Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft
File:                     Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft (raw, json)
Hash identifier:          j5hUlP4VslmV5PlaM+f/HhRAITEpQ4mCQqD7K28s8TI=
Subject key identifier:   EA:AF:44:E9:8A:4C:E7:FE:06:15:19:D4:EA:9F:2C:84:33:68:68:93
Authority key identifier: 67:70:C9:B9:40:57:48:D2:65:48:FD:5F:CA:7A:64:A0:38:D5:81:2D
Certificate issuer:       /CN=6770c9b9405748d26548fd5fca7a64a038d5812d
Certificate serial:       019D390A363BAD3B3EB514691A67E9E2CA56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3DJuUBXSNJlSP1fynpkoDjVgS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft
Manifest number:          13D1
Signing time:             Sun 29 Mar 2026 10:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 10:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 10:01:03 +0000
Files and hashes:         1: Z3DJuUBXSNJlSP1fynpkoDjVgS0.crl (hash: 87MO8IfwPReg5PrkKnYHsqnUjpCJVUebyLzYrzGQtQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3DJuUBXSNJlSP1fynpkoDjVgS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 10:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:36:3b:ad:3b:3e:b5:14:69:1a:67:e9:e2:ca:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6770c9b9405748d26548fd5fca7a64a038d5812d
        Validity
            Not Before: Mar 29 10:01:03 2026 GMT
            Not After : Mar 30 10:01:03 2026 GMT
        Subject: CN=eaaf44e98a4ce7fe061519d4ea9f2c8433686893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b5:f1:82:42:14:ae:fc:77:41:bc:92:68:75:
                    e1:f2:5e:3e:c3:90:23:ce:be:68:21:6c:77:c8:9f:
                    36:c3:62:5b:36:64:c3:f5:95:08:38:75:46:41:7e:
                    5b:9c:58:3a:88:47:8f:13:35:b5:d7:6e:a7:88:fc:
                    64:52:12:ae:e1:89:82:97:83:65:44:6f:c3:d5:1b:
                    1f:f2:de:38:b5:d5:27:29:78:78:14:1a:53:bc:9f:
                    e1:37:6a:33:51:db:19:1f:36:e0:29:36:d9:1b:35:
                    58:26:98:d0:0f:0b:3b:5f:1d:5f:2a:04:4e:3e:40:
                    ba:3f:41:8c:e4:77:25:4a:be:92:8b:06:6b:c8:7f:
                    93:2f:bb:18:49:dd:f7:e3:7e:c1:50:96:fe:54:bc:
                    01:2a:47:df:4c:8d:5c:2e:01:3f:dc:f9:b0:ac:a7:
                    30:ed:10:ac:64:37:66:18:b9:b5:f3:f6:60:e0:c0:
                    bf:c4:e0:44:a2:8a:4f:59:f6:ef:29:9e:34:74:c5:
                    5c:dd:4d:ba:02:63:f6:87:a2:40:51:be:25:21:77:
                    8c:59:f1:20:ef:82:ce:85:6c:fd:65:66:8f:0b:b3:
                    36:1e:21:17:80:24:33:62:eb:2e:b6:4d:e1:60:24:
                    2b:c9:27:fb:f7:83:bb:08:69:de:33:81:c2:13:84:
                    da:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:AF:44:E9:8A:4C:E7:FE:06:15:19:D4:EA:9F:2C:84:33:68:68:93
            X509v3 Authority Key Identifier:
