Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
File:                     zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json)
Hash identifier:          YVvtPgsJz8kJB9DtSMBUPeZoizcXs9hH4AbFVkChuV0=
Subject key identifier:   50:A1:B9:79:EF:45:EB:27:A4:F9:EA:7D:14:EE:15:D7:F3:AE:50:AF
Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21
Certificate issuer:       /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
Certificate serial:       019D38D3DF74E5F1B5C09E9DEB38A02552E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
Manifest number:          188F
Signing time:             Sun 29 Mar 2026 09:01:42 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:42 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:42 +0000
Files and hashes:         1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: snDHmhZPi9bf8DAIYSsAQ1AKO5pu+hUir5THv6FmYK4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:df:74:e5:f1:b5:c0:9e:9d:eb:38:a0:25:52:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
        Validity
            Not Before: Mar 29 09:01:42 2026 GMT
            Not After : Mar 30 09:01:42 2026 GMT
        Subject: CN=50a1b979ef45eb27a4f9ea7d14ee15d7f3ae50af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:05:00:a7:ca:04:2c:b5:75:c4:05:f4:82:4b:
                    74:d0:a1:14:73:3c:f0:7f:3c:a9:5c:2e:ae:fe:6c:
                    b2:d0:dd:ee:b5:de:33:ad:70:65:61:08:2d:f1:0d:
                    b3:61:a0:f4:54:d4:16:15:c9:2f:0e:c9:ff:ad:30:
                    c5:c4:81:36:61:da:62:11:78:11:b6:76:53:9d:88:
                    6e:1f:a2:0d:30:1b:0a:64:fc:73:dc:a7:54:6f:2c:
                    80:9b:64:bb:be:c2:ec:79:1c:18:95:d3:f0:a7:46:
                    4c:f3:f3:bb:8d:11:cf:fb:82:b6:0e:10:47:30:d9:
                    76:c0:9d:b4:e0:af:0d:33:d5:9a:b8:9a:35:e1:e1:
                    4f:88:f8:6f:e3:f3:ca:b5:ea:c0:48:b3:37:ee:a1:
                    c3:43:01:3d:1c:8b:23:09:c0:37:14:1b:3b:fb:4f:
                    25:8b:4e:d5:be:21:34:a6:71:c2:fb:91:e4:11:3c:
                    b0:79:ab:39:11:fa:3a:cc:a7:85:9f:6f:84:da:fa:
                    94:a7:39:29:41:79:8a:a7:41:2e:53:4c:ca:47:6c:
                    0b:1b:c3:16:12:8b:54:35:26:23:cc:a8:eb:f1:6a:
                    e0:3c:f2:68:92:b7:d8:38:45:64:1d:07:44:71:dd:
                    a0:b1:49:50:4a:af:72:5f:4b:9d:dd:4f:8d:d4:6b:
                    33:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:A1:B9:79:EF:45:EB:27:A4:F9:EA:7D:14:EE:15:D7:F3:AE:50:AF
            X509v3 Authority Key Identifier:
                keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:9c:50:41:90:3a:cf:94:37:b9:11:c8:43:2c:f8:a0:ba:dd:
         14:3e:30:9a:dc:55:e2:3d:21:48:67:39:b8:22:92:3a:75:46:
         f4:af:a4:9a:fb:84:be:82:8f:95:2c:9b:a4:de:f3:3f:a7:1e:
         97:66:dd:6f:c0:2a:2e:32:fb:5a:75:21:18:e1:16:9b:e7:34:
         6e:30:33:05:92:b8:9a:0b:ec:f0:b1:fd:dd:74:ae:b4:3f:21:
         a0:f6:90:6b:22:b0:55:08:c8:ba:99:50:88:0d:9a:ce:c3:60:
         9a:91:6f:89:39:ae:b0:00:94:6a:92:3f:bd:7d:20:0f:25:fe:
         24:92:30:51:eb:f7:dc:fb:e2:b2:6b:8e:f6:41:58:9b:f4:87:
         51:db:eb:5e:f7:52:c0:dd:5d:2e:3d:f4:a4:13:8c:d8:f2:aa:
         f2:1d:27:2f:ae:b8:20:1f:0d:a0:84:9f:1a:44:93:1c:23:67:
         4b:a7:3e:d4:05:45:b2:93:5d:84:47:6d:68:1d:1d:e8:60:ad:
         ec:ff:a2:e5:00:4a:f9:55:3a:44:67:66:1d:b9:2a:68:26:10:
         9c:40:03:3a:c5:71:a8:55:b3:5b:71:fc:10:87:cc:d8:b9:b7:
         f8:3c:d2:bf:2d:15:0a:a2:43:39:d5:e0:99:8c:bc:aa:ed:24:
         4a:1a:0b:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0409905fG1wJ6d6zigJVLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm
MTBlMjEwHhcNMjYwMzI5MDkwMTQyWhcNMjYwMzMwMDkwMTQyWjAzMTEwLwYDVQQD
Eyg1MGExYjk3OWVmNDVlYjI3YTRmOWVhN2QxNGVlMTVkN2YzYWU1MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwUAp8oELLV1xAX0gkt00KEUczzw
fzypXC6u/myy0N3utd4zrXBlYQgt8Q2zYaD0VNQWFckvDsn/rTDFxIE2YdpiEXgR
tnZTnYhuH6INMBsKZPxz3KdUbyyAm2S7vsLseRwYldPwp0ZM8/O7jRHP+4K2DhBH
MNl2wJ204K8NM9WauJo14eFPiPhv4/PKterASLM37qHDQwE9HIsjCcA3FBs7+08l
i07VviE0pnHC+5HkETyweas5Efo6zKeFn2+E2vqUpzkpQXmKp0EuU0zKR2wLG8MW
EotUNSYjzKjr8WrgPPJokrfYOEVkHQdEcd2gsUlQSq9yX0ud3U+N1GszQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFChuXnvResnpPnqfRTuFdfzrlCvMB8GA1UdIwQY
MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt
OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl
LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAupxQQZA6
z5Q3uRHIQyz4oLrdFD4wmtxV4j0hSGc5uCKSOnVG9K+kmvuEvoKPlSybpN7zP6ce
l2bdb8AqLjL7WnUhGOEWm+c0bjAzBZK4mgvs8LH93XSutD8hoPaQayKwVQjIuplQ
iA2azsNgmpFviTmusACUapI/vX0gDyX+JJIwUev33PvismuO9kFYm/SHUdvrXvdS
wN1dLj30pBOM2PKq8h0nL664IB8NoISfGkSTHCNnS6c+1AVFspNdhEdtaB0d6GCt
7P+i5QBK+VU6RGdmHbkqaCYQnEADOsVxqFWzW3H8EIfM2Lm3+DzSvy0VCqJDOdXg
mYy8qu0kShoLYQ==
-----END CERTIFICATE-----