Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          yf2l63CSnMcDgsgVtCBeN14EgFbb1Y0Sb1GOWofEMr8=
Subject key identifier:   D0:89:94:A4:45:FE:69:D7:F7:5B:5D:73:83:6C:BC:96:9C:05:63:3E
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019D386589FD86CF38AD63020674EA38FDC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0F70
Signing time:             Sun 29 Mar 2026 07:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:11 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: sN+yiAdq+rwomHxNm9zRKEIUFPnk07s1gpBfkBEM+mM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:89:fd:86:cf:38:ad:63:02:06:74:ea:38:fd:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Mar 29 07:01:11 2026 GMT
            Not After : Mar 30 07:01:11 2026 GMT
        Subject: CN=d08994a445fe69d7f75b5d73836cbc969c05633e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d1:e0:73:45:eb:17:9c:2d:e9:0d:91:bf:5d:
                    bd:11:a6:26:ef:3a:32:9f:9f:de:fb:63:6d:f1:81:
                    2a:9e:dd:18:e9:45:d3:40:7b:30:b3:13:b0:e7:02:
                    d7:af:6f:86:69:4d:06:44:93:07:5c:fd:20:5b:9f:
                    a9:cf:90:50:8e:96:58:8f:b4:27:a1:05:43:37:b5:
                    70:4d:38:f9:d7:8b:c9:37:dd:0a:23:0b:c8:91:cf:
                    d8:46:d4:f2:cb:fb:1c:cd:5f:f3:59:3b:c9:64:0c:
                    78:28:06:b7:9f:e7:c5:53:c5:fa:93:1a:df:07:a0:
                    5b:fc:69:f1:d3:b6:fa:86:f9:6e:4a:d0:72:2f:42:
                    c3:9a:43:9d:fd:e1:6a:bc:ee:df:e5:3e:fd:a7:68:
                    56:e9:95:c3:ee:27:87:e3:83:21:4b:ce:30:65:f8:
                    9b:82:2f:18:96:17:e7:c4:9f:dc:66:17:99:c5:53:
                    9b:68:02:ca:7b:01:01:bc:d0:75:dd:1d:23:d6:1a:
                    2d:d4:76:d1:44:b0:c3:86:5e:af:84:08:3c:89:a4:
                    90:58:a9:a5:9e:a6:3e:ae:c4:ed:3e:75:91:0c:2e:
                    51:e2:38:42:29:bd:b9:ec:16:e2:af:4b:b6:6b:3a:
                    8f:7d:b5:9d:54:47:f8:56:4d:2e:33:e3:27:19:fb:
                    4e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:89:94:A4:45:FE:69:D7:F7:5B:5D:73:83:6C:BC:96:9C:05:63:3E
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:52:89:af:50:3b:10:1e:17:40:cb:82:7a:98:2c:0f:b6:5d:
         85:c4:c8:e0:6b:fb:c1:80:f7:45:5a:39:b7:65:77:db:35:5b:
         52:89:c0:3c:ad:ea:60:0d:46:86:9e:e1:53:e0:c3:c7:fe:c7:
         20:fc:e8:6f:3b:c3:e9:78:46:c6:f4:74:1c:5d:2f:f0:7a:24:
         d3:ce:cf:3c:6a:dc:d3:10:7f:dc:b4:5e:04:71:cf:9a:60:de:
         3a:84:54:52:85:53:59:44:47:a2:2f:c1:af:dc:97:71:35:3f:
         94:4f:c4:df:e6:91:45:32:99:a5:78:33:5b:92:71:40:0a:f4:
         ef:7b:e3:87:72:b4:77:0d:86:84:68:70:97:b1:a4:17:3e:b7:
         e5:0a:e1:2a:e1:39:88:9b:10:f3:e8:6d:ea:7c:de:74:62:aa:
         e4:9d:89:e9:46:aa:9c:f9:86:5e:14:53:bc:26:b8:ec:1f:d4:
         93:eb:65:bc:ce:b6:e0:f2:f8:91:cc:da:12:5d:87:52:b0:3d:
         67:4f:70:cc:df:ad:43:b3:0a:d0:ff:9a:26:ed:90:02:90:53:
         a2:6e:e9:86:f8:b0:82:29:cb:77:7f:0e:67:d0:e8:60:b9:1b:
         bd:a0:13:7b:e3:14:56:00:a6:fa:0e:b8:03:2a:44:18:44:79:
         d0:fe:16:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYn9hs84rWMCBnTqOP3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwMzI5MDcwMTExWhcNMjYwMzMwMDcwMTExWjAzMTEwLwYDVQQD
EyhkMDg5OTRhNDQ1ZmU2OWQ3Zjc1YjVkNzM4MzZjYmM5NjljMDU2MzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytHgc0XrF5wt6Q2Rv129EaYm7zoy
n5/e+2Nt8YEqnt0Y6UXTQHswsxOw5wLXr2+GaU0GRJMHXP0gW5+pz5BQjpZYj7Qn
oQVDN7VwTTj514vJN90KIwvIkc/YRtTyy/sczV/zWTvJZAx4KAa3n+fFU8X6kxrf
B6Bb/Gnx07b6hvluStByL0LDmkOd/eFqvO7f5T79p2hW6ZXD7ieH44MhS84wZfib
gi8YlhfnxJ/cZheZxVObaALKewEBvNB13R0j1hot1HbRRLDDhl6vhAg8iaSQWKml
nqY+rsTtPnWRDC5R4jhCKb257Bbir0u2azqPfbWdVEf4Vk0uM+MnGftOSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCJlKRF/mnX91tdc4NsvJacBWM+MB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK1KJr1A7
EB4XQMuCepgsD7ZdhcTI4Gv7wYD3RVo5t2V32zVbUonAPK3qYA1Ghp7hU+DDx/7H
IPzobzvD6XhGxvR0HF0v8Hok087PPGrc0xB/3LReBHHPmmDeOoRUUoVTWURHoi/B
r9yXcTU/lE/E3+aRRTKZpXgzW5JxQAr073vjh3K0dw2GhGhwl7GkFz635QrhKuE5
iJsQ8+ht6nzedGKq5J2J6UaqnPmGXhRTvCa47B/Uk+tlvM624PL4kczaEl2HUrA9
Z09wzN+tQ7MK0P+aJu2QApBTom7phviwginLd38OZ9DoYLkbvaATe+MUVgCm+g64
AypEGER50P4Wjw==
-----END CERTIFICATE-----