Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          fQiyVbmlIcBB3RiQfZD3rVG5GI7Z5Gx3Z/cH91c3asY=
Subject key identifier:   B5:C1:22:AA:9B:0E:77:60:98:DD:0B:FE:67:EA:71:94:0C:6C:E2:AB
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019D28F20297AA1F667C69A2CAE2D18F0919
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0F68
Signing time:             Thu 26 Mar 2026 07:00:42 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:42 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:42 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: UrDwnv6r8i/zlv4gwKb2guKMFJalgKWE/JGWs33cu7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:02:97:aa:1f:66:7c:69:a2:ca:e2:d1:8f:09:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Mar 26 07:00:42 2026 GMT
            Not After : Mar 27 07:00:42 2026 GMT
        Subject: CN=b5c122aa9b0e776098dd0bfe67ea71940c6ce2ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c6:b7:6c:38:2f:0b:73:54:7c:ca:0f:da:5f:
                    d7:02:a9:0a:5b:6c:24:56:29:f4:e8:b9:66:98:bf:
                    05:3d:ae:35:a2:85:ab:2a:65:0b:f1:b3:e0:23:01:
                    42:cc:8e:b6:36:47:07:97:8c:64:1e:7c:19:09:cf:
                    74:c4:60:9e:cb:b1:d9:97:34:b4:5d:3f:39:f7:2f:
                    ff:5c:48:fc:cc:fc:3b:7a:65:5e:87:dd:8e:22:4e:
                    a5:46:21:df:8e:b0:20:d0:26:71:45:b4:b9:56:51:
                    ed:49:da:97:bf:75:3d:60:72:8b:48:ce:de:8b:f7:
                    da:cd:b9:02:29:45:40:81:18:e2:14:a1:22:d9:9b:
                    67:0a:2f:54:8e:3d:9f:c1:52:06:b2:31:ef:05:e4:
                    00:28:87:c9:3d:c3:dd:f3:54:fe:a5:dd:9c:01:30:
                    78:a5:2e:dc:32:10:fb:9b:76:2c:e7:7a:d9:1f:ff:
                    20:fc:45:ce:05:43:f7:b1:95:d4:a1:8c:84:34:82:
                    91:d7:6a:79:ac:28:34:73:8b:d1:58:52:73:98:bc:
                    3c:26:2c:fe:6b:6f:06:4a:33:22:30:6c:4e:a0:08:
                    99:5a:c1:ee:ca:91:61:8c:3d:43:79:2e:ea:6e:75:
                    6e:c4:a7:98:ff:52:dd:56:59:d3:5e:ed:a9:61:2a:
                    fb:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:C1:22:AA:9B:0E:77:60:98:DD:0B:FE:67:EA:71:94:0C:6C:E2:AB
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:2e:5a:13:fe:54:fe:21:e5:d0:3e:c5:37:9a:e7:3d:3d:26:
         44:7f:c6:cf:e7:01:fb:7c:34:35:ae:59:1e:2b:99:2b:cb:6b:
         a0:51:cb:d2:6b:3f:66:93:70:70:e7:10:ce:a5:1a:fa:5a:67:
         48:f7:c1:63:42:ff:32:7b:19:b5:44:7d:9b:f7:da:32:ce:53:
         92:cc:65:f6:cf:20:3b:24:24:63:97:18:52:54:8b:e6:2f:b8:
         62:48:0f:42:bb:e4:f3:9c:05:90:49:a7:d1:cf:72:67:79:48:
         8d:0a:47:e4:7f:ad:c1:53:8f:0d:d5:ee:70:dd:0e:9a:dc:c5:
         22:98:9a:1e:6c:8d:c2:b5:37:9a:1d:2f:07:56:b2:3d:aa:a5:
         1f:dd:6d:c8:05:dc:59:37:88:c6:a8:12:2a:50:7e:63:76:20:
         eb:00:c9:69:0a:0f:e8:18:f2:e7:d2:02:03:49:ad:59:90:cc:
         f4:f8:e2:e0:88:11:58:6c:8b:85:98:6a:7a:62:9f:5e:59:51:
         b2:a4:d1:76:34:53:a5:16:c5:a0:05:2a:fc:ca:c9:ee:bd:e1:
         3d:43:74:41:54:da:c1:7f:fc:60:d1:8f:2c:8b:b2:d5:83:ff:
         cb:b4:da:c2:df:1f:96:2d:d6:74:31:b9:ef:f6:5c:15:18:fc:
         78:38:5a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8gKXqh9mfGmiyuLRjwkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwMzI2MDcwMDQyWhcNMjYwMzI3MDcwMDQyWjAzMTEwLwYDVQQD
EyhiNWMxMjJhYTliMGU3NzYwOThkZDBiZmU2N2VhNzE5NDBjNmNlMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8a3bDgvC3NUfMoP2l/XAqkKW2wk
Vin06LlmmL8FPa41ooWrKmUL8bPgIwFCzI62NkcHl4xkHnwZCc90xGCey7HZlzS0
XT859y//XEj8zPw7emVeh92OIk6lRiHfjrAg0CZxRbS5VlHtSdqXv3U9YHKLSM7e
i/fazbkCKUVAgRjiFKEi2ZtnCi9Ujj2fwVIGsjHvBeQAKIfJPcPd81T+pd2cATB4
pS7cMhD7m3Ys53rZH/8g/EXOBUP3sZXUoYyENIKR12p5rCg0c4vRWFJzmLw8Jiz+
a28GSjMiMGxOoAiZWsHuypFhjD1DeS7qbnVuxKeY/1LdVlnTXu2pYSr7BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXBIqqbDndgmN0L/mfqcZQMbOKrMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUi5aE/5U
/iHl0D7FN5rnPT0mRH/Gz+cB+3w0Na5ZHiuZK8troFHL0ms/ZpNwcOcQzqUa+lpn
SPfBY0L/MnsZtUR9m/faMs5Tksxl9s8gOyQkY5cYUlSL5i+4YkgPQrvk85wFkEmn
0c9yZ3lIjQpH5H+twVOPDdXucN0OmtzFIpiaHmyNwrU3mh0vB1ayPaqlH91tyAXc
WTeIxqgSKlB+Y3Yg6wDJaQoP6Bjy59ICA0mtWZDM9Pji4IgRWGyLhZhqemKfXllR
sqTRdjRTpRbFoAUq/MrJ7r3hPUN0QVTawX/8YNGPLIuy1YP/y7Tawt8fli3WdDG5
7/ZcFRj8eDhaGA==
-----END CERTIFICATE-----