                keyid:67:70:C9:B9:40:57:48:D2:65:48:FD:5F:CA:7A:64:A0:38:D5:81:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3DJuUBXSNJlSP1fynpkoDjVgS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9a56c5-b28c-43c9-a465-14887876aa0e/1/Z3DJuUBXSNJlSP1fynpkoDjVgS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:a6:1d:7a:b3:d6:00:0e:ae:18:66:35:23:3d:e1:65:9b:0b:
         98:10:af:83:59:9f:3d:d3:f6:d7:ed:bc:0e:42:f8:1d:39:1b:
         e0:6f:ed:91:16:fa:e2:91:04:e1:73:35:95:14:64:08:45:cf:
         a8:67:39:ee:22:9f:46:72:e7:b7:f1:c0:b5:94:32:54:aa:7a:
         5d:86:a3:09:74:60:16:8f:48:f8:bc:d0:63:98:15:f7:c7:9a:
         98:b9:e2:a4:a9:10:65:5c:9e:0d:59:1b:86:53:f6:8e:0e:28:
         95:ef:b6:41:ef:14:b5:8e:a6:e9:fb:95:71:03:a2:94:f3:e3:
         bf:cb:9c:61:7c:bc:2d:55:61:d3:70:5c:e5:0f:cf:55:bd:21:
         4e:95:6c:3c:44:03:e1:ad:1e:2f:ad:f5:2a:73:16:57:77:02:
         9a:4b:b0:e3:d2:4b:65:b0:f4:d2:27:b6:38:e7:06:29:2f:01:
         50:36:e9:f3:40:cb:97:13:e4:27:6f:76:90:0d:a7:cf:40:ce:
         b8:2a:98:c7:28:2f:e7:54:84:e2:6a:27:97:38:2b:3c:78:d6:
         f7:61:ab:73:23:c0:64:68:50:5b:ce:8d:25:93:f6:1f:6b:36:
         b4:b5:23:b7:f4:35:82:e8:b0:a2:51:2e:f8:e0:f0:39:b6:fc:
         02:89:3f:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CjY7rTs+tRRpGmfp4spWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzBjOWI5NDA1NzQ4ZDI2NTQ4ZmQ1ZmNhN2E2NGEwMzhk
NTgxMmQwHhcNMjYwMzI5MTAwMTAzWhcNMjYwMzMwMTAwMTAzWjAzMTEwLwYDVQQD
EyhlYWFmNDRlOThhNGNlN2ZlMDYxNTE5ZDRlYTlmMmM4NDMzNjg2ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbXxgkIUrvx3QbySaHXh8l4+w5Aj
zr5oIWx3yJ82w2JbNmTD9ZUIOHVGQX5bnFg6iEePEzW1126niPxkUhKu4YmCl4Nl
RG/D1Rsf8t44tdUnKXh4FBpTvJ/hN2ozUdsZHzbgKTbZGzVYJpjQDws7Xx1fKgRO
PkC6P0GM5HclSr6SiwZryH+TL7sYSd33437BUJb+VLwBKkffTI1cLgE/3PmwrKcw
7RCsZDdmGLm18/Zg4MC/xOBEoopPWfbvKZ40dMVc3U26AmP2h6JAUb4lIXeMWfEg
74LOhWz9ZWaPC7M2HiEXgCQzYusutk3hYCQrySf794O7CGneM4HCE4Ta4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqvROmKTOf+BhUZ1OqfLIQzaGiTMB8GA1UdIwQY
MBaAFGdwyblAV0jSZUj9X8p6ZKA41YEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNESnVVQlhTTkpsU1AxZnlucGtvRGpWZ1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85YTU2YzUtYjI4Yy00M2M5LWE0NjUt
MTQ4ODc4NzZhYTBlLzEvWjNESnVVQlhTTkpsU1AxZnlucGtvRGpWZ1MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85YTU2YzUtYjI4Yy00M2M5LWE0NjUtMTQ4ODc4NzZhYTBl
LzEvWjNESnVVQlhTTkpsU1AxZnlucGtvRGpWZ1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQaYderPW
AA6uGGY1Iz3hZZsLmBCvg1mfPdP21+28DkL4HTkb4G/tkRb64pEE4XM1lRRkCEXP
qGc57iKfRnLnt/HAtZQyVKp6XYajCXRgFo9I+LzQY5gV98eamLnipKkQZVyeDVkb
hlP2jg4ole+2Qe8UtY6m6fuVcQOilPPjv8ucYXy8LVVh03Bc5Q/PVb0hTpVsPEQD
4a0eL631KnMWV3cCmkuw49JLZbD00ie2OOcGKS8BUDbp80DLlxPkJ292kA2nz0DO
uCqYxygv51SE4monlzgrPHjW92GrcyPAZGhQW86NJZP2H2s2tLUjt/Q1guiwolEu
+ODwObb8Aok/9Q==
-----END CERTIFICATE-----