Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft
File:                     ZAqiwHn96HpUUV0B3iG8LoXeExo.mft (raw, json)
Hash identifier:          fWRva1dE0Nb9WMaBLWavWBqcjOeh5zeXHCQsd95c1Qo=
Subject key identifier:   DD:FE:80:56:23:50:AF:3A:E1:CF:EA:08:0E:07:C0:7D:63:45:70:F6
Authority key identifier: 64:0A:A2:C0:79:FD:E8:7A:54:51:5D:01:DE:21:BC:2E:85:DE:13:1A
Certificate issuer:       /CN=640aa2c079fde87a54515d01de21bc2e85de131a
Certificate serial:       019EB98FCC4CD21781C9556592459E3EA307
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft
Manifest number:          1954
Signing time:             Fri 12 Jun 2026 02:01:09 +0000
Manifest this update:     Fri 12 Jun 2026 02:01:09 +0000
Manifest next update:     Sat 13 Jun 2026 02:01:09 +0000
Files and hashes:         1: ZAqiwHn96HpUUV0B3iG8LoXeExo.crl (hash: WDxsksA0/bGYKsGcW4kz8D5oj/ECywvMB7ou+S6vM98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 02:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b9:8f:cc:4c:d2:17:81:c9:55:65:92:45:9e:3e:a3:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=640aa2c079fde87a54515d01de21bc2e85de131a
        Validity
            Not Before: Jun 12 02:01:09 2026 GMT
            Not After : Jun 13 02:01:09 2026 GMT
        Subject: CN=ddfe80562350af3ae1cfea080e07c07d634570f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a3:1a:ee:79:20:5a:31:96:d0:2b:ae:f2:4e:
                    62:0d:5c:5a:05:15:9a:f4:f0:54:b9:9c:a0:39:36:
                    fe:28:1c:31:dd:bb:62:f1:69:20:44:b9:af:c6:c0:
                    5a:a2:1f:9a:ab:b1:ce:1b:96:1c:7d:cb:35:5c:be:
                    b6:08:f7:01:15:55:9d:0a:53:3e:f5:ab:85:51:e6:
                    9c:e2:7a:6e:6c:c8:a7:42:3d:93:7c:3d:f0:99:62:
                    31:0d:f6:0c:3b:c3:a6:06:36:45:49:e4:89:05:af:
                    19:14:5a:0a:be:15:74:fe:8c:98:d0:38:aa:2f:0b:
                    7c:f0:4e:07:23:1e:48:76:ba:77:8d:21:d3:21:fd:
                    1b:33:e0:a6:bb:79:a2:76:12:a8:b8:a1:10:57:27:
                    49:b5:d8:a9:be:e0:9a:29:ed:2b:c7:08:de:06:e1:
                    4a:98:94:91:e7:12:d2:df:0a:59:bc:37:e8:69:c0:
                    0f:cc:1e:8f:72:1d:53:96:8c:fb:24:63:82:87:3c:
                    fd:ee:12:14:0f:da:89:b5:69:cf:fe:92:6d:47:79:
                    a1:41:02:e2:ae:e4:d6:4c:d4:f3:26:e1:fa:fe:5e:
                    ec:87:00:e3:4c:08:9d:81:c5:f7:06:92:28:60:e2:
                    be:e2:ab:6b:af:36:46:68:81:86:11:ce:0a:e9:02:
                    5a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:FE:80:56:23:50:AF:3A:E1:CF:EA:08:0E:07:C0:7D:63:45:70:F6
