Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          eUfapeWIPNwTSbjm4YJcRjx5bJfU2bwkZLJvCTHh5Wg=
Subject key identifier:   58:D4:84:27:34:5A:B0:2C:10:35:57:2E:7C:55:BC:76:60:1D:9F:99
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       019CAE35BFD3A83BD13BBAAF48410BD42D89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0C80
Signing time:             Mon 02 Mar 2026 11:01:23 +0000
Manifest this update:     Mon 02 Mar 2026 11:01:23 +0000
Manifest next update:     Tue 03 Mar 2026 11:01:23 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: LK8FEgdIp0DIYphopJOkD2VSi46WilR+H8/TjK6ac6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 11:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:35:bf:d3:a8:3b:d1:3b:ba:af:48:41:0b:d4:2d:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Mar  2 11:01:23 2026 GMT
            Not After : Mar  3 11:01:23 2026 GMT
        Subject: CN=58d48427345ab02c1035572e7c55bc76601d9f99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8c:65:e4:67:ba:32:13:ab:3b:10:70:67:10:
                    99:02:d2:dd:85:f0:fc:b4:60:83:17:d9:bd:fe:89:
                    98:2d:1b:86:61:9c:c9:8d:39:69:3c:30:f0:dc:90:
                    13:e4:a5:2b:a2:48:aa:93:0e:24:f1:09:9e:31:f2:
                    4e:0d:08:2b:51:ee:bd:36:59:1a:82:fc:fd:0b:80:
                    aa:16:09:45:e2:40:72:ec:b6:d0:27:e1:7d:dd:d7:
                    0d:b5:be:1c:eb:fb:fe:fc:73:48:87:4d:bf:a8:97:
                    8e:5e:d7:fe:d3:af:53:06:55:47:f8:1f:d2:24:c3:
                    c1:cf:b5:ed:bf:aa:e6:b7:25:0f:1f:d4:71:4b:fc:
                    03:bf:9e:94:6a:6c:ab:66:c8:ea:e4:23:db:dd:d9:
                    4f:a0:4b:0c:8e:77:6a:f0:ee:97:7d:39:f6:b0:af:
                    52:31:4e:ca:b5:1f:14:04:6c:9c:74:e8:21:c9:d2:
                    36:f1:e8:9a:69:23:cd:33:25:6a:35:76:21:2e:f6:
                    80:1d:0b:bd:b6:fa:74:bb:a4:0c:f2:19:b2:b4:29:
                    34:94:99:74:ef:bc:4b:9f:c0:f2:4f:1d:00:41:21:
                    75:2f:d8:1c:3c:81:37:4c:8c:33:43:57:61:b2:bd:
                    ff:9f:eb:aa:bd:44:ce:3c:55:62:88:f0:1d:a5:e2:
                    9e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:D4:84:27:34:5A:B0:2C:10:35:57:2E:7C:55:BC:76:60:1D:9F:99
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:89:f8:14:bd:72:30:3b:f5:fb:16:77:36:31:62:46:aa:4c:
         95:7e:f5:e6:f7:ec:98:72:13:b9:56:49:b0:13:c3:53:d6:b7:
         18:c1:89:8a:5b:63:cc:49:87:10:d6:c4:db:70:d7:80:84:1e:
         3e:a9:24:fe:98:a9:c6:39:c9:5d:90:19:be:12:2d:ae:0d:6b:
         98:a4:55:a8:17:9d:2b:3e:bc:4c:1c:85:c6:5c:c1:54:1d:a5:
         18:95:55:4d:8f:4c:c8:b6:35:76:23:2b:d4:f9:fd:11:83:31:
         b1:a4:c7:a9:c2:fc:5c:04:3c:58:fd:ee:5a:65:93:97:9f:d8:
         5e:9d:12:0c:ea:e5:d3:bd:14:96:eb:a0:fb:2c:9d:07:5a:de:
         61:fd:e1:03:11:da:98:05:7e:23:48:d8:90:a0:e3:f5:82:c3:
         a6:ef:6e:5b:1d:b2:df:fc:2d:de:fa:68:2e:b2:a6:03:31:00:
         50:b4:c0:f9:b9:a8:97:f9:d5:24:ed:0c:09:52:65:bb:c7:3c:
         d3:ff:a9:0e:85:d2:e2:45:04:72:62:b5:56:61:a7:f0:a2:70:
         68:6a:c5:c5:bf:c8:cb:21:d8:16:00:7b:54:f9:1a:47:b2:85:
         ee:c6:b3:0a:e8:14:ba:e9:9e:d8:88:e8:e2:e7:62:fe:4d:4e:
         53:2b:62:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNb/TqDvRO7qvSEEL1C2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjYwMzAyMTEwMTIzWhcNMjYwMzAzMTEwMTIzWjAzMTEwLwYDVQQD
Eyg1OGQ0ODQyNzM0NWFiMDJjMTAzNTU3MmU3YzU1YmM3NjYwMWQ5Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIxl5Ge6MhOrOxBwZxCZAtLdhfD8
tGCDF9m9/omYLRuGYZzJjTlpPDDw3JAT5KUrokiqkw4k8QmeMfJODQgrUe69Nlka
gvz9C4CqFglF4kBy7LbQJ+F93dcNtb4c6/v+/HNIh02/qJeOXtf+069TBlVH+B/S
JMPBz7Xtv6rmtyUPH9RxS/wDv56UamyrZsjq5CPb3dlPoEsMjndq8O6XfTn2sK9S
MU7KtR8UBGycdOghydI28eiaaSPNMyVqNXYhLvaAHQu9tvp0u6QM8hmytCk0lJl0
77xLn8DyTx0AQSF1L9gcPIE3TIwzQ1dhsr3/n+uqvUTOPFViiPAdpeKe0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjUhCc0WrAsEDVXLnxVvHZgHZ+ZMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADYn4FL1y
MDv1+xZ3NjFiRqpMlX715vfsmHITuVZJsBPDU9a3GMGJiltjzEmHENbE23DXgIQe
Pqkk/pipxjnJXZAZvhItrg1rmKRVqBedKz68TByFxlzBVB2lGJVVTY9MyLY1diMr
1Pn9EYMxsaTHqcL8XAQ8WP3uWmWTl5/YXp0SDOrl070Uluug+yydB1reYf3hAxHa
mAV+I0jYkKDj9YLDpu9uWx2y3/wt3vpoLrKmAzEAULTA+bmol/nVJO0MCVJlu8c8
0/+pDoXS4kUEcmK1VmGn8KJwaGrFxb/IyyHYFgB7VPkaR7KF7sazCugUuume2Ijo
4udi/k1OUytiRw==
-----END CERTIFICATE-----