Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          wvn9LMSu5L7ZdJSJg6RT+u1vWIIwP68PU+OKWK/6sUg=
Subject key identifier:   5C:2F:59:C4:18:E4:F1:A0:92:C3:1E:89:8A:D4:E4:89:91:BA:DC:C3
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       019D38D2A9F784FCA556C30B9846B5DBAD2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          1848
Signing time:             Sun 29 Mar 2026 09:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:23 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: HOzYU5BxKvVXhbuTM8Ayr/4kbPZufLu/5XE+HpIjZ6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:a9:f7:84:fc:a5:56:c3:0b:98:46:b5:db:ad:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: Mar 29 09:00:23 2026 GMT
            Not After : Mar 30 09:00:23 2026 GMT
        Subject: CN=5c2f59c418e4f1a092c31e898ad4e48991badcc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:65:72:55:27:18:0e:bc:9a:89:59:79:9d:7a:
                    6d:9c:a9:7d:d7:09:33:38:e3:81:62:9d:bf:49:80:
                    a7:2e:e3:95:61:19:d1:e4:33:7e:53:7d:55:72:cc:
                    05:f4:b8:be:35:59:6b:77:1f:0c:69:c1:8c:d4:20:
                    ac:70:87:ba:28:a9:2e:95:8d:f4:20:72:e6:27:a2:
                    85:db:eb:32:b1:a3:e2:2f:ab:98:f8:a2:ab:be:ba:
                    8c:a1:f5:1a:7b:b0:6d:68:fa:39:8a:a6:6c:c4:d3:
                    d4:39:2e:5d:84:bb:22:07:f1:9b:62:55:9f:3a:f7:
                    b7:82:88:a1:9e:e7:a0:8b:c4:22:6f:91:96:08:2d:
                    5d:13:0b:98:1a:49:26:c1:d6:fa:76:e4:d7:b0:3d:
                    63:4a:2e:82:f6:40:9d:e0:50:5d:4b:90:35:8b:3e:
                    f5:65:0c:ab:ff:01:5c:f2:c6:c3:8c:dc:da:25:82:
                    20:83:03:6c:08:2a:20:8d:1f:55:0e:e4:35:21:bc:
                    a2:ee:ff:72:e7:3a:b8:d8:40:85:2f:51:be:91:61:
                    ee:2d:a0:79:85:e6:15:cf:d8:f9:f2:5c:16:48:fc:
                    f2:b9:11:4b:66:7d:38:55:a8:36:54:66:1b:c6:e8:
                    ae:f4:59:38:06:fa:18:9c:59:2a:9d:10:43:6a:a9:
                    eb:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:2F:59:C4:18:E4:F1:A0:92:C3:1E:89:8A:D4:E4:89:91:BA:DC:C3
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:2c:0f:be:36:6e:0e:f8:1d:b7:bf:b3:e6:82:0e:30:cd:e6:
         a2:89:9c:ec:37:99:8e:b5:8d:33:b6:da:46:de:9c:5a:ad:38:
         34:d4:47:17:73:16:f0:c1:0c:2c:08:5e:b2:9f:7d:32:8a:04:
         22:c4:f7:f6:a4:7b:a9:b5:12:54:4e:4d:f5:94:2d:b9:cb:ab:
         a7:f5:20:93:5c:0f:51:de:49:29:14:fc:f0:e9:70:8e:31:d9:
         da:2f:8e:b1:fb:e5:22:db:24:60:c5:58:12:cf:3b:6c:fc:93:
         bc:72:be:b8:97:e9:01:e7:3a:ed:8a:84:56:6f:01:12:71:41:
         2c:b5:70:b8:58:f3:28:7f:01:5b:af:19:b4:c0:29:19:c7:3d:
         59:47:be:81:b7:70:57:ce:e6:8d:9a:db:90:16:43:c0:2d:6f:
         01:2e:4d:44:3d:db:3d:38:74:0b:ae:3d:80:a8:a1:90:bf:20:
         c7:a0:55:0a:04:5a:18:75:56:06:85:22:19:e2:94:97:b1:0c:
         c6:be:74:cc:b9:f4:c6:a7:d5:2e:ef:75:3b:67:01:0f:d8:2b:
         ed:15:ab:20:9d:aa:98:93:e1:a9:7d:d1:b7:70:2c:39:6b:12:
         75:6e:dc:92:c9:c7:19:4a:97:99:69:cd:87:c4:94:85:a0:8d:
         6c:8a:76:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040qn3hPylVsMLmEa1260uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjYwMzI5MDkwMDIzWhcNMjYwMzMwMDkwMDIzWjAzMTEwLwYDVQQD
Eyg1YzJmNTljNDE4ZTRmMWEwOTJjMzFlODk4YWQ0ZTQ4OTkxYmFkY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmVyVScYDryaiVl5nXptnKl91wkz
OOOBYp2/SYCnLuOVYRnR5DN+U31VcswF9Li+NVlrdx8MacGM1CCscIe6KKkulY30
IHLmJ6KF2+sysaPiL6uY+KKrvrqMofUae7BtaPo5iqZsxNPUOS5dhLsiB/GbYlWf
Ove3goihnuegi8Qib5GWCC1dEwuYGkkmwdb6duTXsD1jSi6C9kCd4FBdS5A1iz71
ZQyr/wFc8sbDjNzaJYIggwNsCCogjR9VDuQ1Ibyi7v9y5zq42ECFL1G+kWHuLaB5
heYVz9j58lwWSPzyuRFLZn04Vag2VGYbxuiu9Fk4BvoYnFkqnRBDaqnrMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwvWcQY5PGgksMeiYrU5ImRutzDMB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaywPvjZu
Dvgdt7+z5oIOMM3moomc7DeZjrWNM7baRt6cWq04NNRHF3MW8MEMLAhesp99MooE
IsT39qR7qbUSVE5N9ZQtucurp/Ugk1wPUd5JKRT88OlwjjHZ2i+OsfvlItskYMVY
Es87bPyTvHK+uJfpAec67YqEVm8BEnFBLLVwuFjzKH8BW68ZtMApGcc9WUe+gbdw
V87mjZrbkBZDwC1vAS5NRD3bPTh0C649gKihkL8gx6BVCgRaGHVWBoUiGeKUl7EM
xr50zLn0xqfVLu91O2cBD9gr7RWrIJ2qmJPhqX3Rt3AsOWsSdW7cksnHGUqXmWnN
h8SUhaCNbIp2Ew==
-----END CERTIFICATE-----