Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/7e1b1c-f963-4e29-b8ec-788db09d0fe6/1/RzLsDpHbv5TdodZQRH0miXbWIJo.mft
File:                     RzLsDpHbv5TdodZQRH0miXbWIJo.mft (raw, json)
Hash identifier:          coz3m8R+LjA//XtsJhjrH7lKh/XMCmPbVAEOMbQS9EQ=
Subject key identifier:   55:68:D9:DF:F3:0D:BE:80:36:13:A5:4A:C0:06:4F:5D:F4:E4:F4:70
Authority key identifier: 47:32:EC:0E:91:DB:BF:94:DD:A1:D6:50:44:7D:26:89:76:D6:20:9A
Certificate issuer:       /CN=4732ec0e91dbbf94dda1d650447d268976d6209a
Certificate serial:       019D37C07BB6245EB0C3DBF77B0D1872CEE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzLsDpHbv5TdodZQRH0miXbWIJo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/7e1b1c-f963-4e29-b8ec-788db09d0fe6/1/RzLsDpHbv5TdodZQRH0miXbWIJo.mft
Manifest number:          0D45
Signing time:             Sun 29 Mar 2026 04:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:54 +0000
Files and hashes:         1: RzLsDpHbv5TdodZQRH0miXbWIJo.crl (hash: sCUlO0bG6Ng/7uJwDVbG3toHtROwDW6KZYMaezRqO1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/7e1b1c-f963-4e29-b8ec-788db09d0fe6/1/RzLsDpHbv5TdodZQRH0miXbWIJo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/7e1b1c-f963-4e29-b8ec-788db09d0fe6/1/RzLsDpHbv5TdodZQRH0miXbWIJo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzLsDpHbv5TdodZQRH0miXbWIJo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:7b:b6:24:5e:b0:c3:db:f7:7b:0d:18:72:ce:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4732ec0e91dbbf94dda1d650447d268976d6209a
        Validity
            Not Before: Mar 29 04:00:54 2026 GMT
            Not After : Mar 30 04:00:54 2026 GMT
        Subject: CN=5568d9dff30dbe803613a54ac0064f5df4e4f470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:23:a5:87:33:14:db:ad:64:08:4a:99:0a:db:
                    c1:d0:9b:c9:34:45:ab:0d:50:fb:f3:22:0f:c5:af:
                    cb:9d:f8:50:7b:b1:ef:62:f7:9b:a1:b1:b4:86:9d:
                    25:34:ad:36:bc:a2:ec:5e:23:ff:66:4f:84:25:eb:
                    d6:9d:c3:f6:fe:36:07:f2:2f:34:77:6d:3e:d1:a1:
                    8a:82:b0:d1:62:67:83:7b:73:eb:19:67:88:82:3c:
                    11:66:ff:54:88:5e:a8:98:23:f1:72:bb:5b:5b:33:
                    a9:34:d3:5f:eb:18:03:dc:69:0f:ad:15:99:18:de:
                    4e:73:f0:49:ee:81:e6:42:54:ee:72:e7:ab:00:8c:
                    0b:3c:e2:a4:a7:92:85:00:19:43:5f:0b:3a:f8:1f:
                    3d:56:ae:0b:52:3c:32:bd:90:63:e8:b5:0c:05:c5:
                    ea:18:49:28:cd:07:14:a3:96:d6:dc:60:79:de:0c:
                    f6:7a:a3:2a:fe:56:69:53:6c:45:f9:73:bd:9f:3b:
                    9e:3c:ed:df:19:93:64:8e:19:a2:29:6a:e6:8b:14:
                    f6:0a:30:e7:69:22:1a:d6:dd:84:cc:16:f0:48:3d:
                    57:e5:6b:8f:34:53:e3:80:73:c1:b2:2f:db:11:0a:
                    d4:a8:39:c4:5f:1f:b1:7c:18:5b:38:37:22:03:9b:
                    9e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:68:D9:DF:F3:0D:BE:80:36:13:A5:4A:C0:06:4F:5D:F4:E4:F4:70
