Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          nHFddNDFe2z43YbPgq1DKxlxlunGG38GjzEcC3C/Q3I=
Subject key identifier:   83:B2:D6:78:71:CA:96:86:0B:3C:EE:AF:25:54:F4:71:33:4B:BB:3D
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       019D39408BA066729005984BA68C292A003B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0CC8
Signing time:             Sun 29 Mar 2026 11:00:24 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:24 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:24 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: bhk4Sd9V4H0pT+JMnRe3VZqqwslXNtOx7nyRztSlVok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:8b:a0:66:72:90:05:98:4b:a6:8c:29:2a:00:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Mar 29 11:00:24 2026 GMT
            Not After : Mar 30 11:00:24 2026 GMT
        Subject: CN=83b2d67871ca96860b3ceeaf2554f471334bbb3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:cf:70:ed:ff:dc:4e:9b:6c:1d:bc:f6:5e:af:
                    05:4a:4b:ce:50:68:6e:d7:c9:0c:68:23:bc:78:26:
                    fe:ab:68:15:d4:17:b3:7a:88:7e:cf:5b:7e:85:36:
                    ae:a1:3b:66:e3:20:7b:0a:dc:6b:44:f8:4d:52:6e:
                    87:8c:4e:5a:fa:ed:b1:45:84:00:ce:97:58:20:1e:
                    e9:81:6c:e4:75:03:87:d8:67:05:60:cb:91:57:c8:
                    9e:37:f3:cf:c2:17:f9:cf:dd:de:2c:6b:91:00:6a:
                    91:6a:41:62:1f:5d:b4:f1:54:75:69:4d:0d:14:f6:
                    86:e7:31:c2:d4:c1:6d:52:b7:d8:3a:cf:c0:ac:78:
                    8b:c4:53:cc:a1:29:bb:8e:93:e5:61:4c:b2:00:a2:
                    1e:d3:54:72:3d:31:7c:91:6c:87:91:12:48:fd:e3:
                    13:74:aa:ac:40:db:c2:1b:b7:91:a6:b8:c6:75:01:
                    08:a8:3a:6d:c5:07:27:28:cf:fe:7f:0f:55:4c:5f:
                    dc:cc:86:06:40:b0:e4:25:c2:69:c8:be:cd:d0:85:
                    59:2f:7e:d8:d6:db:19:7c:bc:92:3e:ef:69:57:47:
                    e8:d3:28:80:b9:10:ff:53:25:86:ed:91:ee:b9:23:
                    93:f8:dd:e1:9b:5c:d6:4d:5e:53:42:62:47:b3:1c:
                    4c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B2:D6:78:71:CA:96:86:0B:3C:EE:AF:25:54:F4:71:33:4B:BB:3D
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:e7:8a:7e:91:ac:fb:89:c8:f7:77:c6:84:fc:71:2d:b3:f7:
         08:6b:e4:fd:1b:2a:56:68:4c:4b:a4:ed:0f:bb:c6:0f:20:6d:
         ba:92:aa:af:e4:90:35:de:91:69:66:1e:e4:f1:42:47:a5:1d:
         a4:de:5a:2b:3b:45:67:0d:e0:93:20:85:73:d0:98:56:70:4b:
         ce:33:69:3e:50:8d:17:61:b0:57:ba:b6:8f:c1:23:f4:bc:95:
         c4:42:29:be:cf:57:1a:3c:56:1f:d8:84:17:5d:0c:ec:4a:e2:
         f5:0c:2e:09:9d:6e:71:e3:eb:74:bc:10:0b:0c:4a:21:f2:32:
         77:1b:37:38:4b:08:89:27:bd:26:38:ad:cf:6c:52:cf:d9:5e:
         34:f5:9a:5f:22:c7:4b:c3:38:5a:d8:cd:8b:01:65:0f:7c:e8:
         f1:c9:18:9f:c0:0e:ee:81:f8:8b:60:5f:69:30:f9:83:48:1c:
         6d:3a:e3:1f:cd:f4:6f:96:92:7f:e1:ab:45:cd:18:ff:ce:a1:
         14:0a:fa:ae:63:c9:7a:69:7f:ec:48:3d:d9:31:70:f2:6a:78:
         55:1f:52:2b:64:61:e1:0e:50:34:26:e9:48:4a:14:ac:f8:86:
         1a:3e:37:1e:f1:af:bb:00:75:d3:ff:77:29:4d:e5:5b:02:61:
         e2:3b:d9:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QIugZnKQBZhLpowpKgA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjYwMzI5MTEwMDI0WhcNMjYwMzMwMTEwMDI0WjAzMTEwLwYDVQQD
Eyg4M2IyZDY3ODcxY2E5Njg2MGIzY2VlYWYyNTU0ZjQ3MTMzNGJiYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA189w7f/cTptsHbz2Xq8FSkvOUGhu
18kMaCO8eCb+q2gV1Bezeoh+z1t+hTauoTtm4yB7CtxrRPhNUm6HjE5a+u2xRYQA
zpdYIB7pgWzkdQOH2GcFYMuRV8ieN/PPwhf5z93eLGuRAGqRakFiH1208VR1aU0N
FPaG5zHC1MFtUrfYOs/ArHiLxFPMoSm7jpPlYUyyAKIe01RyPTF8kWyHkRJI/eMT
dKqsQNvCG7eRprjGdQEIqDptxQcnKM/+fw9VTF/czIYGQLDkJcJpyL7N0IVZL37Y
1tsZfLySPu9pV0fo0yiAuRD/UyWG7ZHuuSOT+N3hm1zWTV5TQmJHsxxMJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOy1nhxypaGCzzuryVU9HEzS7s9MB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb+eKfpGs
+4nI93fGhPxxLbP3CGvk/RsqVmhMS6TtD7vGDyBtupKqr+SQNd6RaWYe5PFCR6Ud
pN5aKztFZw3gkyCFc9CYVnBLzjNpPlCNF2GwV7q2j8Ej9LyVxEIpvs9XGjxWH9iE
F10M7Eri9QwuCZ1ucePrdLwQCwxKIfIydxs3OEsIiSe9Jjitz2xSz9leNPWaXyLH
S8M4WtjNiwFlD3zo8ckYn8AO7oH4i2BfaTD5g0gcbTrjH830b5aSf+GrRc0Y/86h
FAr6rmPJeml/7Eg92TFw8mp4VR9SK2Rh4Q5QNCbpSEoUrPiGGj43HvGvuwB10/93
KU3lWwJh4jvZ2A==
-----END CERTIFICATE-----