Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          35htrjG25cZRM5k/xvbHAp67NXg7i61k2jqQsE33V+U=
Subject key identifier:   85:CE:C4:C1:5C:BF:1A:0C:00:E5:85:D1:CF:51:ED:2D:CA:AF:8D:DE
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019D390A1050D95A0DEB4675AB2625F7F54E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          16FC
Signing time:             Sun 29 Mar 2026 10:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:53 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: kziZBELshItdN2kaN5Jg8guPbVadDumk2Y885PcnEUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:10:50:d9:5a:0d:eb:46:75:ab:26:25:f7:f5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Mar 29 10:00:53 2026 GMT
            Not After : Mar 30 10:00:53 2026 GMT
        Subject: CN=85cec4c15cbf1a0c00e585d1cf51ed2dcaaf8dde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b5:fd:37:32:cc:e5:fc:3d:ca:d5:88:3d:f7:
                    32:da:f4:41:66:38:05:82:9c:a8:2c:f3:90:a7:b0:
                    8d:52:c3:ab:69:9d:b8:3f:fb:32:d0:25:9d:2f:f7:
                    8a:82:ed:0a:49:c4:cc:a2:9c:0b:17:5c:b2:7d:5d:
                    2a:52:bd:a4:78:92:bb:01:20:cf:fb:76:44:d3:6f:
                    13:54:1a:8d:a5:f8:71:83:6f:4e:5b:82:f2:db:82:
                    76:0c:d6:71:fc:ea:09:d7:e3:46:d6:9f:1d:bf:8a:
                    54:55:aa:17:09:6f:0f:a0:cd:55:74:f2:52:4e:c9:
                    6b:b3:96:bd:06:ed:75:62:bc:ab:16:64:ba:2a:52:
                    d9:fd:ea:32:ca:73:73:47:9a:af:e3:f3:3b:7c:a7:
                    cc:c8:84:07:02:60:d7:dd:57:ff:be:aa:c9:7f:78:
                    6d:02:c5:2c:e4:88:80:1b:a6:b2:f1:e2:d5:5e:96:
                    9a:dc:93:d1:0f:a4:57:e9:1c:21:06:75:68:6d:16:
                    23:9f:f6:64:52:10:c7:9f:7e:ff:dc:3d:84:f9:9c:
                    b3:cb:af:92:67:c5:d9:a5:6c:b1:b3:ea:d6:1c:35:
                    a2:ff:1f:4f:34:f0:2e:1e:35:49:7a:97:ab:2a:fa:
                    21:58:92:a0:09:da:30:40:0c:6e:c7:74:ec:07:6a:
                    19:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:CE:C4:C1:5C:BF:1A:0C:00:E5:85:D1:CF:51:ED:2D:CA:AF:8D:DE
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:40:cb:36:da:45:ab:e6:89:b6:2d:a0:66:e8:f7:78:7c:12:
         0d:6e:2c:4d:df:07:e5:85:e9:0f:77:a6:d5:e8:89:e8:92:97:
         4e:23:aa:27:72:4b:35:3a:50:3a:b6:5e:80:f5:86:09:fc:57:
         5f:ab:94:c2:22:11:b5:7a:9e:ee:af:a3:fa:d7:e6:5b:de:a8:
         23:84:c1:36:02:c3:57:be:70:64:c5:1e:0f:43:20:21:7f:79:
         ae:78:15:28:27:79:6a:ee:c5:65:a5:46:1b:58:60:77:f6:7b:
         4d:e5:ba:27:53:d2:a8:09:ec:4a:4a:e3:6a:a1:9c:11:fa:e3:
         98:d9:87:1a:fb:5c:fd:5e:ab:c2:18:e1:39:4c:32:f7:7b:99:
         0f:45:86:94:cb:cc:27:8d:a8:5f:64:ba:3f:7d:37:df:9c:c1:
         1e:e6:cf:5f:d1:bf:bf:89:c5:d7:c2:3e:66:39:28:c9:88:91:
         b2:56:6d:4e:ca:cc:ea:ca:54:a6:cb:10:81:cc:4e:db:dc:2d:
         ab:dc:c1:00:bc:2f:4d:39:7a:bb:31:c4:c3:30:18:ab:1c:91:
         3d:cd:32:fd:38:3a:13:56:68:33:64:56:1c:de:79:46:56:9a:
         da:b8:b9:f0:d4:9f:a4:97:8a:13:fd:15:d1:17:97:8d:d1:f8:
         33:86:30:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChBQ2VoN60Z1qyYl9/VOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjYwMzI5MTAwMDUzWhcNMjYwMzMwMTAwMDUzWjAzMTEwLwYDVQQD
Eyg4NWNlYzRjMTVjYmYxYTBjMDBlNTg1ZDFjZjUxZWQyZGNhYWY4ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbX9NzLM5fw9ytWIPfcy2vRBZjgF
gpyoLPOQp7CNUsOraZ24P/sy0CWdL/eKgu0KScTMopwLF1yyfV0qUr2keJK7ASDP
+3ZE028TVBqNpfhxg29OW4Ly24J2DNZx/OoJ1+NG1p8dv4pUVaoXCW8PoM1VdPJS
Tslrs5a9Bu11YryrFmS6KlLZ/eoyynNzR5qv4/M7fKfMyIQHAmDX3Vf/vqrJf3ht
AsUs5IiAG6ay8eLVXpaa3JPRD6RX6RwhBnVobRYjn/ZkUhDHn37/3D2E+Zyzy6+S
Z8XZpWyxs+rWHDWi/x9PNPAuHjVJeperKvohWJKgCdowQAxux3TsB2oZVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXOxMFcvxoMAOWF0c9R7S3Kr43eMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQkDLNtpF
q+aJti2gZuj3eHwSDW4sTd8H5YXpD3em1eiJ6JKXTiOqJ3JLNTpQOrZegPWGCfxX
X6uUwiIRtXqe7q+j+tfmW96oI4TBNgLDV75wZMUeD0MgIX95rngVKCd5au7FZaVG
G1hgd/Z7TeW6J1PSqAnsSkrjaqGcEfrjmNmHGvtc/V6rwhjhOUwy93uZD0WGlMvM
J42oX2S6P30335zBHubPX9G/v4nF18I+ZjkoyYiRslZtTsrM6spUpssQgcxO29wt
q9zBALwvTTl6uzHEwzAYqxyRPc0y/Tg6E1ZoM2RWHN55Rlaa2ri58NSfpJeKE/0V
0ReXjdH4M4Ywzw==
-----END CERTIFICATE-----