Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
File:                     ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft (raw, json)
Hash identifier:          60NcB8USF/wq9+wEJDr9VN7HEjcQgh21N2Lc19MAUXg=
Subject key identifier:   7A:44:08:EB:BA:C8:51:91:A8:50:07:E9:0C:76:A9:68:0D:4D:3C:88
Authority key identifier: 65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B
Certificate issuer:       /CN=654364d0c6c93df28027488afcbfcf329726392b
Certificate serial:       019CAB6B6BF507C1257EAC1CB78707BA753F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
Manifest number:          0BD9
Signing time:             Sun 01 Mar 2026 22:01:09 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:09 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:09 +0000
Files and hashes:         1: ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl (hash: wn09SVjz8n/eCnxKajiZb0BhEiOQcHnYqp15xSITglY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:6b:f5:07:c1:25:7e:ac:1c:b7:87:07:ba:75:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654364d0c6c93df28027488afcbfcf329726392b
        Validity
            Not Before: Mar  1 22:01:09 2026 GMT
            Not After : Mar  2 22:01:09 2026 GMT
        Subject: CN=7a4408ebbac85191a85007e90c76a9680d4d3c88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:69:4e:47:a4:e5:28:6b:cc:fd:dd:1f:ec:99:
                    92:a0:bf:bd:68:18:3e:61:c2:35:88:21:ff:8c:7e:
                    95:ce:1a:53:14:50:40:45:af:ab:59:9c:c4:d2:29:
                    12:3a:8c:48:81:87:50:31:88:a0:f9:69:17:81:a0:
                    0b:5d:da:d2:fc:61:82:9b:ae:c3:09:01:62:e4:d5:
                    0e:e8:78:42:d1:3a:94:6f:37:c6:a8:b1:fc:c8:b5:
                    7b:b6:f1:d9:0e:ec:1e:d9:14:20:fe:a3:92:df:e5:
                    98:b3:7a:4b:bb:9c:26:cb:ad:72:eb:a7:15:54:7c:
                    12:8c:96:b1:f6:9a:f0:eb:94:cf:7b:d4:30:5c:2e:
                    e6:65:ee:ca:2e:88:a4:52:b0:3c:4f:40:43:04:8c:
                    30:37:89:bb:ce:6f:e4:2f:47:03:12:53:58:46:51:
                    c2:3e:82:5d:13:49:a0:be:7e:9f:81:c5:de:9c:82:
                    64:2c:f0:0c:d9:f4:ed:e4:00:75:b0:ba:59:be:df:
                    f3:8d:a7:17:ba:41:43:42:08:0a:a0:58:de:28:ac:
                    6d:d5:57:d9:0c:1c:fd:cb:c5:ad:2a:92:cf:7d:5c:
                    ed:f7:62:09:18:e3:75:2b:b1:71:8b:bd:d8:16:fe:
                    bf:fb:e2:1f:1e:f5:ed:8f:c2:2d:92:02:22:1b:fa:
                    11:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:44:08:EB:BA:C8:51:91:A8:50:07:E9:0C:76:A9:68:0D:4D:3C:88
            X509v3 Authority Key Identifier:
                keyid:65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:c8:ef:2d:ab:38:26:90:e7:5e:f8:cf:8c:18:ff:fb:73:04:
         ec:52:5e:92:d1:10:f5:25:a7:a2:96:79:08:b5:4f:bb:4c:b0:
         d6:7e:a5:60:3a:59:e6:c7:d4:04:91:94:69:ef:d7:b5:13:5b:
         80:b6:2b:07:e5:e0:c6:db:2d:1a:75:9c:cb:43:8a:3e:ae:2f:
         bd:2c:c9:3f:30:1f:bd:61:b8:0b:8c:ee:ae:74:f9:d3:8b:9f:
         1f:43:22:40:cc:74:f5:56:ac:86:2f:1d:14:56:1d:cb:9a:86:
         79:f2:4d:1e:a0:23:34:08:a3:2a:d9:db:ca:c3:4d:24:6f:85:
         03:5d:b0:db:1c:ef:00:31:b2:fc:69:06:ea:5a:60:44:e6:51:
         2f:39:f5:31:04:7f:48:74:27:58:db:26:bd:b1:1f:03:50:19:
         cf:c1:fd:69:f0:45:fe:aa:07:6b:a0:4a:e0:ec:17:04:49:f5:
         2b:6c:8b:7e:38:df:47:ff:bb:7b:53:26:4e:f0:78:5d:57:68:
         c6:53:c7:de:42:a2:92:d1:60:83:5e:8e:4e:97:8a:3e:60:1d:
         c0:b9:ec:8a:61:68:f9:68:74:77:39:3a:2d:8c:6a:b3:3e:82:
         34:11:5e:75:f2:ef:ca:d3:d0:bd:69:15:6e:b5:8b:ad:2c:f1:
         e3:f4:88:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra2v1B8Elfqwct4cHunU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDM2NGQwYzZjOTNkZjI4MDI3NDg4YWZjYmZjZjMyOTcy
NjM5MmIwHhcNMjYwMzAxMjIwMTA5WhcNMjYwMzAyMjIwMTA5WjAzMTEwLwYDVQQD
Eyg3YTQ0MDhlYmJhYzg1MTkxYTg1MDA3ZTkwYzc2YTk2ODBkNGQzYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWlOR6TlKGvM/d0f7JmSoL+9aBg+
YcI1iCH/jH6VzhpTFFBARa+rWZzE0ikSOoxIgYdQMYig+WkXgaALXdrS/GGCm67D
CQFi5NUO6HhC0TqUbzfGqLH8yLV7tvHZDuwe2RQg/qOS3+WYs3pLu5wmy61y66cV
VHwSjJax9prw65TPe9QwXC7mZe7KLoikUrA8T0BDBIwwN4m7zm/kL0cDElNYRlHC
PoJdE0mgvn6fgcXenIJkLPAM2fTt5AB1sLpZvt/zjacXukFDQggKoFjeKKxt1VfZ
DBz9y8WtKpLPfVzt92IJGON1K7Fxi73YFv6/++IfHvXtj8ItkgIiG/oRzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpECOu6yFGRqFAH6Qx2qWgNTTyIMB8GA1UdIwQY
MBaAFGVDZNDGyT3ygCdIivy/zzKXJjkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTct
YjZlOGVhOTEyNDgwLzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTctYjZlOGVhOTEyNDgw
LzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMcjvLas4
JpDnXvjPjBj/+3ME7FJektEQ9SWnopZ5CLVPu0yw1n6lYDpZ5sfUBJGUae/XtRNb
gLYrB+XgxtstGnWcy0OKPq4vvSzJPzAfvWG4C4zurnT504ufH0MiQMx09Vashi8d
FFYdy5qGefJNHqAjNAijKtnbysNNJG+FA12w2xzvADGy/GkG6lpgROZRLzn1MQR/
SHQnWNsmvbEfA1AZz8H9afBF/qoHa6BK4OwXBEn1K2yLfjjfR/+7e1MmTvB4XVdo
xlPH3kKiktFgg16OTpeKPmAdwLnsimFo+Wh0dzk6LYxqsz6CNBFedfLvytPQvWkV
brWLrSzx4/SIMQ==
-----END CERTIFICATE-----