Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/2b6f99-fd64-409e-8d98-f210e39f7328/1/zHjaWyZetWpkanhB0edipoGdGY4.mft
File:                     zHjaWyZetWpkanhB0edipoGdGY4.mft (raw, json)
Hash identifier:          S9iAcwo0CvYu9d8Y8yS4CtBqhNJnwWMIWA8AsOLbZ40=
Subject key identifier:   C2:9A:D9:5B:1C:65:2D:3A:50:09:C1:ED:25:79:B7:32:17:0C:9F:60
Authority key identifier: CC:78:DA:5B:26:5E:B5:6A:64:6A:78:41:D1:E7:62:A6:81:9D:19:8E
Certificate issuer:       /CN=cc78da5b265eb56a646a7841d1e762a6819d198e
Certificate serial:       019D382DF095B7FC2582150901CB2EBF8B8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zHjaWyZetWpkanhB0edipoGdGY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/2b6f99-fd64-409e-8d98-f210e39f7328/1/zHjaWyZetWpkanhB0edipoGdGY4.mft
Manifest number:          35
Signing time:             Sun 29 Mar 2026 06:00:27 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:27 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:27 +0000
Files and hashes:         1: zHjaWyZetWpkanhB0edipoGdGY4.crl (hash: 0O7osjKLrGbnEuk78z3zb11Uy6xkD9idWXceog6dMPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/2b6f99-fd64-409e-8d98-f210e39f7328/1/zHjaWyZetWpkanhB0edipoGdGY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/2b6f99-fd64-409e-8d98-f210e39f7328/1/zHjaWyZetWpkanhB0edipoGdGY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zHjaWyZetWpkanhB0edipoGdGY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2d:f0:95:b7:fc:25:82:15:09:01:cb:2e:bf:8b:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc78da5b265eb56a646a7841d1e762a6819d198e
        Validity
            Not Before: Mar 29 06:00:27 2026 GMT
            Not After : Mar 30 06:00:27 2026 GMT
        Subject: CN=c29ad95b1c652d3a5009c1ed2579b732170c9f60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:56:6b:6d:55:be:d0:6f:17:4c:2b:0c:b7:b7:
                    2b:6f:2d:b2:39:32:70:70:86:55:d0:20:49:ed:cd:
                    04:3f:15:d1:e4:79:fc:aa:60:60:0a:f8:e5:a4:67:
                    8a:44:98:18:19:70:ee:e7:fb:ee:e7:06:c5:58:02:
                    3d:67:7e:0f:d9:a7:c3:4e:28:7c:54:3b:6e:41:9f:
                    65:5a:0a:84:ee:d0:a5:33:48:45:0a:05:d0:12:67:
                    d0:ce:14:eb:d4:d3:41:8a:81:84:a6:fa:c5:4e:45:
                    c7:46:53:91:2e:11:6d:aa:51:fb:47:e2:c5:06:65:
                    18:66:0c:49:c6:7c:f3:2f:63:47:bd:2f:b1:28:84:
                    3c:63:b3:c3:ba:0d:10:90:ae:40:44:99:8c:07:ab:
                    37:1d:77:be:b2:38:5d:de:9a:87:66:a5:84:92:6e:
                    7a:2d:63:88:fa:cd:4a:69:aa:06:7f:d3:59:ef:92:
                    be:b9:69:7b:42:9c:39:d1:05:7b:e2:88:04:3d:0b:
                    55:db:9e:a9:bc:60:96:6d:ee:87:f8:35:3a:f3:d6:
                    13:10:92:63:90:b9:ec:77:b7:f5:30:ff:3c:12:e6:
                    33:3e:31:2c:6e:fd:32:28:59:0e:c3:e0:2a:9a:3f:
                    39:ba:45:e2:9a:cd:98:70:44:c3:7f:af:1e:20:a3:
                    d8:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:9A:D9:5B:1C:65:2D:3A:50:09:C1:ED:25:79:B7:32:17:0C:9F:60
