Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          Kd9wrJKvXluRwx9hTUA1U1QuE5ogvVDnHqPD7CVYc3I=
Subject key identifier:   1E:FB:EE:4B:4C:A7:B1:07:EE:0E:40:F7:4A:4E:D9:B2:DF:5F:7E:BB
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019CABD9261838AA2AC9130BBD3C274D6A6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:01:00 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:00 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:00 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: nGUftXhUZs8vPLFxcCYhycwnRDwLQvxeVpyq/ljjTpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:26:18:38:aa:2a:c9:13:0b:bd:3c:27:4d:6a:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Mar  2 00:01:00 2026 GMT
            Not After : Mar  3 00:01:00 2026 GMT
        Subject: CN=1efbee4b4ca7b107ee0e40f74a4ed9b2df5f7ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:21:41:e3:c5:7b:50:70:61:b7:2c:09:f7:8f:
                    5f:89:cb:2a:06:19:2a:9d:6b:17:1e:55:a1:11:b3:
                    9b:8b:48:1d:fd:07:81:05:1c:7e:29:3a:b3:95:b1:
                    b4:44:e3:84:e8:1e:dc:ba:35:d3:56:66:2a:e3:e9:
                    3a:7b:f1:a1:37:aa:e9:4f:84:5c:63:b9:00:8e:16:
                    f7:c0:9c:ed:14:f3:6e:88:79:68:1c:4e:d4:ed:ab:
                    61:b3:9f:db:50:83:68:44:fa:f8:3c:28:d4:d5:b6:
                    e1:8f:b4:1a:8f:ee:18:9a:11:94:61:d6:1e:13:44:
                    5e:5c:70:07:d1:0e:81:aa:45:30:71:53:bb:bf:2b:
                    ba:b7:1d:17:5e:a4:ee:bf:54:69:6c:ee:f4:84:4b:
                    8a:53:43:fc:e6:64:b1:90:3f:41:62:14:bb:d7:a2:
                    46:eb:2d:02:83:8b:7a:fb:9d:69:fe:04:00:72:07:
                    91:c7:25:e5:03:99:62:64:87:35:1a:f8:df:d7:47:
                    98:0c:6c:16:58:95:e1:d7:d8:9e:72:b8:8c:7d:7d:
                    f6:b6:3b:22:d6:c2:e1:00:5b:e0:b2:36:83:2b:ac:
                    1e:44:d6:b2:11:4f:fc:d4:9c:04:f7:07:47:01:8e:
                    65:9d:51:b3:4d:c6:8e:aa:a1:6f:d5:35:ff:7e:c7:
                    3e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:FB:EE:4B:4C:A7:B1:07:EE:0E:40:F7:4A:4E:D9:B2:DF:5F:7E:BB
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:61:70:f1:59:95:12:2f:b1:43:6f:93:2c:5d:d5:93:88:db:
         9c:cf:b1:d2:38:d8:0d:0e:d4:a7:46:f7:bd:85:8c:9b:42:91:
         ba:83:be:b7:87:c0:92:46:fd:0f:73:1e:d6:f5:ff:d6:73:ea:
         8e:e4:53:4b:96:33:da:68:43:bc:6a:10:ec:54:13:15:e6:44:
         70:56:71:82:d5:67:46:0b:55:58:47:c5:07:23:e1:63:45:08:
         cd:72:1a:06:01:ee:90:91:aa:4e:68:e4:26:63:da:6c:57:5a:
         53:8f:1b:28:f6:34:ca:c4:a6:5d:72:05:69:dd:8c:45:ad:d7:
         09:b6:e6:87:e0:1f:b0:5c:8e:75:97:67:67:e0:f1:60:76:88:
         a7:91:59:4a:69:e3:17:b3:33:7a:04:47:ab:bb:83:e0:e5:e8:
         0e:68:4b:83:9f:62:cb:3e:fa:4e:ee:bd:60:ce:ba:82:ee:dc:
         b2:b4:2a:c9:9a:17:59:7e:db:a9:40:7b:ef:68:28:32:6c:64:
         72:03:3c:83:96:43:cf:e7:17:e1:29:96:21:61:ea:9b:fe:db:
         91:bd:ce:32:91:74:62:90:52:40:c6:6d:86:06:e6:5f:ed:d3:
         f5:b7:f9:79:d0:81:04:2d:ab:f2:cd:35:be:a8:ab:b6:f2:d8:
         e2:c7:de:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2SYYOKoqyRMLvTwnTWptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjYwMzAyMDAwMTAwWhcNMjYwMzAzMDAwMTAwWjAzMTEwLwYDVQQD
EygxZWZiZWU0YjRjYTdiMTA3ZWUwZTQwZjc0YTRlZDliMmRmNWY3ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCFB48V7UHBhtywJ949ficsqBhkq
nWsXHlWhEbObi0gd/QeBBRx+KTqzlbG0ROOE6B7cujXTVmYq4+k6e/GhN6rpT4Rc
Y7kAjhb3wJztFPNuiHloHE7U7aths5/bUINoRPr4PCjU1bbhj7Qaj+4YmhGUYdYe
E0ReXHAH0Q6BqkUwcVO7vyu6tx0XXqTuv1RpbO70hEuKU0P85mSxkD9BYhS716JG
6y0Cg4t6+51p/gQAcgeRxyXlA5liZIc1Gvjf10eYDGwWWJXh19iecriMfX32tjsi
1sLhAFvgsjaDK6weRNayEU/81JwE9wdHAY5lnVGzTcaOqqFv1TX/fsc+nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB777ktMp7EH7g5A90pO2bLfX367MB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKmFw8VmV
Ei+xQ2+TLF3Vk4jbnM+x0jjYDQ7Up0b3vYWMm0KRuoO+t4fAkkb9D3Me1vX/1nPq
juRTS5Yz2mhDvGoQ7FQTFeZEcFZxgtVnRgtVWEfFByPhY0UIzXIaBgHukJGqTmjk
JmPabFdaU48bKPY0ysSmXXIFad2MRa3XCbbmh+AfsFyOdZdnZ+DxYHaIp5FZSmnj
F7MzegRHq7uD4OXoDmhLg59iyz76Tu69YM66gu7csrQqyZoXWX7bqUB772goMmxk
cgM8g5ZDz+cX4SmWIWHqm/7bkb3OMpF0YpBSQMZthgbmX+3T9bf5edCBBC2r8s01
vqirtvLY4sfeNw==
-----END CERTIFICATE-----