Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft
File:                     zEHDryzVmGV10bz2Xsnod2Zu3jY.mft (raw, json)
Hash identifier:          y01dBQV/E7Ymf2yOL0MWz9aGsNf7+5A50igQHrjEPKA=
Subject key identifier:   B2:04:01:4C:20:79:90:A9:98:85:89:67:2B:FC:C7:5D:22:27:63:67
Authority key identifier: CC:41:C3:AF:2C:D5:98:65:75:D1:BC:F6:5E:C9:E8:77:66:6E:DE:36
Certificate issuer:       /CN=cc41c3af2cd5986575d1bcf65ec9e877666ede36
Certificate serial:       019D3A547E11C98C7F71D0C6188D41187CA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zEHDryzVmGV10bz2Xsnod2Zu3jY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft
Manifest number:          1521
Signing time:             Sun 29 Mar 2026 16:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:48 +0000
Files and hashes:         1: zEHDryzVmGV10bz2Xsnod2Zu3jY.crl (hash: aeUiUEA1mXlSmxCzR0e7072+CGdFvPth4YAln4s1Ekw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zEHDryzVmGV10bz2Xsnod2Zu3jY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:7e:11:c9:8c:7f:71:d0:c6:18:8d:41:18:7c:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc41c3af2cd5986575d1bcf65ec9e877666ede36
        Validity
            Not Before: Mar 29 16:01:48 2026 GMT
            Not After : Mar 30 16:01:48 2026 GMT
        Subject: CN=b204014c207990a9988589672bfcc75d22276367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:9a:b6:f2:28:10:aa:ab:46:f3:04:60:54:ca:
                    1a:bc:9f:12:c5:84:c3:9f:0e:1f:01:ef:9f:05:69:
                    14:88:df:72:ee:c5:6a:34:bc:8a:4e:53:95:cc:88:
                    92:13:d0:56:b7:36:4e:0c:e2:f7:be:c0:2d:4f:87:
                    72:71:2b:c1:93:67:d5:6f:35:a1:b2:e8:45:f4:88:
                    bb:cd:d3:75:81:e2:7f:54:f9:5f:5a:33:f6:a8:55:
                    73:25:3a:28:74:56:27:2c:a6:de:c6:0a:fa:15:70:
                    5a:1a:7c:bc:1f:a7:ac:86:ec:75:e9:3d:53:86:75:
                    64:69:f7:b2:10:3e:00:38:f9:bb:30:19:37:99:bb:
                    76:5f:6e:df:e3:a5:cd:bc:28:35:c8:e9:cb:21:f2:
                    49:65:08:df:63:6a:ad:ca:aa:b0:34:4f:30:b2:6a:
                    10:35:50:74:9b:e0:a8:c2:0f:1d:89:76:84:1c:91:
                    62:44:54:9a:17:c8:73:68:65:24:dd:cf:52:c7:7b:
                    fe:c2:82:d0:05:c6:54:d6:c3:93:be:25:ac:07:62:
                    86:68:83:68:6e:6d:71:b7:9e:45:4d:b2:f1:26:2c:
                    3f:52:d0:b4:db:76:09:98:e6:fb:f0:ac:9b:4b:05:
                    8c:5f:19:f7:33:63:1a:ad:2e:7c:84:e7:3a:6f:45:
                    d8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:04:01:4C:20:79:90:A9:98:85:89:67:2B:FC:C7:5D:22:27:63:67
            X509v3 Authority Key Identifier:
