:bc:26:17:ed:
         5c:05:8a:2d:5d:e5:be:63:9d:20:b7:b7:08:72:b0:bc:50:f3:
         1e:50:69:55:d7:df:0f:37:14:3c:00:4e:e1:a1:3f:ac:bd:01:
         42:a1:09:23:5e:1d:10:8d:cd:f1:42:f9:6d:de:de:ce:d6:3d:
         03:22:3f:79:30:56:08:f4:34:f9:1c:c9:d4:91:fd:d3:aa:be:
         01:99:3e:ef:ff:a7:26:63:b2:6a:75:a3:4f:c2:f7:f8:37:e9:
         93:6d:37:dd:79:2b:28:25:bd:1c:4c:eb:6d:58:5e:68:c2:a4:
         63:b4:55:d4:f1:5a:8a:a2:c8:1e:3a:b6:ba:b6:8d:aa:13:8d:
         df:3e:6b:d5:0c:52:9d:84:0a:5b:d7:eb:4f:70:61:cf:97:d2:
         01:a9:45:55:7e:6b:9f:c2:e7:37:89:8a:aa:1f:25:da:e1:e9:
         cb:8d:3b:f5:ee:c2:81:61:58:66:30:db:7b:fc:32:ab:21:e8:
         4c:cb:82:c7:55:9d:74:c8:ec:62:2d:91:98:c2:36:ee:86:d1:
         e5:cd:45:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6Y/zbsB007HKHkDeur/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjYwMzAxMjIwMTI0WhcNMjYwMzAyMjIwMTI0WjAzMTEwLwYDVQQD
Eyg3MzlhY2VkM2JhZjc2MjdmMWM1Mzc2ZGU0MzhmYzgwMjIzYzE1YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHmLIJgDkiwDnjW8Q+a97xrT+JQl
1GfwhrqmsXPSyfolmsOhxQrAyvR7HFElxGshFnTp48oJj1BD6Y6V70zSZnrpRg0E
KjUws21eDeHeI42R57mYQdXa55NwOoIaUNz3s6jSIdoCrmqSpnjCCOylyqMNU+hf
8v0h2cTdaMus8evahpOy8yEVy2OisI/H4dUOu3P5h7x6MGdOJMkIo1ZrJL7eRcZV
dp4bmZb/POp4gI34bzv2c0BF6arflRj51IWd+y1hFegw8tbc8IhUbT+5ZlttCTPg
SkbLqqhUnbNlmsPFVVVKxnhGkdazutX5LxZJpEuHu0294ejreSImitFtZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOaztO692J/HFN23kOPyAIjwVxOMB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeI+MhGMl
BUfTN5Tcr7d14PePs6KHKh4h3cXzCR78VWwhO46ab4dk2ipsUDwg1Le2kk28Jhft
XAWKLV3lvmOdILe3CHKwvFDzHlBpVdffDzcUPABO4aE/rL0BQqEJI14dEI3N8UL5
bd7eztY9AyI/eTBWCPQ0+RzJ1JH906q+AZk+7/+nJmOyanWjT8L3+Dfpk2033Xkr
KCW9HEzrbVheaMKkY7RV1PFaiqLIHjq2uraNqhON3z5r1QxSnYQKW9frT3Bhz5fS
AalFVX5rn8LnN4mKqh8l2uHpy4079e7CgWFYZjDbe/wyqyHoTMuCx1WddMjsYi2R
mMI27obR5c1FGQ==
-----END CERTIFICATE-----