Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
File:                     zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft (raw, json)
Hash identifier:          PwH1uOuYdsxir6ELSbkc2jaOHqou+W0lTRUykVkTYN4=
Subject key identifier:   74:A8:1D:CD:7D:B5:15:B6:AC:82:D2:A1:89:63:35:3C:A3:C1:51:0D
Authority key identifier: CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14
Certificate issuer:       /CN=cd35f6ff567bde93394fff282fad417da0b53614
Certificate serial:       019D37C096EE6C71A6E8F2BA41374E0F4AEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
Manifest number:          0F66
Signing time:             Sun 29 Mar 2026 04:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:01 +0000
Files and hashes:         1: zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl (hash: yO2k1/aJuiLE/UFQBLVo8niCcAdZbfTH3322EvJhH7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:96:ee:6c:71:a6:e8:f2:ba:41:37:4e:0f:4a:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd35f6ff567bde93394fff282fad417da0b53614
        Validity
            Not Before: Mar 29 04:01:01 2026 GMT
            Not After : Mar 30 04:01:01 2026 GMT
        Subject: CN=74a81dcd7db515b6ac82d2a18963353ca3c1510d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7d:2d:a8:fb:78:47:24:03:ef:6f:c7:73:8f:
                    b9:d8:60:16:62:e0:ad:4d:53:52:b7:20:d7:0a:03:
                    58:d8:1f:47:24:22:bf:76:66:f0:ac:76:fe:a5:c5:
                    0a:41:e3:e0:d1:a1:17:dc:a6:9b:fa:c7:ec:12:16:
                    0e:09:32:02:eb:26:c2:60:e7:ff:e9:d8:ae:ec:ad:
                    be:3c:c6:5f:1f:f8:a9:42:19:b4:17:39:94:bc:0e:
                    0b:40:93:0c:5d:bd:53:e8:3f:0f:ea:73:60:86:5e:
                    38:d4:79:3b:33:45:d7:94:aa:41:e8:45:bc:ed:84:
                    a7:3a:44:e0:48:31:d8:dd:ff:8f:a8:4c:03:1c:a4:
                    d5:6f:0b:c8:4f:ae:8e:82:26:f0:2b:65:28:22:b6:
                    7a:14:63:f2:2f:83:12:f6:23:2b:93:17:ac:93:89:
                    3c:a2:48:0a:14:6e:88:d5:9c:06:3c:b5:9d:49:73:
                    a7:df:12:e8:60:52:85:ea:39:cc:c2:5d:f4:21:67:
                    47:62:f7:a0:b6:0b:35:4b:57:26:91:24:bd:31:bb:
                    05:89:cd:85:b9:66:fe:ae:07:9e:eb:fd:91:d8:f8:
                    b4:f7:65:8d:a2:ef:5f:90:a3:86:e9:87:09:a9:30:
                    ad:e6:83:34:15:15:bc:3e:79:f6:81:52:0a:36:27:
                    9f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A8:1D:CD:7D:B5:15:B6:AC:82:D2:A1:89:63:35:3C:A3:C1:51:0D
            X509v3 Authority Key Identifier:
                keyid:CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:df:e1:e6:c2:4c:b4:52:48:bf:bd:f5:47:47:e0:73:59:6d:
         ba:b4:ae:8f:ab:c0:de:9c:eb:d6:8d:fe:8a:97:f5:fd:b3:f1:
         82:11:97:a3:ef:13:b3:cd:33:f3:ef:0c:78:9c:cd:09:29:5e:
         61:28:47:2b:85:c6:8a:5a:de:55:8b:86:07:a1:ba:85:91:cc:
         f3:a9:92:4c:c9:f6:71:9c:d1:e1:f9:f9:c1:28:4d:65:98:77:
         ba:80:e1:7c:74:41:11:fd:14:44:d0:1a:3b:4d:72:f9:4e:c7:
         e9:fe:c2:19:c3:e3:bd:1d:81:cc:d1:5d:83:ed:63:01:04:38:
         f0:33:95:42:7d:8b:d4:c0:b1:eb:df:ba:a5:10:74:79:90:d2:
         1d:26:1a:2d:79:1c:7b:26:52:95:00:ef:93:d9:3f:ad:74:bb:
         b1:f2:fd:5e:0a:13:4d:85:d8:5d:b1:5c:f4:76:8c:55:17:1a:
         78:d2:33:70:dc:76:9b:de:45:2d:ab:bb:a6:38:90:d4:6c:98:
         6c:95:a6:1d:95:43:62:85:b0:05:bc:90:0b:da:60:9d:7e:ce:
         f8:11:54:2e:c6:27:e2:2d:fa:65:aa:d3:43:fa:88:e5:f5:cd:
         36:74:0d:9d:a8:66:98:5e:d8:78:ca:0b:f9:68:0c:b1:43:be:
         7a:d7:5a:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wJbubHGm6PK6QTdOD0rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzVmNmZmNTY3YmRlOTMzOTRmZmYyODJmYWQ0MTdkYTBi
NTM2MTQwHhcNMjYwMzI5MDQwMTAxWhcNMjYwMzMwMDQwMTAxWjAzMTEwLwYDVQQD
Eyg3NGE4MWRjZDdkYjUxNWI2YWM4MmQyYTE4OTYzMzUzY2EzYzE1MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu30tqPt4RyQD72/Hc4+52GAWYuCt
TVNStyDXCgNY2B9HJCK/dmbwrHb+pcUKQePg0aEX3Kab+sfsEhYOCTIC6ybCYOf/
6diu7K2+PMZfH/ipQhm0FzmUvA4LQJMMXb1T6D8P6nNghl441Hk7M0XXlKpB6EW8
7YSnOkTgSDHY3f+PqEwDHKTVbwvIT66OgibwK2UoIrZ6FGPyL4MS9iMrkxesk4k8
okgKFG6I1ZwGPLWdSXOn3xLoYFKF6jnMwl30IWdHYvegtgs1S1cmkSS9MbsFic2F
uWb+rgee6/2R2Pi092WNou9fkKOG6YcJqTCt5oM0FRW8Pnn2gVIKNiefTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSoHc19tRW2rILSoYljNTyjwVENMB8GA1UdIwQY
MBaAFM019v9We96TOU//KC+tQX2gtTYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDct
NDRhMzA3NTQ1ZDc0LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDctNDRhMzA3NTQ1ZDc0
LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqd/h5sJM
tFJIv731R0fgc1lturSuj6vA3pzr1o3+ipf1/bPxghGXo+8Ts80z8+8MeJzNCSle
YShHK4XGilreVYuGB6G6hZHM86mSTMn2cZzR4fn5wShNZZh3uoDhfHRBEf0URNAa
O01y+U7H6f7CGcPjvR2BzNFdg+1jAQQ48DOVQn2L1MCx69+6pRB0eZDSHSYaLXkc
eyZSlQDvk9k/rXS7sfL9XgoTTYXYXbFc9HaMVRcaeNIzcNx2m95FLau7pjiQ1GyY
bJWmHZVDYoWwBbyQC9pgnX7O+BFULsYn4i36ZarTQ/qI5fXNNnQNnahmmF7YeMoL
+WgMsUO+etda2Q==
-----END CERTIFICATE-----