                keyid:CC:41:C3:AF:2C:D5:98:65:75:D1:BC:F6:5E:C9:E8:77:66:6E:DE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEHDryzVmGV10bz2Xsnod2Zu3jY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:1c:fa:4f:db:df:93:23:3b:1d:86:52:b4:f9:fd:45:65:ef:
         0a:63:1a:0d:40:06:07:90:36:1f:35:bd:52:74:30:fd:62:38:
         c5:2e:c0:a9:fb:34:d3:a9:28:ab:97:0d:4c:99:22:e8:f7:ce:
         33:ee:5c:f0:be:4e:de:50:60:9e:99:71:b3:e1:1f:22:ca:59:
         e8:84:1e:d2:76:c2:ee:05:df:e6:dd:35:07:0b:e4:7c:91:ce:
         ae:92:d3:f1:6c:55:df:61:a8:c1:14:f1:11:cc:f9:2d:d7:27:
         99:59:57:37:d7:11:2f:5c:ad:dd:21:05:ba:c9:39:c5:7b:a0:
         75:8e:cb:ee:06:c5:1a:95:61:e7:d2:78:c9:f2:14:9e:56:14:
         f5:ee:de:c8:39:64:4c:01:9c:22:9f:76:56:a8:cb:ef:00:6b:
         96:06:8b:33:ac:b6:dc:9d:2b:c5:ab:03:2d:14:e4:9b:bc:2d:
         a0:94:09:74:c0:7e:65:79:73:e4:bf:9e:32:9f:38:2a:3b:8b:
         c6:22:34:58:5a:8d:8a:d5:a7:e1:33:1b:4c:39:79:2c:f3:90:
         94:8c:74:d6:49:a3:73:08:d9:56:0e:a3:ba:e7:18:1f:df:ca:
         5b:61:11:37:59:60:0f:9b:cf:00:09:a5:08:6c:6f:f8:9d:99:
         6a:90:2a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VH4RyYx/cdDGGI1BGHymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDFjM2FmMmNkNTk4NjU3NWQxYmNmNjVlYzllODc3NjY2
ZWRlMzYwHhcNMjYwMzI5MTYwMTQ4WhcNMjYwMzMwMTYwMTQ4WjAzMTEwLwYDVQQD
EyhiMjA0MDE0YzIwNzk5MGE5OTg4NTg5NjcyYmZjYzc1ZDIyMjc2MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5q28igQqqtG8wRgVMoavJ8SxYTD
nw4fAe+fBWkUiN9y7sVqNLyKTlOVzIiSE9BWtzZODOL3vsAtT4dycSvBk2fVbzWh
suhF9Ii7zdN1geJ/VPlfWjP2qFVzJToodFYnLKbexgr6FXBaGny8H6eshux16T1T
hnVkafeyED4AOPm7MBk3mbt2X27f46XNvCg1yOnLIfJJZQjfY2qtyqqwNE8wsmoQ
NVB0m+Cowg8diXaEHJFiRFSaF8hzaGUk3c9Sx3v+woLQBcZU1sOTviWsB2KGaINo
bm1xt55FTbLxJiw/UtC023YJmOb78KybSwWMXxn3M2MarS58hOc6b0XYqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIEAUwgeZCpmIWJZyv8x10iJ2NnMB8GA1UdIwQY
MBaAFMxBw68s1ZhlddG89l7J6Hdmbt42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVIRHJ5elZtR1YxMGJ6Mlhzbm9kMlp1M2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YTZlNTEtNGE4Zi00MGQzLWIwZmEt
NGM2NTIyNDUzYzlhLzEvekVIRHJ5elZtR1YxMGJ6Mlhzbm9kMlp1M2pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YTZlNTEtNGE4Zi00MGQzLWIwZmEtNGM2NTIyNDUzYzlh
LzEvekVIRHJ5elZtR1YxMGJ6Mlhzbm9kMlp1M2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRz6T9vf
kyM7HYZStPn9RWXvCmMaDUAGB5A2HzW9UnQw/WI4xS7Aqfs006koq5cNTJki6PfO
M+5c8L5O3lBgnplxs+EfIspZ6IQe0nbC7gXf5t01BwvkfJHOrpLT8WxV32GowRTx
Ecz5LdcnmVlXN9cRL1yt3SEFusk5xXugdY7L7gbFGpVh59J4yfIUnlYU9e7eyDlk
TAGcIp92VqjL7wBrlgaLM6y23J0rxasDLRTkm7wtoJQJdMB+ZXlz5L+eMp84KjuL
xiI0WFqNitWn4TMbTDl5LPOQlIx01kmjcwjZVg6juucYH9/KW2ERN1lgD5vPAAml
CGxv+J2ZapAqIw==
-----END CERTIFICATE-----