Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
File:                     ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft (raw, json)
Hash identifier:          DVPjcyr3odnfDMFkO0lpZR9J01lKVoRA/U2cht9a7x8=
Subject key identifier:   ED:43:BF:6E:69:3B:6A:D1:46:62:AD:67:0F:D5:F7:D9:CE:2E:77:99
Authority key identifier: 64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9
Certificate issuer:       /CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
Certificate serial:       019CAD5A0D23D1FD21ACCDE1560997057A61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
Manifest number:          17D5
Signing time:             Mon 02 Mar 2026 07:01:25 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:25 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:25 +0000
Files and hashes:         1: ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl (hash: fPwd1NkhTwTqFRLTao4Ja4HGL7tFuk01cBpzjlgoxN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:0d:23:d1:fd:21:ac:cd:e1:56:09:97:05:7a:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
        Validity
            Not Before: Mar  2 07:01:25 2026 GMT
            Not After : Mar  3 07:01:25 2026 GMT
        Subject: CN=ed43bf6e693b6ad14662ad670fd5f7d9ce2e7799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d8:5a:00:09:5e:02:46:8b:3f:50:79:c5:d5:
                    fb:3e:c0:41:0c:14:f3:95:f2:c7:7e:3c:33:0f:9d:
                    f9:9e:9e:1a:00:3e:56:2f:99:52:56:89:5e:a4:cd:
                    ca:f9:e7:e7:29:e2:2b:03:21:b0:ed:44:7f:9c:13:
                    09:17:ef:48:6a:47:b8:ba:74:cc:b5:93:8a:eb:17:
                    8a:64:13:7e:66:db:27:ae:1b:a4:57:c4:ea:88:89:
                    85:f0:d7:63:58:40:f1:7f:d6:9b:88:28:6e:09:51:
                    35:2f:5d:b4:c3:6f:1f:9c:04:89:b7:42:4b:22:61:
                    19:7a:8c:ae:1f:28:51:6e:31:74:f3:69:b1:3d:ce:
                    c3:65:08:7a:8a:3a:7c:01:66:19:f6:11:96:ec:a0:
                    b8:66:b1:5a:80:73:8d:37:00:e9:86:35:dc:cf:c7:
                    06:b5:11:7b:75:cb:c7:f6:d5:d9:7b:e8:e5:86:4f:
                    1e:68:e1:10:e8:68:22:8c:7f:33:6d:7c:23:35:e7:
                    21:03:f4:35:1a:be:c0:0f:83:53:f0:2b:82:c8:5c:
                    a5:a0:b1:8c:96:0b:28:91:f3:20:13:f7:6d:c5:78:
                    29:de:d9:4a:9a:45:98:06:91:4c:7d:c2:49:5d:09:
                    0c:db:9a:59:4a:2e:8d:21:ad:5c:43:ff:f3:82:88:
                    3c:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:43:BF:6E:69:3B:6A:D1:46:62:AD:67:0F:D5:F7:D9:CE:2E:77:99
            X509v3 Authority Key Identifier:
                keyid:64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:25:8b:7e:0c:f9:58:44:b0:60:32:8b:c8:c1:2e:a5:7f:e8:
         fa:ec:f3:53:d2:84:a0:2c:ab:4c:9f:ab:04:ca:13:66:be:b0:
         7b:3f:cc:a6:39:24:7d:c6:44:c9:b5:13:e8:03:cd:a2:b7:9b:
         37:5b:06:56:43:aa:86:54:65:33:c0:74:88:76:02:db:17:30:
         ad:45:91:da:ba:51:42:62:8d:df:7f:0e:61:6a:9e:fa:43:71:
         4c:0a:50:68:aa:3e:e8:f7:89:1f:44:76:84:5c:fb:49:6e:af:
         71:2d:18:c2:09:9f:40:1f:5c:1c:28:e1:5e:fd:cc:8e:06:25:
         ac:b9:04:8c:d5:f4:dd:8d:ca:af:a3:9c:f8:75:86:12:50:9e:
         fe:d4:a8:1c:09:69:e6:af:ba:76:f1:3f:b9:6d:08:ba:d7:e4:
         f3:83:bb:30:cb:9e:06:de:a1:5c:22:b2:df:b8:5c:aa:ff:37:
         b4:c1:23:79:1b:af:aa:9e:c6:b5:fa:f6:40:e0:2d:61:3c:27:
         21:e1:0f:9d:3c:f1:76:c3:72:27:4c:8d:7d:ca:32:70:98:01:
         28:c0:4a:cf:74:ef:ed:c4:ce:98:98:06:02:05:a6:99:51:a0:
         8b:5f:74:ef:a6:6f:df:c4:61:b3:76:fe:e9:b8:37:bf:68:c7:
         a2:49:a2:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWg0j0f0hrM3hVgmXBXphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFlYWUyOGE0MWZjNzQwMTBkMGJmYjgzZmQ4MGNhMzQ1
YzU3ZjkwHhcNMjYwMzAyMDcwMTI1WhcNMjYwMzAzMDcwMTI1WjAzMTEwLwYDVQQD
EyhlZDQzYmY2ZTY5M2I2YWQxNDY2MmFkNjcwZmQ1ZjdkOWNlMmU3Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9haAAleAkaLP1B5xdX7PsBBDBTz
lfLHfjwzD535np4aAD5WL5lSVolepM3K+efnKeIrAyGw7UR/nBMJF+9Iake4unTM
tZOK6xeKZBN+ZtsnrhukV8TqiImF8NdjWEDxf9abiChuCVE1L120w28fnASJt0JL
ImEZeoyuHyhRbjF082mxPc7DZQh6ijp8AWYZ9hGW7KC4ZrFagHONNwDphjXcz8cG
tRF7dcvH9tXZe+jlhk8eaOEQ6GgijH8zbXwjNechA/Q1Gr7AD4NT8CuCyFyloLGM
lgsokfMgE/dtxXgp3tlKmkWYBpFMfcJJXQkM25pZSi6NIa1cQ//zgog81wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1Dv25pO2rRRmKtZw/V99nOLneZMB8GA1UdIwQY
MBaAFGTa6uKKQfx0AQ0L+4P9gMo0XFf5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYt
NjVhMjQyMDAyMjcwLzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYtNjVhMjQyMDAyMjcw
LzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANSWLfgz5
WESwYDKLyMEupX/o+uzzU9KEoCyrTJ+rBMoTZr6wez/MpjkkfcZEybUT6APNoreb
N1sGVkOqhlRlM8B0iHYC2xcwrUWR2rpRQmKN338OYWqe+kNxTApQaKo+6PeJH0R2
hFz7SW6vcS0YwgmfQB9cHCjhXv3MjgYlrLkEjNX03Y3Kr6Oc+HWGElCe/tSoHAlp
5q+6dvE/uW0Iutfk84O7MMueBt6hXCKy37hcqv83tMEjeRuvqp7Gtfr2QOAtYTwn
IeEPnTzxdsNyJ0yNfcoycJgBKMBKz3Tv7cTOmJgGAgWmmVGgi19076Zv38Rhs3b+
6bg3v2jHokmi2Q==
-----END CERTIFICATE-----