Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          2DXYldJkllFJYGriE6asT5g7UpxgrfPfOV0mBwYVXH0=
Subject key identifier:   C5:4B:2E:7E:3A:DE:28:49:80:4E:13:10:01:8A:2E:9D:A6:1A:A2:6E
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       019D3A54216FB7CAB10E9CB609269A31A5EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          1231
Signing time:             Sun 29 Mar 2026 16:01:25 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:25 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:25 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: e6MQF2OnfvpCX0fo/uyKm6A2TfvW/x4hRDkhY3O28t0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:21:6f:b7:ca:b1:0e:9c:b6:09:26:9a:31:a5:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: Mar 29 16:01:25 2026 GMT
            Not After : Mar 30 16:01:25 2026 GMT
        Subject: CN=c54b2e7e3ade2849804e1310018a2e9da61aa26e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1a:c3:95:a9:77:a6:40:7a:f2:84:34:77:b9:
                    b7:49:8d:30:18:cc:28:49:1d:17:f0:72:42:18:dc:
                    98:f5:f9:db:b8:fa:e0:14:f2:07:4d:37:1f:ed:df:
                    49:68:42:00:c6:35:e5:bd:65:7c:83:fd:cb:34:a1:
                    f0:7e:0a:38:06:8c:22:0b:19:87:9a:86:a1:17:67:
                    ac:a7:6d:36:88:f5:ee:0e:3c:e9:be:17:51:2f:1b:
                    31:df:b0:36:52:d8:28:6c:b1:9b:23:b6:12:7a:79:
                    01:32:ba:82:3b:62:1a:da:b3:02:e2:33:24:9f:e0:
                    44:26:e5:e3:7c:58:7f:76:99:0f:e3:d4:fd:fa:e4:
                    f3:5a:19:f7:1b:7b:0d:a7:c3:f8:6b:b3:2a:c6:53:
                    e5:f0:82:ba:d2:bc:60:94:2a:6e:2e:fa:42:d1:4b:
                    85:c1:9a:0d:52:02:d1:b0:0c:ed:9b:91:8f:f7:3a:
                    d4:ab:5b:1c:72:61:da:c6:5d:71:6c:a4:24:1c:e1:
                    9a:62:19:a4:71:62:fe:f5:d4:8d:33:18:f8:55:36:
                    3c:e9:4d:72:18:e0:3e:da:66:17:d5:3e:38:fb:99:
                    d9:27:b1:3e:76:99:7a:2b:36:a9:68:ac:be:68:9e:
                    7e:c5:a8:af:5f:14:57:a9:0d:26:93:ef:77:a5:54:
                    a2:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:4B:2E:7E:3A:DE:28:49:80:4E:13:10:01:8A:2E:9D:A6:1A:A2:6E
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:b0:32:48:f3:f8:23:26:91:ab:c0:ec:7f:2f:82:84:54:b4:
         d3:77:b5:d7:f0:d9:ef:c6:20:31:60:cc:57:da:ab:fa:bf:50:
         5b:cb:44:50:25:29:4e:d4:0b:66:59:ec:a9:fa:fc:f5:4f:74:
         d0:75:d6:34:9b:72:bf:4b:93:44:d5:b1:9c:09:21:20:ee:da:
         65:d4:1a:66:f3:5d:fd:04:1f:38:85:cc:66:de:a3:67:70:80:
         86:62:c2:da:90:b2:e2:ee:b2:0c:fd:68:ee:51:1a:00:2e:ff:
         6b:2e:54:e6:b5:d9:6b:48:18:38:2c:c2:4d:e3:51:77:92:d5:
         3b:c6:bf:4a:7d:f1:8f:a1:32:e7:35:1b:04:92:ac:c3:ae:49:
         3a:4e:1d:4d:a6:46:5b:92:77:7c:65:6a:dd:ff:ea:fe:82:29:
         68:42:63:d6:dd:45:70:40:c3:85:0f:2b:f6:54:f6:ee:68:c6:
         bc:c7:38:9e:c3:f5:66:ea:ca:d1:57:bc:10:5a:aa:3f:ef:a5:
         2e:fe:bc:13:43:93:81:2c:f9:ba:f4:fa:88:17:96:2b:92:77:
         d4:f3:2b:d2:c9:8f:b6:d8:74:d5:09:8d:a5:26:3a:66:ad:4f:
         cd:80:1d:33:3b:60:c2:d3:67:38:1f:81:5e:d1:8b:e0:6d:13:
         43:8e:19:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VCFvt8qxDpy2CSaaMaXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjYwMzI5MTYwMTI1WhcNMjYwMzMwMTYwMTI1WjAzMTEwLwYDVQQD
EyhjNTRiMmU3ZTNhZGUyODQ5ODA0ZTEzMTAwMThhMmU5ZGE2MWFhMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRrDlal3pkB68oQ0d7m3SY0wGMwo
SR0X8HJCGNyY9fnbuPrgFPIHTTcf7d9JaEIAxjXlvWV8g/3LNKHwfgo4BowiCxmH
moahF2esp202iPXuDjzpvhdRLxsx37A2UtgobLGbI7YSenkBMrqCO2Ia2rMC4jMk
n+BEJuXjfFh/dpkP49T9+uTzWhn3G3sNp8P4a7MqxlPl8IK60rxglCpuLvpC0UuF
wZoNUgLRsAztm5GP9zrUq1sccmHaxl1xbKQkHOGaYhmkcWL+9dSNMxj4VTY86U1y
GOA+2mYX1T44+5nZJ7E+dpl6KzapaKy+aJ5+xaivXxRXqQ0mk+93pVSi4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVLLn463ihJgE4TEAGKLp2mGqJuMB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7AySPP4
IyaRq8Dsfy+ChFS003e11/DZ78YgMWDMV9qr+r9QW8tEUCUpTtQLZlnsqfr89U90
0HXWNJtyv0uTRNWxnAkhIO7aZdQaZvNd/QQfOIXMZt6jZ3CAhmLC2pCy4u6yDP1o
7lEaAC7/ay5U5rXZa0gYOCzCTeNRd5LVO8a/Sn3xj6Ey5zUbBJKsw65JOk4dTaZG
W5J3fGVq3f/q/oIpaEJj1t1FcEDDhQ8r9lT27mjGvMc4nsP1ZurK0Ve8EFqqP++l
Lv68E0OTgSz5uvT6iBeWK5J31PMr0smPtth01QmNpSY6Zq1PzYAdMztgwtNnOB+B
XtGL4G0TQ44Zzw==
-----END CERTIFICATE-----