Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          4vhgSimA3KuzBsQtPatZDZvPQvDvEMv0xNOKNKIWCto=
Subject key identifier:   A9:A4:82:42:AE:F9:29:F0:4B:B6:2B:24:92:83:A1:1F:09:9F:6C:04
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019CAF111B18798721EF0892AE4797BA20C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          05C2
Signing time:             Mon 02 Mar 2026 15:00:59 +0000
Manifest this update:     Mon 02 Mar 2026 15:00:59 +0000
Manifest next update:     Tue 03 Mar 2026 15:00:59 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: 7SGta9IVKUlq2tFIbdv5YfzxfzqhDA4/aLOkC1wmsYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:11:1b:18:79:87:21:ef:08:92:ae:47:97:ba:20:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Mar  2 15:00:59 2026 GMT
            Not After : Mar  3 15:00:59 2026 GMT
        Subject: CN=a9a48242aef929f04bb62b249283a11f099f6c04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bb:f1:83:26:c0:98:83:76:83:5e:dc:45:f8:
                    42:1f:6a:67:b1:e1:c3:ec:23:ed:47:f1:6e:28:28:
                    a1:a6:16:ae:8d:52:dd:1b:94:98:a0:02:f4:59:00:
                    b8:f1:c9:96:cb:1e:e8:33:dd:20:5f:b1:d6:0d:57:
                    82:27:49:6d:1f:37:41:69:ab:b2:62:90:83:52:7c:
                    d1:11:75:c8:85:86:64:74:5e:36:7f:46:a4:9d:a9:
                    8f:67:d4:fe:76:a2:9e:a3:6b:b3:60:d2:63:99:e5:
                    06:9d:5d:00:43:a9:dc:49:70:de:d5:63:81:4f:cb:
                    03:43:c3:02:ca:44:e2:ca:45:8e:c3:c2:dd:0a:c2:
                    80:9e:27:60:5e:f1:35:7f:5f:34:60:cd:4a:f5:ef:
                    5a:e9:f1:34:1a:c3:9a:26:0f:68:28:5c:d0:0a:07:
                    93:c1:7e:eb:3e:3f:0f:f3:cf:51:68:6b:82:7a:d9:
                    37:66:a9:72:e0:af:63:41:ed:1a:d0:2b:7f:c7:13:
                    d4:5f:d7:fd:21:96:7b:16:86:19:52:3d:bb:90:35:
                    9e:a7:57:76:7a:c9:68:39:8f:70:b6:5f:50:12:c7:
                    39:7b:05:9c:1e:bc:df:14:5b:96:1f:22:18:00:a4:
                    81:e0:e7:99:58:8b:bd:06:60:3a:0e:4c:27:a1:2f:
                    d2:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:A4:82:42:AE:F9:29:F0:4B:B6:2B:24:92:83:A1:1F:09:9F:6C:04
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:8e:97:2c:1a:74:9b:99:10:ad:87:43:5d:ad:b6:4c:81:76:
         1f:00:aa:8c:bb:d2:91:f8:b5:5b:8a:5d:ed:4a:52:31:28:bf:
         69:48:fc:00:2b:e4:3c:9d:99:14:5d:fb:17:99:e6:f2:fb:73:
         2a:7b:ce:1a:77:46:cb:b7:4e:78:d4:4b:ef:aa:a7:0b:92:52:
         f6:cc:22:b9:3f:ac:68:46:71:f9:ca:bb:63:27:df:64:ee:53:
         39:25:f5:4c:3f:58:33:8f:41:b8:41:92:85:98:39:3f:76:b4:
         22:05:c2:ec:d3:f5:f2:02:57:07:93:8c:5f:a7:46:6b:f2:1e:
         19:8d:36:eb:f6:e9:51:12:de:bc:e5:42:45:d7:28:f2:b9:45:
         3b:9a:35:59:21:76:86:be:72:f1:37:63:7a:f9:be:d6:db:d2:
         61:23:05:d4:1e:d8:54:39:15:32:fc:95:f6:5d:9a:9e:12:02:
         1d:29:86:35:d5:5c:a3:fe:75:a9:d6:cb:75:25:d1:2e:8a:d1:
         fe:1b:c8:2c:9a:b2:3c:5e:df:5a:c7:29:1c:b3:5f:f3:21:d5:
         0a:d8:f7:d2:f0:aa:8c:fb:9f:82:ca:e0:a5:7d:6a:8b:f9:7f:
         9d:19:e7:c8:6f:79:a5:fb:fe:bc:52:79:7c:6c:76:d8:58:ab:
         17:e0:20:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvERsYeYch7wiSrkeXuiDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjYwMzAyMTUwMDU5WhcNMjYwMzAzMTUwMDU5WjAzMTEwLwYDVQQD
EyhhOWE0ODI0MmFlZjkyOWYwNGJiNjJiMjQ5MjgzYTExZjA5OWY2YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbvxgybAmIN2g17cRfhCH2pnseHD
7CPtR/FuKCihphaujVLdG5SYoAL0WQC48cmWyx7oM90gX7HWDVeCJ0ltHzdBaauy
YpCDUnzREXXIhYZkdF42f0aknamPZ9T+dqKeo2uzYNJjmeUGnV0AQ6ncSXDe1WOB
T8sDQ8MCykTiykWOw8LdCsKAnidgXvE1f180YM1K9e9a6fE0GsOaJg9oKFzQCgeT
wX7rPj8P889RaGuCetk3Zqly4K9jQe0a0Ct/xxPUX9f9IZZ7FoYZUj27kDWep1d2
esloOY9wtl9QEsc5ewWcHrzfFFuWHyIYAKSB4OeZWIu9BmA6DkwnoS/SzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmkgkKu+SnwS7YrJJKDoR8Jn2wEMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAII6XLBp0
m5kQrYdDXa22TIF2HwCqjLvSkfi1W4pd7UpSMSi/aUj8ACvkPJ2ZFF37F5nm8vtz
KnvOGndGy7dOeNRL76qnC5JS9swiuT+saEZx+cq7YyffZO5TOSX1TD9YM49BuEGS
hZg5P3a0IgXC7NP18gJXB5OMX6dGa/IeGY026/bpURLevOVCRdco8rlFO5o1WSF2
hr5y8Tdjevm+1tvSYSMF1B7YVDkVMvyV9l2anhICHSmGNdVco/51qdbLdSXRLorR
/hvILJqyPF7fWscpHLNf8yHVCtj30vCqjPufgsrgpX1qi/l/nRnnyG95pfv+vFJ5
fGx22FirF+AgIw==
-----END CERTIFICATE-----