Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
File:                     ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft (raw, json)
Hash identifier:          +3kZBttTzJXXWiCfKFjsOyfg5o6WbRzIU4VacTL//yE=
Subject key identifier:   32:27:5B:DA:B7:8E:73:A0:74:32:46:8B:BF:6D:96:E5:72:20:53:E9
Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
Certificate issuer:       /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Certificate serial:       019D3941A2EC6BD89606719D32D0D70701DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
Manifest number:          1892
Signing time:             Sun 29 Mar 2026 11:01:35 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:35 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:35 +0000
Files and hashes:         1: ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl (hash: Q/+LRBIvmfgJp/12jNt+F7FxlzljM5ACJncVnQggZAs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:a2:ec:6b:d8:96:06:71:9d:32:d0:d7:07:01:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
        Validity
            Not Before: Mar 29 11:01:35 2026 GMT
            Not After : Mar 30 11:01:35 2026 GMT
        Subject: CN=32275bdab78e73a07432468bbf6d96e5722053e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ab:c9:22:89:79:5b:8f:7b:58:53:a7:da:00:
                    4d:1e:08:b6:ae:0f:b8:fe:b4:26:25:fc:f1:c9:34:
                    a8:c0:5c:15:93:4c:f5:9a:91:b2:70:dc:ee:f7:7f:
                    08:3b:fe:80:18:1f:14:d5:52:29:bf:15:c7:80:69:
                    4b:b9:f1:3e:b4:e3:e1:2e:d0:df:04:f5:48:b8:3d:
                    78:3c:25:4c:71:8d:19:55:18:21:23:59:1c:3b:28:
                    a1:1d:5c:cb:ee:19:5f:60:6d:ed:c9:e7:e7:6a:13:
                    0c:df:07:23:e8:5c:e5:bd:09:ec:71:3a:65:fa:a7:
                    9a:84:16:b3:14:2f:37:2e:8f:22:b3:f2:d3:9d:38:
                    42:91:68:ad:10:37:29:5a:bd:6b:4a:be:b1:41:04:
                    7e:63:82:9a:2b:45:56:ee:8c:45:f1:41:8f:a1:10:
                    e4:32:28:47:87:77:90:42:39:b6:d5:e4:77:52:c2:
                    fc:0f:a0:f9:b1:30:ec:36:8d:14:cc:6d:0d:bb:48:
                    bb:57:79:d2:8b:c2:67:47:f9:31:b6:ab:73:b8:9a:
                    1a:96:d6:3e:ff:ac:e9:18:48:5f:f8:38:eb:75:54:
                    cf:2f:8f:aa:91:df:b9:a9:34:f0:92:1d:47:9b:88:
                    2d:72:47:96:6f:70:6a:ac:40:27:55:a4:3f:8d:93:
                    1b:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:27:5B:DA:B7:8E:73:A0:74:32:46:8B:BF:6D:96:E5:72:20:53:E9
            X509v3 Authority Key Identifier:
                keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:d6:ad:6d:11:f1:f5:e8:ac:86:7e:c7:04:19:fc:62:ae:a6:
         d8:64:63:8f:23:f0:cc:20:ec:47:02:65:9b:68:9b:36:4c:32:
         bd:b8:93:f7:b9:35:6d:93:97:14:8b:d4:06:9c:e9:45:26:be:
         9b:4a:62:65:d8:57:f9:de:4d:4d:31:1b:ea:b7:37:a6:4a:98:
         c5:f4:0e:71:f6:6d:4b:e9:9e:96:7a:37:79:fa:22:f4:6f:59:
         a1:d0:0e:a0:e3:39:5d:de:2a:c9:f0:82:ea:67:69:66:5f:68:
         77:f5:14:63:1f:ba:af:0c:7e:02:b3:68:98:52:4c:64:c3:0e:
         d6:a9:77:1c:b6:9b:99:b5:6d:5c:bc:b1:b2:22:ce:cc:f1:a6:
         9d:cf:0f:94:fd:36:dd:c8:b0:91:0b:07:6d:ea:d9:b6:e6:e1:
         c8:f4:e4:64:d0:5d:85:bf:ca:69:c8:bf:0f:84:77:12:d0:f6:
         8f:6d:06:b8:fb:a5:3f:4f:18:e0:37:19:fb:b3:9d:65:fe:bf:
         86:fe:11:5a:6e:c6:8b:6e:e7:ff:6b:66:f9:c3:a1:e8:b5:a2:
         44:03:76:98:ab:85:5c:76:e3:82:de:90:2c:28:41:b8:53:2a:
         02:00:dc:c6:c5:af:55:ce:cc:d3:21:90:14:3f:21:cd:ae:91:
         7f:a5:3c:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QaLsa9iWBnGdMtDXBwHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YWI0ODVhZjkyM2QxYjQ2YzVhMzIxZmM3YTNmODU2YzA0
ZmI2ZmMwHhcNMjYwMzI5MTEwMTM1WhcNMjYwMzMwMTEwMTM1WjAzMTEwLwYDVQQD
EygzMjI3NWJkYWI3OGU3M2EwNzQzMjQ2OGJiZjZkOTZlNTcyMjA1M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6vJIol5W497WFOn2gBNHgi2rg+4
/rQmJfzxyTSowFwVk0z1mpGycNzu938IO/6AGB8U1VIpvxXHgGlLufE+tOPhLtDf
BPVIuD14PCVMcY0ZVRghI1kcOyihHVzL7hlfYG3tyefnahMM3wcj6FzlvQnscTpl
+qeahBazFC83Lo8is/LTnThCkWitEDcpWr1rSr6xQQR+Y4KaK0VW7oxF8UGPoRDk
MihHh3eQQjm21eR3UsL8D6D5sTDsNo0UzG0Nu0i7V3nSi8JnR/kxtqtzuJoaltY+
/6zpGEhf+DjrdVTPL4+qkd+5qTTwkh1Hm4gtckeWb3BqrEAnVaQ/jZMbgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDInW9q3jnOgdDJGi79tluVyIFPpMB8GA1UdIwQY
MBaAFGWrSFr5I9G0bFoyH8ej+FbAT7b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUt
ODk4NjM0OTQyMjg1LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUtODk4NjM0OTQyMjg1
LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl9atbRHx
9eishn7HBBn8Yq6m2GRjjyPwzCDsRwJlm2ibNkwyvbiT97k1bZOXFIvUBpzpRSa+
m0piZdhX+d5NTTEb6rc3pkqYxfQOcfZtS+melno3efoi9G9ZodAOoOM5Xd4qyfCC
6mdpZl9od/UUYx+6rwx+ArNomFJMZMMO1ql3HLabmbVtXLyxsiLOzPGmnc8PlP02
3ciwkQsHberZtubhyPTkZNBdhb/Kaci/D4R3EtD2j20GuPulP08Y4DcZ+7OdZf6/
hv4RWm7Gi27n/2tm+cOh6LWiRAN2mKuFXHbjgt6QLChBuFMqAgDcxsWvVc7M0yGQ
FD8hza6Rf6U8YA==
-----END CERTIFICATE-----