Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          s9Jz6Kb15s39F01MYW2Wz1XlUWd/nynfs3mH5a3WOWg=
Subject key identifier:   9B:6F:D1:81:B5:0E:17:84:90:22:9B:1E:8F:A0:08:23:DD:92:EB:05
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       019D386564E933E7E9E15F6758AA9CCAE8A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          0808
Signing time:             Sun 29 Mar 2026 07:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:02 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: QBfaE/PqtTAvHiAjyt8ZRKYDKTWQ/tEJmESUcYJBdqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:64:e9:33:e7:e9:e1:5f:67:58:aa:9c:ca:e8:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Mar 29 07:01:02 2026 GMT
            Not After : Mar 30 07:01:02 2026 GMT
        Subject: CN=9b6fd181b50e178490229b1e8fa00823dd92eb05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:59:cb:99:e0:e1:b1:2b:9e:40:43:0b:d7:82:
                    bd:ae:c9:44:bb:06:88:6b:03:e7:29:c1:15:79:8b:
                    4d:b9:e5:64:99:7b:db:e5:58:ce:06:f8:13:55:e3:
                    7d:5c:15:79:05:74:e7:2c:ae:7e:d2:48:35:61:2d:
                    d6:10:95:d1:41:04:ea:31:3a:81:38:85:23:8d:95:
                    53:7a:b5:21:de:cd:e9:83:08:14:13:8f:2c:05:ca:
                    7f:cb:ca:f6:7f:ea:ef:20:38:46:cf:ed:a4:9b:12:
                    d4:e3:0e:13:f5:80:f6:4d:89:36:b5:d5:72:dd:b9:
                    02:10:d4:ed:bb:8a:94:e0:3b:07:d6:b9:d8:10:22:
                    a3:dc:93:ee:b1:3d:ae:c3:e1:83:55:95:a9:ef:12:
                    a1:ef:8c:dd:99:37:b0:c7:a7:17:9f:a1:e6:51:2f:
                    cd:e5:cc:38:d6:50:d7:33:a4:42:ee:72:56:8c:58:
                    a9:28:41:43:1e:a8:c7:60:40:72:af:38:c5:c6:fd:
                    48:de:71:6e:df:06:7b:37:39:94:29:67:e9:4a:1a:
                    12:5e:8c:83:dd:d5:31:bd:45:90:e4:82:1c:af:04:
                    6e:19:b5:e2:4b:23:ef:38:39:47:01:ac:da:48:5a:
                    c1:ad:63:1e:c1:d6:ef:1f:41:02:bf:df:8e:c7:0d:
                    71:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:6F:D1:81:B5:0E:17:84:90:22:9B:1E:8F:A0:08:23:DD:92:EB:05
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:39:70:f5:b2:e7:b7:d3:56:13:48:c8:1c:27:f2:9c:84:c1:
         9c:d9:aa:5b:82:1b:c0:38:d3:6b:20:d5:58:97:f9:ad:c7:8f:
         66:6a:3a:30:b9:f5:90:98:90:21:45:17:02:17:ff:6a:50:fd:
         9f:ea:44:83:f4:97:02:8b:fc:5d:76:0a:68:48:a5:cc:d4:51:
         28:6a:50:f9:0c:b5:b1:b8:45:bd:0e:24:52:95:5a:c9:18:96:
         a7:81:33:ac:33:f3:d8:a3:7d:23:82:fc:8a:5b:45:d5:5a:66:
         b5:3b:b6:a8:75:64:b4:84:1a:f9:42:09:ed:7d:c8:bf:6c:cc:
         43:fe:ea:5f:a7:06:14:41:01:18:c6:60:ae:21:3e:e0:f8:f5:
         8d:f0:8c:ae:fe:2d:eb:7e:79:b2:76:ca:4d:bb:d3:c9:89:4c:
         6b:5c:dc:6c:a9:ac:f2:33:4a:3a:91:fe:3b:e9:6e:32:41:ae:
         ed:73:44:20:45:72:b7:24:ec:6c:a0:6a:31:5e:9f:1d:a4:3b:
         a9:3c:d9:2d:42:04:d2:df:1c:92:97:49:63:7c:99:30:4c:88:
         e7:19:26:62:0a:79:19:a6:06:ec:a3:4c:0e:7e:4f:8b:58:f8:
         94:8c:42:5a:cd:3c:1d:19:69:b3:eb:72:40:7a:9d:59:2e:62:
         d1:87:cf:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWTpM+fp4V9nWKqcyuihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjYwMzI5MDcwMTAyWhcNMjYwMzMwMDcwMTAyWjAzMTEwLwYDVQQD
Eyg5YjZmZDE4MWI1MGUxNzg0OTAyMjliMWU4ZmEwMDgyM2RkOTJlYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFnLmeDhsSueQEML14K9rslEuwaI
awPnKcEVeYtNueVkmXvb5VjOBvgTVeN9XBV5BXTnLK5+0kg1YS3WEJXRQQTqMTqB
OIUjjZVTerUh3s3pgwgUE48sBcp/y8r2f+rvIDhGz+2kmxLU4w4T9YD2TYk2tdVy
3bkCENTtu4qU4DsH1rnYECKj3JPusT2uw+GDVZWp7xKh74zdmTewx6cXn6HmUS/N
5cw41lDXM6RC7nJWjFipKEFDHqjHYEByrzjFxv1I3nFu3wZ7NzmUKWfpShoSXoyD
3dUxvUWQ5IIcrwRuGbXiSyPvODlHAazaSFrBrWMewdbvH0ECv9+Oxw1x0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtv0YG1DheEkCKbHo+gCCPdkusFMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjlw9bLn
t9NWE0jIHCfynITBnNmqW4IbwDjTayDVWJf5rcePZmo6MLn1kJiQIUUXAhf/alD9
n+pEg/SXAov8XXYKaEilzNRRKGpQ+Qy1sbhFvQ4kUpVayRiWp4EzrDPz2KN9I4L8
iltF1VpmtTu2qHVktIQa+UIJ7X3Iv2zMQ/7qX6cGFEEBGMZgriE+4Pj1jfCMrv4t
6355snbKTbvTyYlMa1zcbKms8jNKOpH+O+luMkGu7XNEIEVytyTsbKBqMV6fHaQ7
qTzZLUIE0t8ckpdJY3yZMEyI5xkmYgp5GaYG7KNMDn5Pi1j4lIxCWs08HRlps+ty
QHqdWS5i0YfP3g==
-----END CERTIFICATE-----