Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          K8aOLhI3BS3LnUAZ436Wt2D3jZZA6nfFDjPN1QS7icA=
Subject key identifier:   C2:BB:E3:D9:0D:C7:EA:B0:DC:29:2F:F6:1E:93:39:76:8D:D2:31:E8
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       019D38D3B4E5EECCB849533A37EAF28FAB25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          049E
Signing time:             Sun 29 Mar 2026 09:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:31 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: 88/NKcuDWrrqSHzfAuP8N1ZHQJ/HwHoZBGomjCL0zFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:b4:e5:ee:cc:b8:49:53:3a:37:ea:f2:8f:ab:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Mar 29 09:01:31 2026 GMT
            Not After : Mar 30 09:01:31 2026 GMT
        Subject: CN=c2bbe3d90dc7eab0dc292ff61e9339768dd231e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1f:3a:cd:37:49:15:7b:78:a0:41:01:dc:1c:
                    70:2b:5d:81:56:43:1b:c8:84:d4:5f:b3:ec:4c:1e:
                    10:cf:5c:0c:bb:34:32:86:66:86:7f:a4:af:f1:3e:
                    ab:12:b1:81:ae:5f:53:f1:47:32:d9:93:09:60:2d:
                    f8:86:e7:c1:20:f2:bf:d2:be:57:c6:cd:05:ff:3d:
                    68:5b:30:ba:c9:35:c4:94:59:4e:4a:c5:78:07:23:
                    50:aa:b8:2f:44:77:cf:1c:6d:96:91:bd:c6:58:e8:
                    a1:27:16:c8:ea:f3:e4:8f:51:90:4f:4b:fe:db:ff:
                    2a:89:9c:e9:63:4f:7c:d8:7e:04:5e:92:04:17:a9:
                    09:fc:2f:db:01:97:52:62:ae:3a:e5:64:55:3b:04:
                    2a:65:83:02:d0:a5:e3:be:21:6f:4a:95:28:e6:e0:
                    ec:a0:b3:6a:2f:00:a1:75:2b:4b:26:db:69:69:74:
                    82:a9:78:01:17:c3:7f:d0:60:d7:ab:ca:ea:2c:41:
                    6a:d0:28:6f:d7:85:55:fe:2f:46:6c:65:3c:c5:26:
                    2c:00:c0:85:39:f6:5c:ee:39:71:74:06:33:93:36:
                    c5:84:b6:67:9a:56:ff:77:7b:40:d3:d5:84:2d:9c:
                    7b:b7:3a:98:fc:22:c5:36:e7:b6:8a:cc:de:1b:dc:
                    5c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:BB:E3:D9:0D:C7:EA:B0:DC:29:2F:F6:1E:93:39:76:8D:D2:31:E8
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:72:8a:f4:e9:79:99:2d:bf:59:e0:be:a5:7e:05:e9:b6:5f:
         35:1c:94:98:bc:c2:77:71:6c:f5:f5:cf:18:0b:ba:7f:fd:d4:
         e1:77:c1:36:fe:c2:da:ca:e9:69:ab:77:9a:03:8d:05:ad:51:
         fe:e5:ab:e3:d5:a9:5c:4a:a9:a7:4a:a5:79:0e:50:c0:cc:9b:
         e2:91:3a:9c:19:67:78:6d:1c:39:cb:94:1b:0e:e4:42:37:c0:
         69:6b:65:17:3e:17:41:ec:0a:23:9d:66:2e:90:99:d7:04:14:
         11:bc:7f:f1:d8:58:d4:59:53:bc:24:8c:f7:4c:ab:3b:6d:4c:
         6d:45:6d:c1:72:8f:b5:c8:99:42:55:5b:8c:46:9a:45:92:d4:
         9f:52:cd:fa:24:14:cd:7a:ae:f2:9f:d3:43:de:9c:56:be:b7:
         f4:46:e1:48:ee:98:35:fb:17:b6:ba:38:e5:f5:b1:8e:65:76:
         06:ee:b3:b7:0e:93:0d:aa:ba:e2:93:28:bc:65:61:80:96:9f:
         86:26:32:86:cd:b1:b5:31:5e:2b:af:95:a3:fe:d7:6e:7f:07:
         77:b5:ee:1f:98:d8:9c:9a:a5:93:09:0e:06:eb:b8:48:03:d1:
         da:73:bb:ef:75:0d:32:aa:36:be:55:1a:f9:0c:26:83:63:40:
         ec:9f:08:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407Tl7sy4SVM6N+ryj6slMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
EyhjMmJiZTNkOTBkYzdlYWIwZGMyOTJmZjYxZTkzMzk3NjhkZDIzMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux86zTdJFXt4oEEB3BxwK12BVkMb
yITUX7PsTB4Qz1wMuzQyhmaGf6Sv8T6rErGBrl9T8Ucy2ZMJYC34hufBIPK/0r5X
xs0F/z1oWzC6yTXElFlOSsV4ByNQqrgvRHfPHG2Wkb3GWOihJxbI6vPkj1GQT0v+
2/8qiZzpY0982H4EXpIEF6kJ/C/bAZdSYq465WRVOwQqZYMC0KXjviFvSpUo5uDs
oLNqLwChdStLJttpaXSCqXgBF8N/0GDXq8rqLEFq0Chv14VV/i9GbGU8xSYsAMCF
OfZc7jlxdAYzkzbFhLZnmlb/d3tA09WELZx7tzqY/CLFNue2iszeG9xcjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMK749kNx+qw3Ckv9h6TOXaN0jHoMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnKK9Ol5
mS2/WeC+pX4F6bZfNRyUmLzCd3Fs9fXPGAu6f/3U4XfBNv7C2srpaat3mgONBa1R
/uWr49WpXEqpp0qleQ5QwMyb4pE6nBlneG0cOcuUGw7kQjfAaWtlFz4XQewKI51m
LpCZ1wQUEbx/8dhY1FlTvCSM90yrO21MbUVtwXKPtciZQlVbjEaaRZLUn1LN+iQU
zXqu8p/TQ96cVr639EbhSO6YNfsXtro45fWxjmV2Bu6ztw6TDaq64pMovGVhgJaf
hiYyhs2xtTFeK6+Vo/7Xbn8Hd7XuH5jYnJqlkwkOBuu4SAPR2nO773UNMqo2vlUa
+Qwmg2NA7J8IIA==
-----END CERTIFICATE-----