            X509v3 Authority Key Identifier:
                keyid:47:32:EC:0E:91:DB:BF:94:DD:A1:D6:50:44:7D:26:89:76:D6:20:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzLsDpHbv5TdodZQRH0miXbWIJo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/7e1b1c-f963-4e29-b8ec-788db09d0fe6/1/RzLsDpHbv5TdodZQRH0miXbWIJo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/7e1b1c-f963-4e29-b8ec-788db09d0fe6/1/RzLsDpHbv5TdodZQRH0miXbWIJo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:f7:ba:83:f1:a2:d8:67:37:b3:5c:32:8f:44:cb:56:b3:40:
         10:90:16:89:78:34:0c:00:9d:1f:f4:01:a3:84:a1:53:6a:13:
         04:a4:17:16:ab:fb:a0:e7:46:0e:09:0b:d2:45:8d:5b:e9:56:
         9a:45:05:13:39:c7:c9:14:e3:58:7d:45:ef:7b:b9:da:21:28:
         97:6a:cd:87:04:ad:ab:cc:63:aa:ef:b6:ac:b7:42:64:69:2d:
         0a:a0:a0:6e:0c:bf:4e:e0:e1:27:30:eb:ca:f0:84:97:29:7c:
         05:d5:63:5c:8c:a9:e9:10:93:ad:d9:cf:57:d6:d7:12:42:89:
         59:ef:67:0e:5b:ac:cb:8c:c5:6e:49:35:43:32:94:7c:29:97:
         d2:98:1d:6f:83:5f:e7:02:47:33:1d:4b:19:b9:3d:cb:92:68:
         0e:ae:8e:cc:c1:be:e4:78:9c:b9:d2:21:3e:85:46:7b:f7:e2:
         2e:53:7f:31:54:92:81:ed:54:2d:e7:fd:10:f4:31:66:01:36:
         be:7a:30:44:ee:50:16:fe:87:8a:87:ca:6b:73:87:ba:05:e8:
         e2:97:eb:69:6f:cf:80:30:69:ab:a1:de:5d:f0:85:ef:df:f6:
         1c:68:47:c1:37:fb:4c:b0:7f:ce:1f:ff:42:6b:c7:b2:4f:a4:
         fe:87:97:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wHu2JF6ww9v3ew0Ycs7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzJlYzBlOTFkYmJmOTRkZGExZDY1MDQ0N2QyNjg5NzZk
NjIwOWEwHhcNMjYwMzI5MDQwMDU0WhcNMjYwMzMwMDQwMDU0WjAzMTEwLwYDVQQD
Eyg1NTY4ZDlkZmYzMGRiZTgwMzYxM2E1NGFjMDA2NGY1ZGY0ZTRmNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSOlhzMU261kCEqZCtvB0JvJNEWr
DVD78yIPxa/LnfhQe7HvYvebobG0hp0lNK02vKLsXiP/Zk+EJevWncP2/jYH8i80
d20+0aGKgrDRYmeDe3PrGWeIgjwRZv9UiF6omCPxcrtbWzOpNNNf6xgD3GkPrRWZ
GN5Oc/BJ7oHmQlTucuerAIwLPOKkp5KFABlDXws6+B89Vq4LUjwyvZBj6LUMBcXq
GEkozQcUo5bW3GB53gz2eqMq/lZpU2xF+XO9nzuePO3fGZNkjhmiKWrmixT2CjDn
aSIa1t2EzBbwSD1X5WuPNFPjgHPBsi/bEQrUqDnEXx+xfBhbODciA5ueEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVo2d/zDb6ANhOlSsAGT1305PRwMB8GA1UdIwQY
MBaAFEcy7A6R27+U3aHWUER9Jol21iCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpMc0RwSGJ2NVRkb2RaUVJIMG1pWGJXSUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy83ZTFiMWMtZjk2My00ZTI5LWI4ZWMt
Nzg4ZGIwOWQwZmU2LzEvUnpMc0RwSGJ2NVRkb2RaUVJIMG1pWGJXSUpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy83ZTFiMWMtZjk2My00ZTI5LWI4ZWMtNzg4ZGIwOWQwZmU2
LzEvUnpMc0RwSGJ2NVRkb2RaUVJIMG1pWGJXSUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMfe6g/Gi
2Gc3s1wyj0TLVrNAEJAWiXg0DACdH/QBo4ShU2oTBKQXFqv7oOdGDgkL0kWNW+lW
mkUFEznHyRTjWH1F73u52iEol2rNhwStq8xjqu+2rLdCZGktCqCgbgy/TuDhJzDr
yvCElyl8BdVjXIyp6RCTrdnPV9bXEkKJWe9nDlusy4zFbkk1QzKUfCmX0pgdb4Nf
5wJHMx1LGbk9y5JoDq6OzMG+5HicudIhPoVGe/fiLlN/MVSSge1ULef9EPQxZgE2
vnowRO5QFv6HiofKa3OHugXo4pfraW/PgDBpq6HeXfCF79/2HGhHwTf7TLB/zh//
QmvHsk+k/oeXbA==
-----END CERTIFICATE-----