            X509v3 Authority Key Identifier:
                keyid:CC:78:DA:5B:26:5E:B5:6A:64:6A:78:41:D1:E7:62:A6:81:9D:19:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHjaWyZetWpkanhB0edipoGdGY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2b6f99-fd64-409e-8d98-f210e39f7328/1/zHjaWyZetWpkanhB0edipoGdGY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2b6f99-fd64-409e-8d98-f210e39f7328/1/zHjaWyZetWpkanhB0edipoGdGY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:33:31:51:ba:27:e8:d8:a2:95:7b:19:22:63:6b:f4:75:86:
         1b:c6:e0:8d:d6:20:5e:5a:65:e4:4f:ca:13:8f:42:10:47:1b:
         c5:44:c7:3c:35:36:b3:00:6c:a3:0d:4b:06:9c:22:cf:73:6e:
         c2:aa:32:2b:c2:1c:19:7e:88:52:30:c2:a9:6d:2c:f4:c2:4b:
         42:02:03:53:2f:72:bc:99:47:98:f2:44:e3:52:f6:9f:cb:8d:
         a4:6d:6a:94:0e:b3:6b:b6:0e:3e:0c:9a:66:80:5a:98:81:37:
         93:2f:84:c5:d0:99:be:8c:4c:a0:6c:85:7e:54:df:4a:e1:6c:
         b7:49:45:cb:01:55:d2:ae:2d:43:12:b0:dd:f4:bd:91:09:11:
         67:b0:fe:55:12:85:86:3b:9a:3b:0d:eb:65:b1:c1:2d:64:cf:
         99:88:f9:2d:8b:a2:74:4a:9a:3c:c7:74:82:fc:45:4c:70:41:
         ba:c5:23:2f:a2:58:0e:dd:ec:ea:00:21:45:62:00:81:e1:73:
         27:2a:12:64:b0:77:c7:8b:a8:65:c8:43:09:ed:64:ac:db:6a:
         72:34:78:a2:ab:ec:0a:cf:bb:e4:c6:3a:80:ef:3d:94:47:df:
         db:e7:7b:6b:e1:79:3e:c7:0a:c7:f0:67:ed:f6:98:6f:40:43:
         3d:bb:f5:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LfCVt/wlghUJAcsuv4uMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzhkYTViMjY1ZWI1NmE2NDZhNzg0MWQxZTc2MmE2ODE5
ZDE5OGUwHhcNMjYwMzI5MDYwMDI3WhcNMjYwMzMwMDYwMDI3WjAzMTEwLwYDVQQD
EyhjMjlhZDk1YjFjNjUyZDNhNTAwOWMxZWQyNTc5YjczMjE3MGM5ZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFZrbVW+0G8XTCsMt7crby2yOTJw
cIZV0CBJ7c0EPxXR5Hn8qmBgCvjlpGeKRJgYGXDu5/vu5wbFWAI9Z34P2afDTih8
VDtuQZ9lWgqE7tClM0hFCgXQEmfQzhTr1NNBioGEpvrFTkXHRlORLhFtqlH7R+LF
BmUYZgxJxnzzL2NHvS+xKIQ8Y7PDug0QkK5ARJmMB6s3HXe+sjhd3pqHZqWEkm56
LWOI+s1KaaoGf9NZ75K+uWl7Qpw50QV74ogEPQtV256pvGCWbe6H+DU689YTEJJj
kLnsd7f1MP88EuYzPjEsbv0yKFkOw+Aqmj85ukXims2YcETDf68eIKPY7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKa2VscZS06UAnB7SV5tzIXDJ9gMB8GA1UdIwQY
MBaAFMx42lsmXrVqZGp4QdHnYqaBnRmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhqYVd5WmV0V3BrYW5oQjBlZGlwb0dkR1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8yYjZmOTktZmQ2NC00MDllLThkOTgt
ZjIxMGUzOWY3MzI4LzEvekhqYVd5WmV0V3BrYW5oQjBlZGlwb0dkR1k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8yYjZmOTktZmQ2NC00MDllLThkOTgtZjIxMGUzOWY3MzI4
LzEvekhqYVd5WmV0V3BrYW5oQjBlZGlwb0dkR1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbDMxUbon
6NiilXsZImNr9HWGG8bgjdYgXlpl5E/KE49CEEcbxUTHPDU2swBsow1LBpwiz3Nu
wqoyK8IcGX6IUjDCqW0s9MJLQgIDUy9yvJlHmPJE41L2n8uNpG1qlA6za7YOPgya
ZoBamIE3ky+ExdCZvoxMoGyFflTfSuFst0lFywFV0q4tQxKw3fS9kQkRZ7D+VRKF
hjuaOw3rZbHBLWTPmYj5LYuidEqaPMd0gvxFTHBBusUjL6JYDt3s6gAhRWIAgeFz
JyoSZLB3x4uoZchDCe1krNtqcjR4oqvsCs+75MY6gO89lEff2+d7a+F5PscKx/Bn
7faYb0BDPbv1zw==
-----END CERTIFICATE-----