Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2023ea-6e7a-439e-ab6d-a3fa172a02ac/1/zo9K2SdnRIAuajoGJWzUdQwadVo.mft
File:                     zo9K2SdnRIAuajoGJWzUdQwadVo.mft (raw, json)
Hash identifier:          9TG5e4io6vyGdAj0ivyWivw9yrTNW6IKKFdSoVVtY40=
Subject key identifier:   B9:4E:34:4B:96:14:08:D4:0A:B0:99:53:DD:57:EE:22:35:0A:06:13
Authority key identifier: CE:8F:4A:D9:27:67:44:80:2E:6A:3A:06:25:6C:D4:75:0C:1A:75:5A
Certificate issuer:       /CN=ce8f4ad9276744802e6a3a06256cd4750c1a755a
Certificate serial:       019D3940C5F955C5A21067546F5B1B716BF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zo9K2SdnRIAuajoGJWzUdQwadVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/2023ea-6e7a-439e-ab6d-a3fa172a02ac/1/zo9K2SdnRIAuajoGJWzUdQwadVo.mft
Manifest number:          46
Signing time:             Sun 29 Mar 2026 11:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:39 +0000
Files and hashes:         1: zo9K2SdnRIAuajoGJWzUdQwadVo.crl (hash: Ha+0nYxToY5SZsonNbI7ayzrDsoF5tpcEwnIubkVi5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/2023ea-6e7a-439e-ab6d-a3fa172a02ac/1/zo9K2SdnRIAuajoGJWzUdQwadVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/2023ea-6e7a-439e-ab6d-a3fa172a02ac/1/zo9K2SdnRIAuajoGJWzUdQwadVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zo9K2SdnRIAuajoGJWzUdQwadVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:c5:f9:55:c5:a2:10:67:54:6f:5b:1b:71:6b:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce8f4ad9276744802e6a3a06256cd4750c1a755a
        Validity
            Not Before: Mar 29 11:00:39 2026 GMT
            Not After : Mar 30 11:00:39 2026 GMT
        Subject: CN=b94e344b961408d40ab09953dd57ee22350a0613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:cb:fa:6e:cd:5f:28:c9:bf:df:24:18:f6:11:
                    4e:92:53:30:aa:a5:9b:82:bf:e3:4d:0e:ba:c4:6f:
                    85:88:9b:65:1b:c3:e3:b6:3b:78:58:93:e4:fc:45:
                    c4:f8:cb:5a:d3:a1:89:41:11:4d:91:c9:c1:d5:85:
                    b6:49:8e:0e:fe:ed:36:36:73:9e:df:de:aa:10:03:
                    00:90:69:34:8c:a0:35:90:8e:28:13:2a:ef:03:b5:
                    14:d4:3a:fc:ab:05:e6:3c:c2:46:81:67:5e:38:b5:
                    28:8e:82:aa:30:b8:d5:b6:65:f9:89:d4:ea:fc:f7:
                    06:c7:6c:ff:09:56:41:7a:8e:a2:e2:a2:db:14:84:
                    fa:1d:bd:14:cf:73:80:e9:65:36:0c:fb:f4:7f:f5:
                    93:74:dd:83:b9:fa:53:69:a0:99:6d:55:a1:3b:8e:
                    70:ea:06:43:40:51:ac:30:b3:65:58:74:8f:bc:a5:
                    c0:38:05:d6:d7:90:88:9c:be:f7:f8:0b:2d:5f:1e:
                    01:4d:fe:21:de:63:7c:b8:bc:f5:2c:10:19:29:25:
                    c2:60:f6:38:1c:ce:6b:52:b0:46:3a:ae:36:68:61:
                    ff:d0:93:93:91:49:4c:52:9e:ca:01:7d:78:e6:6a:
                    d2:0d:86:ca:11:e8:30:9a:d3:06:bf:85:7e:b7:7d:
                    a3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:4E:34:4B:96:14:08:D4:0A:B0:99:53:DD:57:EE:22:35:0A:06:13
