Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          l4IbHYu58srcT1XuZCd7BOj7ioOJ73y00mEYs3pDCSY=
Subject key identifier:   4E:1C:44:4B:35:C2:05:24:03:29:42:4E:4D:2F:F1:17:C9:89:97:46
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019D3865E8DAD96AF0F6E9359154BD26271D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          16AA
Signing time:             Sun 29 Mar 2026 07:01:36 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:36 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:36 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: fx1PZwMUnInf0aMPmDdBO7Fge8bkCxd+pWExVQ1FJoA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e8:da:d9:6a:f0:f6:e9:35:91:54:bd:26:27:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Mar 29 07:01:36 2026 GMT
            Not After : Mar 30 07:01:36 2026 GMT
        Subject: CN=4e1c444b35c205240329424e4d2ff117c9899746
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fc:93:e1:32:be:e6:ba:7f:fa:6f:ae:5f:75:
                    a4:7e:3f:58:97:01:1a:4e:23:e8:15:2d:59:73:0e:
                    bf:2a:8e:29:b7:b1:45:bd:13:72:54:95:fc:a3:74:
                    73:c9:39:61:97:fd:78:f0:f0:aa:e5:a2:de:1a:d5:
                    24:b9:db:2d:93:43:29:86:14:22:77:b3:d8:e5:d9:
                    34:30:6d:67:36:ce:f5:74:e8:ca:b1:36:ae:5a:81:
                    ab:c4:00:34:00:d4:97:cd:04:c1:2a:05:7b:2c:cb:
                    02:aa:59:3f:61:20:15:4a:1d:e2:9b:35:5d:9f:6e:
                    a9:5f:78:fd:60:64:de:13:20:c6:59:c1:88:79:d3:
                    4b:8b:e1:4a:4c:a5:92:5a:00:2d:8e:66:b4:86:7d:
                    aa:8e:64:60:3c:43:4a:9a:0b:7c:5a:7e:2c:08:15:
                    3b:e0:c4:31:d2:87:b9:be:50:41:6d:a2:9a:17:0c:
                    a9:c8:a8:f3:d8:12:c8:65:fe:c2:9a:41:99:21:f0:
                    32:cc:83:97:bf:f9:42:55:4c:a9:b5:a2:e5:17:dd:
                    44:6b:ff:64:81:a2:7b:01:96:c8:92:c0:61:af:ea:
                    9c:f3:af:78:ea:ff:c1:50:5b:87:b6:28:5c:e4:ad:
                    e1:d7:ca:23:78:9c:40:71:08:78:a8:e4:d4:1c:93:
                    e6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1C:44:4B:35:C2:05:24:03:29:42:4E:4D:2F:F1:17:C9:89:97:46
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:69:0d:0c:aa:3f:3a:e6:66:b9:b3:12:90:11:97:95:d2:3a:
         18:91:7e:f8:1f:13:bc:aa:2f:3d:d1:06:ae:2c:c3:7f:62:50:
         fc:6f:ae:7b:eb:4c:4c:e3:f7:d5:18:af:bf:94:ba:3f:b7:26:
         27:8c:e3:aa:4d:29:57:cc:07:ad:14:e5:f0:82:79:47:6e:5b:
         58:0e:6d:16:44:5b:91:d9:ad:10:d1:8f:fa:9e:b6:bf:a8:2f:
         e2:db:cc:00:6c:b7:be:6a:0b:28:16:5c:e7:11:c8:40:00:32:
         ac:be:6c:4d:7a:f8:43:91:ee:aa:e2:67:52:b4:df:8b:21:e8:
         c2:9b:4c:d3:45:f9:f7:f3:62:09:7e:9a:a8:96:61:3d:6b:13:
         f8:3f:d2:ce:3a:b6:d5:65:65:9f:54:2f:a7:12:96:61:d7:d4:
         3c:9c:01:ce:e5:5f:1a:9c:76:59:de:c3:45:0c:cd:bd:87:8f:
         eb:71:30:12:7e:71:b8:03:09:39:fd:8a:f3:40:8f:74:fe:79:
         3a:bf:b2:d7:bc:99:df:3a:69:e5:dc:0a:dd:9d:fc:41:5b:70:
         10:80:2e:d5:4a:ee:2b:81:28:72:ee:97:4a:77:47:b8:60:85:
         df:fb:2b:32:3a:ec:41:7f:47:53:83:dc:d9:48:bb:74:2e:67:
         57:a2:f7:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zeja2Wrw9uk1kVS9JicdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjYwMzI5MDcwMTM2WhcNMjYwMzMwMDcwMTM2WjAzMTEwLwYDVQQD
Eyg0ZTFjNDQ0YjM1YzIwNTI0MDMyOTQyNGU0ZDJmZjExN2M5ODk5NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/yT4TK+5rp/+m+uX3Wkfj9YlwEa
TiPoFS1Zcw6/Ko4pt7FFvRNyVJX8o3RzyTlhl/148PCq5aLeGtUkudstk0MphhQi
d7PY5dk0MG1nNs71dOjKsTauWoGrxAA0ANSXzQTBKgV7LMsCqlk/YSAVSh3imzVd
n26pX3j9YGTeEyDGWcGIedNLi+FKTKWSWgAtjma0hn2qjmRgPENKmgt8Wn4sCBU7
4MQx0oe5vlBBbaKaFwypyKjz2BLIZf7CmkGZIfAyzIOXv/lCVUyptaLlF91Ea/9k
gaJ7AZbIksBhr+qc86946v/BUFuHtihc5K3h18ojeJxAcQh4qOTUHJPm3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4cREs1wgUkAylCTk0v8RfJiZdGMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWkNDKo/
OuZmubMSkBGXldI6GJF++B8TvKovPdEGrizDf2JQ/G+ue+tMTOP31Rivv5S6P7cm
J4zjqk0pV8wHrRTl8IJ5R25bWA5tFkRbkdmtENGP+p62v6gv4tvMAGy3vmoLKBZc
5xHIQAAyrL5sTXr4Q5HuquJnUrTfiyHowptM00X59/NiCX6aqJZhPWsT+D/Szjq2
1WVln1QvpxKWYdfUPJwBzuVfGpx2Wd7DRQzNvYeP63EwEn5xuAMJOf2K80CPdP55
Or+y17yZ3zpp5dwK3Z38QVtwEIAu1UruK4Eocu6XSndHuGCF3/srMjrsQX9HU4Pc
2Ui7dC5nV6L3KA==
-----END CERTIFICATE-----