Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          as0S4tUzfeRMAfMpHBKhKXw5xrhEJoQvQ4pn7Apy6VA=
Subject key identifier:   28:BF:0C:70:6D:E2:5F:C9:D6:16:91:83:E0:0A:62:A7:18:0F:B0:50
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019D9AE27F132DE146796255155A107BA1FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          16DD
Signing time:             Fri 17 Apr 2026 10:00:28 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:28 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:28 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: +D9WeA8KxfLJD59Yram/a9eHo9ySqTrYu6rfwNRDrUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:7f:13:2d:e1:46:79:62:55:15:5a:10:7b:a1:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Apr 17 10:00:28 2026 GMT
            Not After : Apr 18 10:00:28 2026 GMT
        Subject: CN=28bf0c706de25fc9d6169183e00a62a7180fb050
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2f:8d:44:fd:c3:76:49:44:84:59:5d:e0:cf:
                    47:78:da:d8:3c:0a:69:5f:24:1c:22:32:05:c6:75:
                    56:d5:46:9e:cb:88:79:15:f7:2b:1e:4f:05:d5:7b:
                    64:d8:1a:40:38:56:ef:54:e5:fd:11:a3:4e:dd:9e:
                    57:88:a8:1d:4e:2c:23:21:e0:04:6e:76:fc:ea:2d:
                    c0:6c:1d:8f:c4:08:9e:a7:98:7c:f2:78:13:e4:de:
                    ba:03:c8:ca:a1:5e:32:55:b5:09:f0:96:3b:5e:16:
                    43:7a:82:41:71:2f:8e:f7:ac:78:77:9a:bf:6d:54:
                    3e:9f:4c:11:43:70:54:e2:b8:65:b2:65:2e:d7:04:
                    1f:34:54:e6:21:32:e2:3e:0c:68:3a:83:05:76:6e:
                    15:2b:6c:a8:5c:ae:54:14:05:7b:57:d3:fd:1f:02:
                    79:a8:b0:b7:ed:36:38:94:0c:39:15:b4:7b:2d:40:
                    6d:f1:68:0c:b6:08:bf:5a:6d:8c:14:ed:52:de:81:
                    03:36:a0:e2:a6:db:4c:fa:08:6f:b0:26:64:41:e6:
                    3c:82:06:19:83:8f:92:45:82:00:ed:35:c3:bc:10:
                    84:ce:f4:f4:8f:82:eb:cc:73:57:f0:cc:92:2d:20:
                    44:0a:a9:9b:b3:21:46:42:0b:ba:3d:2a:74:6b:91:
                    61:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:BF:0C:70:6D:E2:5F:C9:D6:16:91:83:E0:0A:62:A7:18:0F:B0:50
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:0e:46:1e:c7:35:f0:ae:9a:bb:ab:3b:dd:64:ce:8c:9d:30:
         26:29:bb:31:ba:3e:ec:d1:40:5e:ec:07:b4:6e:a0:33:e5:bd:
         29:7a:3c:c0:00:7e:56:a5:cd:f6:6f:42:0d:30:3d:09:88:1c:
         ae:77:7b:99:3e:85:6d:1b:b0:94:3f:17:20:16:24:b6:60:33:
         e7:7b:2a:cc:ee:02:a9:74:34:23:8e:7f:03:f0:3e:27:ce:b7:
         c5:d0:6e:f0:4b:2c:b8:08:ca:d9:09:dc:ed:35:45:68:49:50:
         c1:86:18:21:25:90:b5:8f:77:cd:87:cd:0a:a9:01:42:57:bb:
         1a:bd:cf:a1:88:51:9b:9c:d2:da:ac:92:21:55:a2:c0:f4:c4:
         88:69:af:d0:eb:a4:98:e1:50:07:c6:37:42:b4:b8:f0:e9:f6:
         d5:af:29:0b:0d:93:c2:85:4e:7c:da:a5:c9:94:5e:9f:85:32:
         51:ff:21:56:61:1f:a7:ca:7c:9e:19:ed:0b:4a:70:25:58:c0:
         d6:b2:2b:55:71:6f:c0:3b:a7:c2:b8:f6:bb:94:fe:08:47:3e:
         8f:7e:47:ff:31:33:4d:45:b1:ac:86:0f:ed:af:fd:af:0b:04:
         8f:df:85:af:16:90:27:0a:fa:b5:68:9a:2e:74:c9:9d:f8:dc:
         52:39:4f:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4n8TLeFGeWJVFVoQe6H+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjYwNDE3MTAwMDI4WhcNMjYwNDE4MTAwMDI4WjAzMTEwLwYDVQQD
EygyOGJmMGM3MDZkZTI1ZmM5ZDYxNjkxODNlMDBhNjJhNzE4MGZiMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC+NRP3DdklEhFld4M9HeNrYPApp
XyQcIjIFxnVW1Uaey4h5FfcrHk8F1Xtk2BpAOFbvVOX9EaNO3Z5XiKgdTiwjIeAE
bnb86i3AbB2PxAiep5h88ngT5N66A8jKoV4yVbUJ8JY7XhZDeoJBcS+O96x4d5q/
bVQ+n0wRQ3BU4rhlsmUu1wQfNFTmITLiPgxoOoMFdm4VK2yoXK5UFAV7V9P9HwJ5
qLC37TY4lAw5FbR7LUBt8WgMtgi/Wm2MFO1S3oEDNqDipttM+ghvsCZkQeY8ggYZ
g4+SRYIA7TXDvBCEzvT0j4LrzHNX8MySLSBECqmbsyFGQgu6PSp0a5FhswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCi/DHBt4l/J1haRg+AKYqcYD7BQMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIw5GHsc1
8K6au6s73WTOjJ0wJim7Mbo+7NFAXuwHtG6gM+W9KXo8wAB+VqXN9m9CDTA9CYgc
rnd7mT6FbRuwlD8XIBYktmAz53sqzO4CqXQ0I45/A/A+J863xdBu8EssuAjK2Qnc
7TVFaElQwYYYISWQtY93zYfNCqkBQle7Gr3PoYhRm5zS2qySIVWiwPTEiGmv0Ouk
mOFQB8Y3QrS48On21a8pCw2TwoVOfNqlyZRen4UyUf8hVmEfp8p8nhntC0pwJVjA
1rIrVXFvwDunwrj2u5T+CEc+j35H/zEzTUWxrIYP7a/9rwsEj9+FrxaQJwr6tWia
LnTJnfjcUjlPyA==
-----END CERTIFICATE-----