Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          1x48KEGN9qre7x/NV7jFrihc82a8a6q5FHQQyjO82qI=
Subject key identifier:   F0:C2:8C:3B:BD:43:E6:60:20:91:F7:38:FC:79:00:AB:00:85:10:AB
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       019D3865A23D8F68C57E871FBB07BD27A53D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          1374
Signing time:             Sun 29 Mar 2026 07:01:17 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:17 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:17 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: IQ/2J3WkBcbyZ0jaSb8IoPPsv3zoH/WWR2heIMrrrts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:a2:3d:8f:68:c5:7e:87:1f:bb:07:bd:27:a5:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Mar 29 07:01:17 2026 GMT
            Not After : Mar 30 07:01:17 2026 GMT
        Subject: CN=f0c28c3bbd43e6602091f738fc7900ab008510ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ba:ee:48:2d:f3:82:bc:ae:e5:13:ad:07:2f:
                    f0:b4:a8:40:24:d3:b9:2f:4e:51:6e:00:5e:fa:7e:
                    b7:34:ad:be:6a:2f:93:9a:38:ee:b2:79:70:62:fe:
                    e5:56:b5:8a:ad:be:fa:c8:2f:9a:ef:86:04:63:e6:
                    4a:28:70:3a:55:6a:07:a2:1f:64:b0:42:7d:e2:fd:
                    fb:00:61:1b:25:16:e7:91:38:a2:76:20:93:61:58:
                    6c:be:5a:f2:c8:47:2a:fd:1e:c2:a1:21:80:86:81:
                    d1:33:83:c4:4d:1f:71:e2:04:84:f2:75:e1:2d:44:
                    96:35:cd:d1:e3:d9:e3:94:d9:e0:1d:b3:db:be:4d:
                    58:b6:aa:39:13:7b:df:3b:7f:97:70:ad:53:c3:24:
                    a5:b6:f9:63:83:4e:80:35:f5:c4:d5:e1:4d:00:6d:
                    01:fc:37:99:74:da:2f:91:2f:cc:b4:bb:ad:19:d7:
                    b8:48:ef:55:b5:31:0a:18:01:11:f1:19:0f:e8:2c:
                    ce:81:30:81:8b:05:fb:30:5e:9d:2b:f4:ad:08:cd:
                    8e:cc:89:17:ac:33:a2:e0:45:a6:59:9f:93:cc:7d:
                    67:3a:1c:13:2c:04:98:9a:1f:83:a3:1d:bf:9c:76:
                    b0:60:b0:47:e2:0b:a4:4e:25:dd:9f:48:6f:f7:2b:
                    48:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C2:8C:3B:BD:43:E6:60:20:91:F7:38:FC:79:00:AB:00:85:10:AB
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:c7:6d:a5:31:26:68:53:1a:2b:4d:4d:12:e2:17:26:42:53:
         69:ab:70:2c:aa:bc:94:43:77:55:b8:da:af:53:b4:da:bc:33:
         b3:49:ee:e3:93:1e:24:32:a1:33:32:c0:a6:1a:92:2e:2c:05:
         40:80:6e:a1:ef:da:39:e6:fa:3d:ad:67:c9:ed:17:e9:2e:b3:
         84:1e:51:c8:a1:9a:3f:c5:d5:83:9c:07:4e:e9:b2:d5:1f:35:
         ea:39:f2:03:d5:57:79:54:6e:8e:2d:df:4f:5b:3c:9f:04:52:
         11:51:87:8c:10:af:12:b1:82:9d:da:25:d6:b1:64:d6:99:4b:
         7c:97:7e:b0:36:03:1c:7f:1e:bc:9b:51:89:5f:60:f5:c5:8f:
         1c:4a:2f:05:58:18:5c:4f:3b:9c:8c:f7:e1:30:6c:5f:ec:3f:
         7c:b5:8a:71:8a:de:78:fb:4d:b1:49:23:5b:2c:c9:78:41:ca:
         67:55:d7:36:16:80:63:26:3e:f3:42:70:a6:2a:08:b6:c5:a0:
         b4:7b:dd:7a:e6:27:38:c9:6b:d4:f4:e6:93:b0:ee:0b:35:df:
         0d:73:24:24:69:c2:a0:e6:49:b7:46:fd:2e:c9:a6:c8:25:38:
         73:48:33:18:21:95:ef:57:70:1f:22:f6:75:7d:2f:25:dd:a8:
         c2:e7:f3:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZaI9j2jFfocfuwe9J6U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjYwMzI5MDcwMTE3WhcNMjYwMzMwMDcwMTE3WjAzMTEwLwYDVQQD
EyhmMGMyOGMzYmJkNDNlNjYwMjA5MWY3MzhmYzc5MDBhYjAwODUxMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbruSC3zgryu5ROtBy/wtKhAJNO5
L05RbgBe+n63NK2+ai+TmjjusnlwYv7lVrWKrb76yC+a74YEY+ZKKHA6VWoHoh9k
sEJ94v37AGEbJRbnkTiidiCTYVhsvlryyEcq/R7CoSGAhoHRM4PETR9x4gSE8nXh
LUSWNc3R49njlNngHbPbvk1Ytqo5E3vfO3+XcK1TwySltvljg06ANfXE1eFNAG0B
/DeZdNovkS/MtLutGde4SO9VtTEKGAER8RkP6CzOgTCBiwX7MF6dK/StCM2OzIkX
rDOi4EWmWZ+TzH1nOhwTLASYmh+Dox2/nHawYLBH4gukTiXdn0hv9ytIeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDCjDu9Q+ZgIJH3OPx5AKsAhRCrMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYcdtpTEm
aFMaK01NEuIXJkJTaatwLKq8lEN3Vbjar1O02rwzs0nu45MeJDKhMzLAphqSLiwF
QIBuoe/aOeb6Pa1nye0X6S6zhB5RyKGaP8XVg5wHTumy1R816jnyA9VXeVRuji3f
T1s8nwRSEVGHjBCvErGCndol1rFk1plLfJd+sDYDHH8evJtRiV9g9cWPHEovBVgY
XE87nIz34TBsX+w/fLWKcYreePtNsUkjWyzJeEHKZ1XXNhaAYyY+80JwpioItsWg
tHvdeuYnOMlr1PTmk7DuCzXfDXMkJGnCoOZJt0b9LsmmyCU4c0gzGCGV71dwHyL2
dX0vJd2owufzcA==
-----END CERTIFICATE-----