Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
File:                     ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft (raw, json)
Hash identifier:          j2JpgfJxZpuXDWzhAzDfbFHWkYWPe7XlcN1XYxRMHB0=
Subject key identifier:   25:77:26:13:32:31:ED:33:8D:BB:1E:8A:C4:98:FC:C3:E4:C9:EB:81
Authority key identifier: 66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8
Certificate issuer:       /CN=6683a96cf511a67919d900f3fc934099341f87d8
Certificate serial:       019D2704155C8601C069F9EC117F4691AE6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
Manifest number:          1065
Signing time:             Wed 25 Mar 2026 22:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:12 +0000
Files and hashes:         1: ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl (hash: ksmI3SJ+fj0sZKRihut8SE7zrBypafIxaQfTqIaT0y4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:15:5c:86:01:c0:69:f9:ec:11:7f:46:91:ae:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6683a96cf511a67919d900f3fc934099341f87d8
        Validity
            Not Before: Mar 25 22:01:12 2026 GMT
            Not After : Mar 26 22:01:12 2026 GMT
        Subject: CN=257726133231ed338dbb1e8ac498fcc3e4c9eb81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:38:04:bd:c6:02:c8:7e:1b:bc:68:05:5b:c6:
                    88:d0:e1:14:31:9a:d5:52:37:7e:3e:cf:6d:d0:f5:
                    88:04:fb:0f:e6:1d:18:c5:52:0a:7e:7e:5a:91:1b:
                    35:2e:49:bc:2e:c9:51:a0:6b:bf:18:60:ee:3d:cd:
                    e2:3f:de:df:16:7c:94:49:31:e5:92:2a:16:a5:27:
                    12:b5:e1:4c:37:b8:8a:21:db:7d:93:a0:9a:04:5b:
                    94:54:39:51:28:13:2c:5d:bb:d8:5b:76:b5:f6:e9:
                    29:89:45:82:7f:6a:39:ad:d1:c2:59:39:52:66:ef:
                    1a:d0:76:59:c7:44:2f:15:1e:db:bd:ca:dc:de:8d:
                    01:86:0b:95:52:b2:a9:6d:af:3d:a4:be:a0:7e:8b:
                    b6:db:ec:a4:9e:17:36:8c:38:fe:60:3a:87:d2:2b:
                    ab:46:d3:b2:cc:b7:31:52:a0:25:7a:3e:0d:7d:a8:
                    ad:1a:9c:85:62:bb:7d:4c:79:fe:67:a7:77:60:c3:
                    ac:3d:2f:40:e9:a3:3a:c4:c3:3c:af:6b:cf:7b:7c:
                    96:2d:8e:09:5a:42:dc:c1:88:d1:b1:8e:54:fe:39:
                    20:26:7c:f6:46:b5:1a:6b:c4:50:31:c3:8a:f0:ed:
                    6b:33:2d:8a:61:cb:df:8a:3f:91:64:3f:2d:95:bb:
                    9f:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:77:26:13:32:31:ED:33:8D:BB:1E:8A:C4:98:FC:C3:E4:C9:EB:81
            X509v3 Authority Key Identifier:
                keyid:66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:f7:05:34:3c:65:3f:b0:e8:fb:79:42:fa:d7:bd:9f:70:2c:
         01:97:65:19:5c:f3:bb:6c:df:e1:67:59:3f:58:dd:47:9c:ee:
         4d:f5:cb:ea:44:af:27:e5:87:36:21:b8:1a:47:a1:aa:f4:b4:
         4c:b8:22:c0:92:f4:67:18:d2:20:58:ef:b8:d8:b8:61:49:c7:
         02:1f:88:6b:74:98:c7:cd:6d:fd:ce:67:1d:b1:11:01:48:7c:
         58:a8:f7:c1:15:16:31:1b:e3:60:4c:4c:6c:a4:8f:45:7d:87:
         0c:3d:6a:a4:ed:90:cb:c3:9d:c0:10:f0:54:e7:e4:4b:53:df:
         53:d1:d0:29:ed:24:fa:46:81:f0:29:bd:e2:da:91:23:2a:0b:
         17:57:89:77:bb:f1:6a:26:31:2e:ae:f3:24:5c:ea:b4:1d:6c:
         4b:a5:b1:2f:90:b6:0c:f2:6e:f4:31:34:7b:3a:e9:09:a7:f3:
         9e:c7:15:be:ad:0b:20:f1:8b:56:64:f5:d9:0c:83:bc:d5:af:
         4d:f3:e2:b9:e6:56:49:42:08:4b:df:17:08:2b:ef:f7:cb:96:
         9e:35:23:ad:28:ff:40:43:7d:04:ce:64:05:33:2e:7b:49:7d:
         f1:f7:a0:8a:2f:a2:a3:16:b6:ad:1c:1c:e4:ae:be:bb:78:21:
         67:87:68:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBVchgHAafnsEX9Gka5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODNhOTZjZjUxMWE2NzkxOWQ5MDBmM2ZjOTM0MDk5MzQx
Zjg3ZDgwHhcNMjYwMzI1MjIwMTEyWhcNMjYwMzI2MjIwMTEyWjAzMTEwLwYDVQQD
EygyNTc3MjYxMzMyMzFlZDMzOGRiYjFlOGFjNDk4ZmNjM2U0YzllYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDgEvcYCyH4bvGgFW8aI0OEUMZrV
Ujd+Ps9t0PWIBPsP5h0YxVIKfn5akRs1Lkm8LslRoGu/GGDuPc3iP97fFnyUSTHl
kioWpScSteFMN7iKIdt9k6CaBFuUVDlRKBMsXbvYW3a19ukpiUWCf2o5rdHCWTlS
Zu8a0HZZx0QvFR7bvcrc3o0BhguVUrKpba89pL6gfou22+yknhc2jDj+YDqH0iur
RtOyzLcxUqAlej4NfaitGpyFYrt9THn+Z6d3YMOsPS9A6aM6xMM8r2vPe3yWLY4J
WkLcwYjRsY5U/jkgJnz2RrUaa8RQMcOK8O1rMy2KYcvfij+RZD8tlbufUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCV3JhMyMe0zjbseisSY/MPkyeuBMB8GA1UdIwQY
MBaAFGaDqWz1EaZ5GdkA8/yTQJk0H4fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgt
YWUzMDY4NmM4NTg5LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgtYWUzMDY4NmM4NTg5
LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMvcFNDxl
P7Do+3lC+te9n3AsAZdlGVzzu2zf4WdZP1jdR5zuTfXL6kSvJ+WHNiG4GkehqvS0
TLgiwJL0ZxjSIFjvuNi4YUnHAh+Ia3SYx81t/c5nHbERAUh8WKj3wRUWMRvjYExM
bKSPRX2HDD1qpO2Qy8OdwBDwVOfkS1PfU9HQKe0k+kaB8Cm94tqRIyoLF1eJd7vx
aiYxLq7zJFzqtB1sS6WxL5C2DPJu9DE0ezrpCafznscVvq0LIPGLVmT12QyDvNWv
TfPiueZWSUIIS98XCCvv98uWnjUjrSj/QEN9BM5kBTMue0l98fegii+ioxa2rRwc
5K6+u3ghZ4dokg==
-----END CERTIFICATE-----