Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          WaK4itQOG6NpDD7vREbMDTsFOASXwPpSBYpO9yswkq4=
Subject key identifier:   5C:EC:D3:EF:18:7A:28:F0:2D:49:D3:AF:80:C0:7B:5F:F1:F3:0A:0A
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       019D38659DB78FB37744DB83639B173C830E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0D92
Signing time:             Sun 29 Mar 2026 07:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:16 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: Eqdl6JJ4m/dgGEUm1/8ZpM9pLOkyOTpGSSv9PGpjTtM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:9d:b7:8f:b3:77:44:db:83:63:9b:17:3c:83:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Mar 29 07:01:16 2026 GMT
            Not After : Mar 30 07:01:16 2026 GMT
        Subject: CN=5cecd3ef187a28f02d49d3af80c07b5ff1f30a0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:87:93:d8:76:81:ed:11:f4:19:91:17:50:99:
                    3c:bc:8c:2f:6b:78:bd:83:6a:a4:31:39:3f:ea:99:
                    33:be:d0:c6:84:7b:e5:cc:58:ac:2d:57:9b:46:0b:
                    dc:b7:09:88:38:0a:af:71:c6:3b:9e:24:79:8e:e7:
                    29:8f:ea:26:81:47:ba:bc:81:67:85:6e:ba:27:3b:
                    22:7e:46:a4:b5:8a:45:b8:d2:69:c7:65:fd:ea:e1:
                    5e:73:11:83:8c:23:0d:dc:16:8c:34:7c:65:c2:e0:
                    d1:e8:8b:4d:26:d4:24:b2:75:ed:dc:18:bc:66:3c:
                    1f:09:2d:0a:14:e4:e3:e2:46:52:2d:12:e6:68:9b:
                    c5:88:a5:3c:14:69:a0:66:a9:62:bb:7e:ae:6a:01:
                    57:58:bc:22:ce:61:b9:91:73:0e:2a:d0:33:f0:c2:
                    d2:38:3f:aa:a4:e6:a0:76:56:ae:d7:63:73:d1:26:
                    3e:39:33:27:2e:42:d8:3c:64:6f:12:83:c0:08:00:
                    73:9a:76:87:4f:36:ba:ad:49:64:1c:2b:75:7a:fb:
                    ae:50:08:f1:9f:a6:96:75:13:56:dd:7a:7c:70:fa:
                    90:5b:56:11:80:95:14:0f:dd:c8:1c:ed:93:07:6e:
                    f5:c0:af:46:89:97:9c:99:a9:f9:e5:f4:f1:91:b5:
                    a4:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:EC:D3:EF:18:7A:28:F0:2D:49:D3:AF:80:C0:7B:5F:F1:F3:0A:0A
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:72:67:dd:75:65:27:f3:e4:e1:31:fa:4a:ba:72:d8:53:c9:
         2e:80:40:40:ed:8f:cf:a6:15:a5:1c:47:14:55:16:bf:98:01:
         35:f5:a2:30:b2:39:02:89:d3:05:4a:95:43:cf:df:55:08:2d:
         96:7c:15:6c:d9:94:e4:dd:4f:08:01:21:de:14:d3:cf:78:b0:
         ef:79:fd:2e:2c:48:c1:6c:46:b7:5b:ed:1e:7f:36:c5:16:dd:
         6f:74:9b:be:2c:8c:0c:e0:1d:26:14:8a:48:c4:cd:a0:96:02:
         f7:66:3e:b2:b0:aa:ca:1f:a0:64:83:f3:2c:c0:a5:93:6f:39:
         2b:90:78:9a:87:8f:ed:bf:62:c0:fd:2e:00:fd:cc:f7:b4:c8:
         96:cb:95:db:65:36:40:17:a2:fc:20:31:e4:49:5b:61:ab:51:
         0c:ae:fb:db:7f:fc:a8:e1:67:71:a2:dd:c1:11:bf:08:d0:ff:
         4b:ec:53:6c:96:a9:8e:cb:10:7b:17:98:8d:30:28:04:18:e6:
         2e:c1:e3:8b:49:6d:4a:fd:3d:49:e3:43:75:62:d6:3a:1a:cf:
         53:2b:78:60:8b:5e:9e:1c:f7:a7:49:0e:2b:ba:09:92:f9:6a:
         5c:92:06:9a:eb:30:44:13:66:42:bb:36:d9:64:52:17:52:e1:
         c7:d7:6b:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZ23j7N3RNuDY5sXPIMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjYwMzI5MDcwMTE2WhcNMjYwMzMwMDcwMTE2WjAzMTEwLwYDVQQD
Eyg1Y2VjZDNlZjE4N2EyOGYwMmQ0OWQzYWY4MGMwN2I1ZmYxZjMwYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YeT2HaB7RH0GZEXUJk8vIwva3i9
g2qkMTk/6pkzvtDGhHvlzFisLVebRgvctwmIOAqvccY7niR5jucpj+omgUe6vIFn
hW66JzsifkaktYpFuNJpx2X96uFecxGDjCMN3BaMNHxlwuDR6ItNJtQksnXt3Bi8
ZjwfCS0KFOTj4kZSLRLmaJvFiKU8FGmgZqliu36uagFXWLwizmG5kXMOKtAz8MLS
OD+qpOagdlau12Nz0SY+OTMnLkLYPGRvEoPACABzmnaHTza6rUlkHCt1evuuUAjx
n6aWdRNW3Xp8cPqQW1YRgJUUD93IHO2TB271wK9GiZecman55fTxkbWkiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzs0+8YeijwLUnTr4DAe1/x8woKMB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXJn3XVl
J/Pk4TH6Srpy2FPJLoBAQO2Pz6YVpRxHFFUWv5gBNfWiMLI5AonTBUqVQ8/fVQgt
lnwVbNmU5N1PCAEh3hTTz3iw73n9LixIwWxGt1vtHn82xRbdb3SbviyMDOAdJhSK
SMTNoJYC92Y+srCqyh+gZIPzLMClk285K5B4moeP7b9iwP0uAP3M97TIlsuV22U2
QBei/CAx5ElbYatRDK7723/8qOFncaLdwRG/CND/S+xTbJapjssQexeYjTAoBBjm
LsHji0ltSv09SeNDdWLWOhrPUyt4YItenhz3p0kOK7oJkvlqXJIGmuswRBNmQrs2
2WRSF1Lhx9drvA==
-----END CERTIFICATE-----