Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
File:                     zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft (raw, json)
Hash identifier:          L4Xws8O5bu2/Y7mjgiw2loRcWvEAXAVv3xVBldDAH0k=
Subject key identifier:   91:1E:8F:C1:3E:43:98:9F:78:AF:61:C8:76:6E:79:A8:F2:B9:04:1A
Authority key identifier: CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12
Certificate issuer:       /CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
Certificate serial:       019D37897167A8724CA8D35794AB0CA7CE30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
Manifest number:          0340
Signing time:             Sun 29 Mar 2026 03:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:47 +0000
Files and hashes:         1: zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl (hash: I0YqUskBNAM9skBj6H/GECIo5qkwBwCUGfunFWxLx4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:71:67:a8:72:4c:a8:d3:57:94:ab:0c:a7:ce:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
        Validity
            Not Before: Mar 29 03:00:47 2026 GMT
            Not After : Mar 30 03:00:47 2026 GMT
        Subject: CN=911e8fc13e43989f78af61c8766e79a8f2b9041a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:8d:6f:79:8e:80:da:c4:4c:3d:5d:8d:2d:92:
                    9a:9b:9e:19:aa:ff:ba:eb:cb:53:77:3c:9b:c2:ae:
                    05:09:9a:95:60:44:31:79:e5:03:ae:e0:91:3d:96:
                    2f:4c:5c:b1:7c:28:85:9d:f5:6f:a2:62:cf:e6:d7:
                    b9:79:31:ab:22:9a:8d:c9:a9:e2:7c:bd:89:ef:fe:
                    b0:b8:ed:c2:e8:2f:fe:dc:ac:77:d2:1b:55:5c:75:
                    38:f6:92:f0:5c:52:21:ad:fc:ae:eb:5d:e0:8c:10:
                    2f:22:bd:d1:65:f4:45:11:c9:af:81:46:8a:7b:83:
                    68:08:cd:56:e9:ad:f2:33:7a:5c:63:f9:b7:4a:fe:
                    b5:18:37:98:36:2d:bc:b5:36:16:bc:58:47:94:2b:
                    2f:f3:88:e0:8f:31:41:8d:49:ba:03:87:2d:19:37:
                    85:d5:a7:14:e3:8a:10:3a:29:94:a9:1f:bb:7a:3c:
                    32:bf:06:1c:b1:0c:95:7a:e0:d1:55:f7:e4:b3:59:
                    48:ac:12:18:cf:94:06:79:02:7e:3b:9d:b4:11:7d:
                    cb:5b:58:a8:0c:ab:8a:61:53:d1:1f:5c:55:b4:b2:
                    88:da:b0:72:d8:63:5f:c9:92:f3:38:01:6d:8a:36:
                    17:94:3e:0a:df:b1:d3:ce:32:4d:8e:2b:ef:80:02:
                    51:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:1E:8F:C1:3E:43:98:9F:78:AF:61:C8:76:6E:79:A8:F2:B9:04:1A
            X509v3 Authority Key Identifier:
                keyid:CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d4:cc:d1:f1:3b:48:73:73:a9:84:5f:7f:01:68:37:a6:1d:
         2d:f3:fe:a7:23:b8:f5:ac:b4:09:06:e4:42:f9:33:49:a5:64:
         48:9c:ba:8a:ee:75:09:fb:4b:a3:17:c4:00:51:d0:6e:7c:6e:
         ec:75:51:c0:54:fb:a9:01:56:36:6e:cc:f1:85:79:32:3f:f6:
         bd:55:26:96:a8:8c:1c:08:b2:b5:c2:39:92:c0:2e:b4:8e:55:
         2a:71:01:a2:ee:b8:7a:98:f6:2c:5f:30:80:40:b0:7f:dd:a6:
         c3:4f:6a:c4:0c:a4:4a:55:a0:36:5e:b2:65:82:d3:66:b2:a7:
         5d:6a:32:fe:4f:2f:fb:6e:f9:b3:8b:9f:34:c1:c2:bf:24:8c:
         74:30:47:81:1e:b2:d4:98:87:a5:e7:65:1c:38:8c:ad:a5:6b:
         e9:bf:e9:6c:dd:34:ec:2a:0f:72:e0:6c:db:a1:c5:6d:a5:11:
         da:1a:b2:6c:59:3a:dd:4c:44:c2:02:24:42:b5:01:74:1f:cd:
         88:d3:c2:89:a6:7d:a3:33:95:0b:ca:42:94:26:e2:cd:7d:b4:
         a5:8d:89:45:39:c0:43:3c:59:18:ae:27:0a:ca:7f:d6:ee:1f:
         71:f7:52:38:dd:d6:56:87:95:71:dc:0a:c6:f8:73:1b:7e:7a:
         f7:f2:5d:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXFnqHJMqNNXlKsMp84wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMGE5MDBkNzBiZDEwZjdkMjIyMWE1NjQ4ZGE1NGE1ZTNm
NDQ3MTIwHhcNMjYwMzI5MDMwMDQ3WhcNMjYwMzMwMDMwMDQ3WjAzMTEwLwYDVQQD
Eyg5MTFlOGZjMTNlNDM5ODlmNzhhZjYxYzg3NjZlNzlhOGYyYjkwNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6I1veY6A2sRMPV2NLZKam54Zqv+6
68tTdzybwq4FCZqVYEQxeeUDruCRPZYvTFyxfCiFnfVvomLP5te5eTGrIpqNyani
fL2J7/6wuO3C6C/+3Kx30htVXHU49pLwXFIhrfyu613gjBAvIr3RZfRFEcmvgUaK
e4NoCM1W6a3yM3pcY/m3Sv61GDeYNi28tTYWvFhHlCsv84jgjzFBjUm6A4ctGTeF
1acU44oQOimUqR+7ejwyvwYcsQyVeuDRVffks1lIrBIYz5QGeQJ+O520EX3LW1io
DKuKYVPRH1xVtLKI2rBy2GNfyZLzOAFtijYXlD4K37HTzjJNjivvgAJRjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEej8E+Q5ifeK9hyHZueajyuQQaMB8GA1UdIwQY
MBaAFMwKkA1wvRD30iIaVkjaVKXj9EcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUt
MzgwMWM2MjE2ZTZjLzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUtMzgwMWM2MjE2ZTZj
LzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddTM0fE7
SHNzqYRffwFoN6YdLfP+pyO49ay0CQbkQvkzSaVkSJy6iu51CftLoxfEAFHQbnxu
7HVRwFT7qQFWNm7M8YV5Mj/2vVUmlqiMHAiytcI5ksAutI5VKnEBou64epj2LF8w
gECwf92mw09qxAykSlWgNl6yZYLTZrKnXWoy/k8v+275s4ufNMHCvySMdDBHgR6y
1JiHpedlHDiMraVr6b/pbN007CoPcuBs26HFbaUR2hqybFk63UxEwgIkQrUBdB/N
iNPCiaZ9ozOVC8pClCbizX20pY2JRTnAQzxZGK4nCsp/1u4fcfdSON3WVoeVcdwK
xvhzG3569/JdaQ==
-----END CERTIFICATE-----