            X509v3 Authority Key Identifier:
                keyid:64:0A:A2:C0:79:FD:E8:7A:54:51:5D:01:DE:21:BC:2E:85:DE:13:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b2:67:9f:27:56:7a:11:e0:c4:41:f6:43:24:4d:64:3a:11:
         b7:02:c4:ea:2e:52:2c:f8:f5:ed:d2:58:15:7c:3a:25:03:84:
         be:db:8b:fe:f1:1b:ab:a2:e0:bf:fc:b8:56:c0:e1:36:3f:08:
         ee:48:77:89:87:6d:1f:f9:ab:10:fa:55:a3:eb:78:00:c8:c2:
         b1:78:68:e8:47:95:ca:19:87:d5:a9:95:25:c1:90:86:f6:c3:
         d4:02:37:d4:3b:7f:5d:57:af:02:a4:a3:27:bf:4c:55:18:78:
         f4:70:58:70:72:78:6e:a5:c8:32:75:d1:07:a0:0c:6f:ce:c1:
         73:23:90:d7:fd:09:d8:70:89:aa:fc:56:17:c3:89:ec:7e:cf:
         f2:d6:44:8a:7e:86:bd:36:a6:5d:c2:4d:a6:f4:a8:1b:fa:05:
         ca:11:0f:1a:de:a7:2e:d4:0f:8d:15:38:e4:ac:be:3c:7b:f3:
         a9:c2:f4:5a:2c:7a:67:e3:c2:a6:f3:d3:46:e1:d0:be:01:60:
         3a:7b:00:dc:7a:ce:9d:56:98:f0:55:99:2b:8d:f2:fd:37:bf:
         df:a9:80:95:18:10:83:6b:94:b8:12:98:54:d8:69:7d:f7:b9:
         f9:a4:1a:40:65:da:99:da:07:de:9d:48:d7:fd:6f:d9:59:2f:
         f7:03:39:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ65j8xM0heByVVlkkWePqMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MGFhMmMwNzlmZGU4N2E1NDUxNWQwMWRlMjFiYzJlODVk
ZTEzMWEwHhcNMjYwNjEyMDIwMTA5WhcNMjYwNjEzMDIwMTA5WjAzMTEwLwYDVQQD
EyhkZGZlODA1NjIzNTBhZjNhZTFjZmVhMDgwZTA3YzA3ZDYzNDU3MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaMa7nkgWjGW0Cuu8k5iDVxaBRWa
9PBUuZygOTb+KBwx3bti8WkgRLmvxsBaoh+aq7HOG5Ycfcs1XL62CPcBFVWdClM+
9auFUeac4npubMinQj2TfD3wmWIxDfYMO8OmBjZFSeSJBa8ZFFoKvhV0/oyY0Diq
Lwt88E4HIx5Idrp3jSHTIf0bM+Cmu3midhKouKEQVydJtdipvuCaKe0rxwjeBuFK
mJSR5xLS3wpZvDfoacAPzB6Pch1Tloz7JGOChzz97hIUD9qJtWnP/pJtR3mhQQLi
ruTWTNTzJuH6/l7shwDjTAidgcX3BpIoYOK+4qtrrzZGaIGGEc4K6QJaqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3+gFYjUK864c/qCA4HwH1jRXD2MB8GA1UdIwQY
MBaAFGQKosB5/eh6VFFdAd4hvC6F3hMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81Nzc4NGItMTA3YS00MmQ5LWEyMWQt
M2E5ODk2NmY1ZTMxLzEvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81Nzc4NGItMTA3YS00MmQ5LWEyMWQtM2E5ODk2NmY1ZTMx
LzEvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLJnnydW
ehHgxEH2QyRNZDoRtwLE6i5SLPj17dJYFXw6JQOEvtuL/vEbq6Lgv/y4VsDhNj8I
7kh3iYdtH/mrEPpVo+t4AMjCsXho6EeVyhmH1amVJcGQhvbD1AI31Dt/XVevAqSj
J79MVRh49HBYcHJ4bqXIMnXRB6AMb87BcyOQ1/0J2HCJqvxWF8OJ7H7P8tZEin6G
vTamXcJNpvSoG/oFyhEPGt6nLtQPjRU45Ky+PHvzqcL0Wix6Z+PCpvPTRuHQvgFg
OnsA3HrOnVaY8FWZK43y/Te/36mAlRgQg2uUuBKYVNhpffe5+aQaQGXamdoH3p1I
1/1v2Vkv9wM5MA==
-----END CERTIFICATE-----