Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          SIeedo+TlMaGrFaM+A/p0AyJ/uAzI7QRTKtFkTwjpRY=
Subject key identifier:   93:C8:DC:D7:F0:4B:33:00:00:D3:D6:7C:C8:9A:E5:B4:5E:80:25:4B
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019CAD59CBBF43B95FEC3C207AAD1D72642F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          1662
Signing time:             Mon 02 Mar 2026 07:01:09 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:09 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:09 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: LCIxDl0oS+lJpwE53btJwMW34GKx2knHSp5p0mzSADk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:cb:bf:43:b9:5f:ec:3c:20:7a:ad:1d:72:64:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Mar  2 07:01:09 2026 GMT
            Not After : Mar  3 07:01:09 2026 GMT
        Subject: CN=93c8dcd7f04b330000d3d67cc89ae5b45e80254b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2c:11:30:c1:f1:2b:6d:7b:a8:a5:bd:fa:82:
                    04:92:c6:b6:a9:c4:d2:b6:05:c8:92:5b:ed:89:5e:
                    08:30:7f:9c:5b:2b:2b:db:2d:72:9b:fa:99:b9:18:
                    40:33:72:e5:6f:f1:30:66:c2:79:ed:09:b2:d8:33:
                    0d:7b:57:25:dc:86:95:b1:f2:fc:88:d1:32:d9:24:
                    a5:0e:6c:55:0a:da:87:f8:78:82:0d:af:5e:8f:06:
                    f1:ed:7a:ff:e8:ec:37:93:15:fd:e7:26:a3:9c:e3:
                    83:37:34:9d:ff:68:1f:15:e8:54:30:b3:7c:6b:6c:
                    e5:d8:1c:1a:bd:76:ed:fc:d7:2d:25:8c:f0:6a:a7:
                    0e:02:50:46:8b:30:11:3a:88:2e:d6:58:91:50:d0:
                    db:db:55:f7:60:18:70:26:7f:45:39:2b:61:87:7c:
                    22:08:3a:4b:6d:fd:37:a3:16:36:33:d0:bd:63:57:
                    43:2d:78:8c:23:de:d2:12:5b:89:bc:b0:f5:e2:6e:
                    02:fe:95:1c:75:d1:33:19:23:23:82:10:4e:65:a6:
                    00:36:4a:79:85:92:9e:57:79:84:0b:57:d8:16:70:
                    32:45:67:88:bb:c2:5f:18:4b:fc:9e:5c:3d:a2:f8:
                    cb:fd:11:42:5d:ab:71:84:f2:74:5a:8c:5e:8c:a7:
                    57:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:C8:DC:D7:F0:4B:33:00:00:D3:D6:7C:C8:9A:E5:B4:5E:80:25:4B
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:73:37:ed:19:55:df:a2:1a:a5:54:03:30:b4:0f:e9:c0:7c:
         b1:6f:bf:70:f4:93:1a:ce:1e:dc:f5:94:1e:b7:91:2a:ab:bc:
         9a:0d:ac:6d:9a:da:5d:50:79:89:58:84:15:51:05:dd:90:81:
         e9:1b:c7:4e:44:fc:d4:88:c8:b6:0a:1a:96:cd:58:3b:c8:80:
         9f:c8:39:95:35:07:22:ae:d2:c2:a2:39:47:99:b4:bc:82:4b:
         8b:83:50:1d:b8:b4:a8:90:e8:65:b4:4b:9f:54:d2:ce:2b:65:
         68:f6:4c:34:e7:ef:97:f0:5e:a0:b4:c5:95:31:c9:8f:dc:2c:
         c4:00:1a:72:5b:26:2b:76:25:e6:6e:29:25:ed:b0:c5:38:04:
         0c:75:13:c9:d3:e1:f6:0e:60:9f:d6:5b:d5:99:f7:96:a1:dd:
         9a:34:72:77:e0:c3:38:66:b9:ed:97:53:32:d5:71:01:b7:99:
         4f:ad:f2:7d:33:f7:45:ba:4b:73:d2:3d:4a:cc:58:89:79:5e:
         77:b6:7f:0c:73:ed:4f:75:11:b0:f7:35:07:17:28:29:ee:e4:
         19:28:0e:21:b0:34:cf:42:26:7a:ac:bb:62:8d:fc:77:43:ee:
         c4:71:e1:50:84:f4:42:50:08:17:a5:d8:c3:54:e4:30:68:b8:
         dc:f0:bb:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWcu/Q7lf7Dwgeq0dcmQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjYwMzAyMDcwMTA5WhcNMjYwMzAzMDcwMTA5WjAzMTEwLwYDVQQD
Eyg5M2M4ZGNkN2YwNGIzMzAwMDBkM2Q2N2NjODlhZTViNDVlODAyNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SwRMMHxK217qKW9+oIEksa2qcTS
tgXIklvtiV4IMH+cWysr2y1ym/qZuRhAM3Llb/EwZsJ57Qmy2DMNe1cl3IaVsfL8
iNEy2SSlDmxVCtqH+HiCDa9ejwbx7Xr/6Ow3kxX95yajnOODNzSd/2gfFehUMLN8
a2zl2BwavXbt/NctJYzwaqcOAlBGizAROogu1liRUNDb21X3YBhwJn9FOSthh3wi
CDpLbf03oxY2M9C9Y1dDLXiMI97SEluJvLD14m4C/pUcddEzGSMjghBOZaYANkp5
hZKeV3mEC1fYFnAyRWeIu8JfGEv8nlw9ovjL/RFCXatxhPJ0WoxejKdXlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPI3NfwSzMAANPWfMia5bRegCVLMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMHM37RlV
36IapVQDMLQP6cB8sW+/cPSTGs4e3PWUHreRKqu8mg2sbZraXVB5iViEFVEF3ZCB
6RvHTkT81IjItgoals1YO8iAn8g5lTUHIq7SwqI5R5m0vIJLi4NQHbi0qJDoZbRL
n1TSzitlaPZMNOfvl/BeoLTFlTHJj9wsxAAaclsmK3Yl5m4pJe2wxTgEDHUTydPh
9g5gn9Zb1Zn3lqHdmjRyd+DDOGa57ZdTMtVxAbeZT63yfTP3RbpLc9I9SsxYiXle
d7Z/DHPtT3URsPc1BxcoKe7kGSgOIbA0z0Imeqy7Yo38d0PuxHHhUIT0QlAIF6XY
w1TkMGi43PC7KQ==
-----END CERTIFICATE-----