Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
File:                     zfQLRgtIuPNm_sXKObMcOAxkWjI.mft (raw, json)
Hash identifier:          f+QmtAWfRb6xC3bWBSyrZCRjCgxT5VORdEONx89HRFo=
Subject key identifier:   2D:AF:F6:ED:BC:8D:3A:27:60:A9:A3:13:E3:41:36:E4:4F:BB:38:C2
Authority key identifier: CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32
Certificate issuer:       /CN=cdf40b460b48b8f366fec5ca39b31c380c645a32
Certificate serial:       019D28163C2C2583D3820AAF8675D2AEBC3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
Manifest number:          034D
Signing time:             Thu 26 Mar 2026 03:00:38 +0000
Manifest this update:     Thu 26 Mar 2026 03:00:38 +0000
Manifest next update:     Fri 27 Mar 2026 03:00:38 +0000
Files and hashes:         1: zfQLRgtIuPNm_sXKObMcOAxkWjI.crl (hash: FQdjAx7eowNtOOJ2UrJdXJvfbcZj3Xa5H1Sl9rxDr84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:3c:2c:25:83:d3:82:0a:af:86:75:d2:ae:bc:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf40b460b48b8f366fec5ca39b31c380c645a32
        Validity
            Not Before: Mar 26 03:00:38 2026 GMT
            Not After : Mar 27 03:00:38 2026 GMT
        Subject: CN=2daff6edbc8d3a2760a9a313e34136e44fbb38c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cf:40:91:49:bd:c6:8a:f4:d6:4b:b9:b5:0b:
                    a8:75:08:90:6f:ac:e8:82:65:36:2c:19:3f:a7:a3:
                    71:5b:02:69:99:49:ec:17:c6:d4:83:87:25:09:fa:
                    07:5e:36:55:b5:ff:13:16:10:e5:31:c5:da:34:4c:
                    d9:92:e7:22:89:44:52:33:a0:15:ee:55:0a:f2:f0:
                    1d:0b:94:6f:0f:f0:e9:e0:5a:d9:d5:32:ce:c3:40:
                    d7:6d:31:60:2b:a1:74:8a:5d:f3:ee:ef:89:09:ad:
                    9a:7f:55:d0:5b:39:c3:3e:0e:28:cd:03:5d:90:b0:
                    c1:ee:54:6b:3b:f3:60:b4:b4:41:73:69:1f:f7:73:
                    39:99:32:60:e7:91:f7:d1:d3:60:2a:79:c7:ac:cf:
                    9e:0b:5b:0d:1c:e0:9d:16:d9:f6:a4:1f:1b:95:4e:
                    55:79:9e:b8:6e:4c:85:6c:ac:04:2b:e9:7d:e2:19:
                    76:29:b2:f4:3d:15:e5:06:2d:84:a8:dc:d7:e9:b1:
                    1a:4d:4a:a0:e3:3b:7e:b8:40:3a:4d:16:ee:8b:b9:
                    bb:21:9f:c1:c7:10:3d:8f:53:d2:10:81:c6:7e:18:
                    5a:70:fb:80:fe:84:a2:b1:ed:47:bb:8c:46:45:f0:
                    b6:54:39:d0:bb:e3:1d:6f:90:26:75:81:89:5d:db:
                    11:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:AF:F6:ED:BC:8D:3A:27:60:A9:A3:13:E3:41:36:E4:4F:BB:38:C2
            X509v3 Authority Key Identifier:
                keyid:CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:4d:19:bd:7a:df:32:3e:b3:5a:45:36:3a:6a:14:60:23:6f:
         1a:d2:46:65:06:91:1f:58:3b:13:89:9c:56:3f:9f:f0:6b:79:
         03:8b:53:13:79:d3:3e:62:28:0a:6e:a6:95:25:24:b7:39:c9:
         59:3e:cd:a4:a0:fd:2c:df:f9:73:e2:be:e9:99:d5:59:cc:e6:
         85:09:1f:b6:46:ca:d2:71:bc:62:18:79:d7:7b:56:54:96:23:
         bf:45:b9:9e:0d:f4:90:ef:c5:42:a7:69:df:84:20:30:32:b5:
         71:3f:14:34:14:6c:5e:99:a6:e1:cf:d4:d6:8e:51:8c:3b:b9:
         3c:85:a6:a4:6b:48:53:9d:13:d7:a7:5c:bb:a1:f8:c6:6d:6e:
         1c:a6:6f:5c:2f:ee:52:b6:0a:4e:02:5e:64:91:06:2c:e2:a9:
         d7:59:a0:97:8a:fe:be:1c:ba:63:65:16:ae:82:1b:1d:b9:bb:
         0a:32:a1:d3:5f:bc:88:2f:5f:c3:ac:05:f0:a5:72:1e:57:85:
         47:0f:f9:36:a7:b8:aa:49:b7:4d:fb:f7:51:a5:bc:68:0c:84:
         0f:cc:10:e7:17:b6:a3:bf:64:c6:eb:ff:81:c8:78:79:cd:ac:
         7e:46:44:76:f8:dc:31:dc:8a:83:e0:b2:6f:43:79:a0:83:1d:
         1f:56:68:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFjwsJYPTggqvhnXSrrw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjQwYjQ2MGI0OGI4ZjM2NmZlYzVjYTM5YjMxYzM4MGM2
NDVhMzIwHhcNMjYwMzI2MDMwMDM4WhcNMjYwMzI3MDMwMDM4WjAzMTEwLwYDVQQD
EygyZGFmZjZlZGJjOGQzYTI3NjBhOWEzMTNlMzQxMzZlNDRmYmIzOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws9AkUm9xor01ku5tQuodQiQb6zo
gmU2LBk/p6NxWwJpmUnsF8bUg4clCfoHXjZVtf8TFhDlMcXaNEzZkuciiURSM6AV
7lUK8vAdC5RvD/Dp4FrZ1TLOw0DXbTFgK6F0il3z7u+JCa2af1XQWznDPg4ozQNd
kLDB7lRrO/NgtLRBc2kf93M5mTJg55H30dNgKnnHrM+eC1sNHOCdFtn2pB8blU5V
eZ64bkyFbKwEK+l94hl2KbL0PRXlBi2EqNzX6bEaTUqg4zt+uEA6TRbui7m7IZ/B
xxA9j1PSEIHGfhhacPuA/oSise1Hu4xGRfC2VDnQu+Mdb5AmdYGJXdsRtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2v9u28jTonYKmjE+NBNuRPuzjCMB8GA1UdIwQY
MBaAFM30C0YLSLjzZv7FyjmzHDgMZFoyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYt
YTdlZjFkY2ZkNWYxLzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYtYTdlZjFkY2ZkNWYx
LzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc00ZvXrf
Mj6zWkU2OmoUYCNvGtJGZQaRH1g7E4mcVj+f8Gt5A4tTE3nTPmIoCm6mlSUktznJ
WT7NpKD9LN/5c+K+6ZnVWczmhQkftkbK0nG8Yhh513tWVJYjv0W5ng30kO/FQqdp
34QgMDK1cT8UNBRsXpmm4c/U1o5RjDu5PIWmpGtIU50T16dcu6H4xm1uHKZvXC/u
UrYKTgJeZJEGLOKp11mgl4r+vhy6Y2UWroIbHbm7CjKh01+8iC9fw6wF8KVyHleF
Rw/5Nqe4qkm3Tfv3UaW8aAyED8wQ5xe2o79kxuv/gch4ec2sfkZEdvjcMdyKg+Cy
b0N5oIMdH1ZokQ==
-----END CERTIFICATE-----