Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          bmItA3PSQkttCNZWZaAQ371+r5h0pEWS2kSOeZX0yeQ=
Subject key identifier:   45:C8:3F:D8:50:A2:10:75:A4:C1:CC:48:11:98:EC:A4:4E:8C:1E:8D
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       019D329AF4AAFF18A32B3AA5563D54FAE58A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          188A
Signing time:             Sat 28 Mar 2026 04:01:49 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:49 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:49 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: SLyurOCMJ7hTbLwpTfO4D5AOnYJuZnu+NQ+GmnKYRAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:f4:aa:ff:18:a3:2b:3a:a5:56:3d:54:fa:e5:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Mar 28 04:01:49 2026 GMT
            Not After : Mar 29 04:01:49 2026 GMT
        Subject: CN=45c83fd850a21075a4c1cc481198eca44e8c1e8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d0:c5:72:be:bd:71:5a:06:da:ce:4f:d0:35:
                    06:c7:ef:6f:b4:72:cd:4e:a0:ee:62:0e:05:ad:2d:
                    0a:8f:0f:df:d2:e7:c5:6b:4d:d4:74:ab:8e:20:a8:
                    3c:ee:ff:bb:a5:8f:8f:d1:0c:8c:bf:f1:ee:07:79:
                    76:d8:8f:72:99:f7:18:55:ff:c3:c8:6a:ab:3d:6e:
                    a0:3b:dc:53:f5:c6:80:25:40:9a:a1:53:1a:17:03:
                    e0:a3:ae:7f:46:44:42:93:2d:f4:71:5b:7b:8f:27:
                    85:15:93:72:11:1f:0b:ac:a6:3e:3c:9d:2c:89:9c:
                    dc:9d:cd:e0:99:d1:53:fa:fa:ba:d4:3d:8d:82:68:
                    d7:39:81:c5:16:77:37:db:02:94:a4:5e:a3:fe:82:
                    dd:59:40:4b:43:86:6c:69:37:9d:7e:9e:12:32:1e:
                    78:fa:b3:b4:b2:db:90:0c:d3:13:9e:ee:2f:7a:e4:
                    12:c7:ce:e0:88:85:dc:38:94:3a:70:1a:1a:63:0e:
                    a4:a6:67:b1:5c:4c:b8:5b:ef:3c:af:83:e3:59:e2:
                    30:13:b4:ce:fc:94:66:4a:50:06:6e:6b:ba:e4:ce:
                    e7:75:4b:a1:65:bd:ab:84:2e:99:48:a0:4e:7d:dd:
                    d3:c5:e7:83:55:09:ac:32:ac:5c:d4:89:82:04:f9:
                    56:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:C8:3F:D8:50:A2:10:75:A4:C1:CC:48:11:98:EC:A4:4E:8C:1E:8D
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:37:78:fb:79:e4:43:6b:b2:6a:8d:fc:92:77:87:c6:6a:f3:
         87:9e:16:36:6e:b3:13:71:7e:a6:d9:0d:64:7e:e8:ce:e0:ca:
         6e:ba:da:89:02:f2:2e:e5:61:68:22:f9:64:ac:0d:c0:e2:d9:
         c4:69:0c:b0:f2:fb:94:70:62:86:3d:f6:d5:a6:03:04:1c:c8:
         91:d0:36:d7:21:01:93:81:f8:4e:b0:5b:c3:84:78:01:19:7f:
         98:bc:65:57:99:dc:26:ac:26:e9:a8:8b:e7:f0:0c:fb:7f:eb:
         21:6e:22:9e:49:57:fd:9a:02:4d:14:6f:a2:09:06:42:9a:7d:
         2a:84:b2:6e:55:af:d6:fb:9a:50:ec:a8:51:c9:38:92:24:d4:
         3c:ef:73:85:8c:f3:9c:9e:21:5e:05:27:55:c7:a7:ce:a3:e2:
         ed:3f:fa:90:de:55:bd:0b:20:6e:4c:7e:5d:81:39:c7:cd:3e:
         c6:12:57:ef:75:32:f6:e0:fc:e7:01:ef:e6:c5:16:df:90:38:
         dc:db:8d:6d:7b:42:c8:af:11:c3:40:82:e8:49:4c:cd:68:8d:
         fa:c2:03:f4:3b:63:99:59:3d:09:3d:7d:85:3a:8e:a2:aa:53:
         26:0d:ca:85:6b:89:b6:3b:c6:ab:37:2b:17:62:e6:26:2a:09:
         0c:07:b1:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymvSq/xijKzqlVj1U+uWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjYwMzI4MDQwMTQ5WhcNMjYwMzI5MDQwMTQ5WjAzMTEwLwYDVQQD
Eyg0NWM4M2ZkODUwYTIxMDc1YTRjMWNjNDgxMTk4ZWNhNDRlOGMxZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodDFcr69cVoG2s5P0DUGx+9vtHLN
TqDuYg4FrS0Kjw/f0ufFa03UdKuOIKg87v+7pY+P0QyMv/HuB3l22I9ymfcYVf/D
yGqrPW6gO9xT9caAJUCaoVMaFwPgo65/RkRCky30cVt7jyeFFZNyER8LrKY+PJ0s
iZzcnc3gmdFT+vq61D2NgmjXOYHFFnc32wKUpF6j/oLdWUBLQ4ZsaTedfp4SMh54
+rO0stuQDNMTnu4veuQSx87giIXcOJQ6cBoaYw6kpmexXEy4W+88r4PjWeIwE7TO
/JRmSlAGbmu65M7ndUuhZb2rhC6ZSKBOfd3TxeeDVQmsMqxc1ImCBPlWwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXIP9hQohB1pMHMSBGY7KROjB6NMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVjd4+3nk
Q2uyao38kneHxmrzh54WNm6zE3F+ptkNZH7ozuDKbrraiQLyLuVhaCL5ZKwNwOLZ
xGkMsPL7lHBihj321aYDBBzIkdA21yEBk4H4TrBbw4R4ARl/mLxlV5ncJqwm6aiL
5/AM+3/rIW4inklX/ZoCTRRvogkGQpp9KoSyblWv1vuaUOyoUck4kiTUPO9zhYzz
nJ4hXgUnVcenzqPi7T/6kN5VvQsgbkx+XYE5x80+xhJX73Uy9uD85wHv5sUW35A4
3NuNbXtCyK8Rw0CC6ElMzWiN+sID9DtjmVk9CT19hTqOoqpTJg3KhWuJtjvGqzcr
F2LmJioJDAexPw==
-----END CERTIFICATE-----