            X509v3 Authority Key Identifier:
                keyid:CE:8F:4A:D9:27:67:44:80:2E:6A:3A:06:25:6C:D4:75:0C:1A:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo9K2SdnRIAuajoGJWzUdQwadVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2023ea-6e7a-439e-ab6d-a3fa172a02ac/1/zo9K2SdnRIAuajoGJWzUdQwadVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2023ea-6e7a-439e-ab6d-a3fa172a02ac/1/zo9K2SdnRIAuajoGJWzUdQwadVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:42:ef:00:dd:36:60:38:cd:21:ed:d9:e6:2e:10:10:e6:82:
         48:82:00:1a:ee:e4:99:26:0a:83:9a:4d:aa:8d:35:50:ce:b1:
         5e:73:57:37:9a:da:a7:3a:12:d3:53:07:91:81:f6:62:ba:16:
         da:5f:e1:7b:9d:9e:5b:db:23:b7:1b:e5:51:42:fa:a5:10:30:
         b2:17:50:b8:fa:c1:f9:05:c6:e5:de:9b:b3:6c:f8:4a:7d:e2:
         cb:c1:8b:a4:91:43:35:f4:cf:e1:74:1e:63:ed:f2:24:c6:bd:
         76:93:42:a2:d9:dd:25:d1:12:49:cd:34:39:84:06:3f:a2:d5:
         31:2a:38:59:f2:3c:cc:cd:08:52:c3:e3:f4:20:c5:de:bd:3a:
         6c:23:01:47:01:49:8c:08:34:ff:28:a4:11:e2:f4:b7:78:8d:
         a7:19:e3:9b:44:8b:c6:01:54:cc:30:1f:f7:d5:dc:7e:64:80:
         de:27:5b:1a:95:8c:f6:60:bd:98:c1:14:b4:1b:0a:97:4b:1d:
         41:89:e0:b0:eb:89:f7:d4:e7:85:82:15:7c:38:87:75:f5:e0:
         d3:88:b7:3a:97:05:2b:f6:6f:5a:f1:3b:9f:b9:99:cf:53:6a:
         03:6a:39:61:43:ef:b9:e7:ba:d2:c2:98:e7:86:22:1e:13:e8:
         3d:9e:35:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QMX5VcWiEGdUb1sbcWv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGY0YWQ5Mjc2NzQ0ODAyZTZhM2EwNjI1NmNkNDc1MGMx
YTc1NWEwHhcNMjYwMzI5MTEwMDM5WhcNMjYwMzMwMTEwMDM5WjAzMTEwLwYDVQQD
EyhiOTRlMzQ0Yjk2MTQwOGQ0MGFiMDk5NTNkZDU3ZWUyMjM1MGEwNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cv6bs1fKMm/3yQY9hFOklMwqqWb
gr/jTQ66xG+FiJtlG8Pjtjt4WJPk/EXE+Mta06GJQRFNkcnB1YW2SY4O/u02NnOe
396qEAMAkGk0jKA1kI4oEyrvA7UU1Dr8qwXmPMJGgWdeOLUojoKqMLjVtmX5idTq
/PcGx2z/CVZBeo6i4qLbFIT6Hb0Uz3OA6WU2DPv0f/WTdN2DufpTaaCZbVWhO45w
6gZDQFGsMLNlWHSPvKXAOAXW15CInL73+AstXx4BTf4h3mN8uLz1LBAZKSXCYPY4
HM5rUrBGOq42aGH/0JOTkUlMUp7KAX145mrSDYbKEegwmtMGv4V+t32jLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlONEuWFAjUCrCZU91X7iI1CgYTMB8GA1UdIwQY
MBaAFM6PStknZ0SALmo6BiVs1HUMGnVaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem85SzJTZG5SSUF1YWpvR0pXelVkUXdhZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yMDIzZWEtNmU3YS00MzllLWFiNmQt
YTNmYTE3MmEwMmFjLzEvem85SzJTZG5SSUF1YWpvR0pXelVkUXdhZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yMDIzZWEtNmU3YS00MzllLWFiNmQtYTNmYTE3MmEwMmFj
LzEvem85SzJTZG5SSUF1YWpvR0pXelVkUXdhZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASkLvAN02
YDjNIe3Z5i4QEOaCSIIAGu7kmSYKg5pNqo01UM6xXnNXN5rapzoS01MHkYH2YroW
2l/he52eW9sjtxvlUUL6pRAwshdQuPrB+QXG5d6bs2z4Sn3iy8GLpJFDNfTP4XQe
Y+3yJMa9dpNCotndJdESSc00OYQGP6LVMSo4WfI8zM0IUsPj9CDF3r06bCMBRwFJ
jAg0/yikEeL0t3iNpxnjm0SLxgFUzDAf99XcfmSA3idbGpWM9mC9mMEUtBsKl0sd
QYngsOuJ99TnhYIVfDiHdfXg04i3OpcFK/ZvWvE7n7mZz1NqA2o5YUPvuee60sKY
54YiHhPoPZ41zg==
-----END CERTIFICATE-----