Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          phoVGdvhwiQXwqm2u4T5K69iq1GmQdcD7tLVGTA/iCw=
Subject key identifier:   85:03:38:1C:08:0C:5F:69:9E:2B:AA:60:BD:A5:4C:A0:01:E4:97:BB
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       019D36E43666FE2EDF379BDFB44E4F001ACC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0CB2
Signing time:             Sun 29 Mar 2026 00:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 00:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 00:00:18 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: HA6u9RT+I/7Okb7PLW1k72vCT1taFtldpUj/Of8XMEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:36:e4:36:66:fe:2e:df:37:9b:df:b4:4e:4f:00:1a:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Mar 29 00:00:18 2026 GMT
            Not After : Mar 30 00:00:18 2026 GMT
        Subject: CN=8503381c080c5f699e2baa60bda54ca001e497bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f8:2d:4d:3e:6d:4f:f9:c9:c5:4b:7a:40:05:
                    aa:30:5a:aa:7c:b6:f6:3a:44:ae:9e:6a:1e:4d:68:
                    a2:5e:52:73:87:4f:25:f6:4f:8f:2c:2c:67:1a:1c:
                    7f:65:96:93:b2:ee:dc:58:f8:b7:eb:ed:2f:21:3f:
                    8e:47:42:86:f8:96:11:46:dd:cb:62:f3:ab:b6:32:
                    ef:04:5a:32:6d:12:d4:df:ec:c0:1c:0d:0a:59:2e:
                    81:3f:c5:35:6a:32:53:38:63:f1:cb:fd:4a:7d:bc:
                    f5:a1:4e:13:46:20:6b:8f:9a:fb:0a:cd:13:4c:b0:
                    ed:15:fd:4e:22:fe:28:30:b5:2e:a3:ce:c9:cf:28:
                    d7:63:b5:da:d9:cd:b5:34:a8:fd:9d:9e:33:b5:29:
                    83:00:ee:4a:16:b6:30:d9:78:d2:20:bf:4b:bb:09:
                    5f:f0:4b:9c:d7:05:71:98:c8:e0:61:0f:d7:a1:e8:
                    5d:f1:a7:40:2a:5e:03:c8:05:28:0f:f9:b1:c9:47:
                    e6:19:89:49:73:3b:dd:f3:5c:f5:22:2e:4a:be:08:
                    0c:56:89:30:d7:2a:7a:6a:46:4e:fe:57:44:95:5d:
                    5a:34:53:11:e3:eb:f5:96:9d:ea:48:5d:f2:d5:07:
                    f6:4f:90:fb:2a:d0:8a:03:b7:e2:09:84:55:dc:ca:
                    30:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:03:38:1C:08:0C:5F:69:9E:2B:AA:60:BD:A5:4C:A0:01:E4:97:BB
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:80:fc:a4:30:e6:d8:3b:50:ea:bb:6b:e3:39:ab:e0:75:6a:
         fe:3f:ea:fe:8c:c7:c1:6f:f0:d6:ba:42:76:77:bb:2f:fb:c0:
         5c:ec:6f:02:a0:60:ac:71:cc:2c:ce:35:4e:b6:e0:1e:3d:d0:
         f1:6a:3a:eb:fd:d9:a9:08:f1:bc:0d:86:08:0c:0a:9e:43:2f:
         e4:df:47:92:d4:8c:c3:4d:5c:6a:32:c6:02:df:72:5b:20:95:
         44:cf:4f:95:6a:2a:2a:09:48:1e:b3:33:a1:24:36:5e:cc:86:
         95:f3:6c:e4:d4:18:fb:e1:cb:0e:a7:ce:30:07:d0:77:50:93:
         e0:06:20:4c:99:e2:30:a3:f8:f4:b5:33:13:54:7f:1c:6e:84:
         2e:2a:28:50:89:02:2a:36:d0:db:8a:f5:ab:fd:7c:c1:8d:71:
         81:d9:eb:5d:ad:cd:70:07:94:06:5e:97:5f:2a:07:ca:ca:df:
         3b:34:e7:02:e4:e5:25:01:9d:5f:c3:f1:6b:10:45:fb:2f:25:
         bb:e7:d4:72:de:29:02:81:1b:86:a8:46:6b:04:57:be:37:96:
         86:d3:2c:a6:1c:17:f2:a8:c3:6a:a0:12:d8:eb:1a:12:73:d1:
         b0:22:a2:92:16:5a:f0:17:2c:63:de:c4:1b:f4:c8:52:86:2e:
         60:53:bd:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025DZm/i7fN5vftE5PABrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjYwMzI5MDAwMDE4WhcNMjYwMzMwMDAwMDE4WjAzMTEwLwYDVQQD
Eyg4NTAzMzgxYzA4MGM1ZjY5OWUyYmFhNjBiZGE1NGNhMDAxZTQ5N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/gtTT5tT/nJxUt6QAWqMFqqfLb2
OkSunmoeTWiiXlJzh08l9k+PLCxnGhx/ZZaTsu7cWPi36+0vIT+OR0KG+JYRRt3L
YvOrtjLvBFoybRLU3+zAHA0KWS6BP8U1ajJTOGPxy/1Kfbz1oU4TRiBrj5r7Cs0T
TLDtFf1OIv4oMLUuo87JzyjXY7Xa2c21NKj9nZ4ztSmDAO5KFrYw2XjSIL9Luwlf
8Euc1wVxmMjgYQ/Xoehd8adAKl4DyAUoD/mxyUfmGYlJczvd81z1Ii5KvggMVokw
1yp6akZO/ldElV1aNFMR4+v1lp3qSF3y1Qf2T5D7KtCKA7fiCYRV3Mow3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUDOBwIDF9pniuqYL2lTKAB5Je7MB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4D8pDDm
2DtQ6rtr4zmr4HVq/j/q/ozHwW/w1rpCdne7L/vAXOxvAqBgrHHMLM41TrbgHj3Q
8Wo66/3ZqQjxvA2GCAwKnkMv5N9HktSMw01cajLGAt9yWyCVRM9PlWoqKglIHrMz
oSQ2XsyGlfNs5NQY++HLDqfOMAfQd1CT4AYgTJniMKP49LUzE1R/HG6ELiooUIkC
KjbQ24r1q/18wY1xgdnrXa3NcAeUBl6XXyoHysrfOzTnAuTlJQGdX8PxaxBF+y8l
u+fUct4pAoEbhqhGawRXvjeWhtMsphwX8qjDaqAS2OsaEnPRsCKikhZa8BcsY97E
G/TIUoYuYFO98A==
-----END CERTIFICATE-----