Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
File:                     zdCuQc2rVZhilkF4v-rjaElrB9c.mft (raw, json)
Hash identifier:          ORvRvLSvt0mNcLTWUiGyipu+PhQpMKS/JvM8HB5P5ek=
Subject key identifier:   BC:1D:0E:8A:98:F4:AD:EA:63:16:0D:B8:0D:0E:17:02:98:D8:01:BA
Authority key identifier: CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7
Certificate issuer:       /CN=cdd0ae41cdab559862964178bfeae368496b07d7
Certificate serial:       019D265F63672775CFCEFBFE21E2FB0A979F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
Manifest number:          0F65
Signing time:             Wed 25 Mar 2026 19:01:18 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:18 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:18 +0000
Files and hashes:         1: zdCuQc2rVZhilkF4v-rjaElrB9c.crl (hash: ugROQAlJReMTzmjnHZ019Szp7pbzCeCDs3gyS8TiQ8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:63:67:27:75:cf:ce:fb:fe:21:e2:fb:0a:97:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdd0ae41cdab559862964178bfeae368496b07d7
        Validity
            Not Before: Mar 25 19:01:18 2026 GMT
            Not After : Mar 26 19:01:18 2026 GMT
        Subject: CN=bc1d0e8a98f4adea63160db80d0e170298d801ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c6:55:c4:40:5f:37:be:1a:95:19:cd:b6:00:
                    b5:63:a2:8f:93:51:15:5f:02:95:2f:7d:29:ad:34:
                    01:d3:1b:75:3b:6b:ab:41:5b:0f:01:78:df:95:9a:
                    35:7d:4c:df:47:22:88:17:be:a1:4c:95:95:b3:a4:
                    c7:76:00:66:82:d3:43:f4:9e:69:0a:18:b3:d5:8c:
                    db:a5:14:8d:06:b5:70:ff:a9:c1:97:ff:6b:5c:2f:
                    4d:de:7a:bb:29:6e:95:61:01:fa:c4:1b:ae:d4:07:
                    74:ec:55:ab:f5:ad:17:81:67:7a:0b:a1:00:b5:83:
                    fc:2b:2c:8d:e9:7a:a1:be:9a:49:e9:cb:f0:5c:03:
                    41:f6:d1:6c:13:d7:9a:ed:40:be:0a:a8:08:5b:75:
                    25:35:05:91:4d:c1:86:47:b6:a6:a2:85:65:04:97:
                    e5:47:04:51:16:a7:6e:23:82:65:a9:84:35:63:ab:
                    12:99:f7:a7:8c:d3:2f:8e:fa:13:17:da:21:59:ff:
                    26:40:7f:2a:ca:ab:c1:b4:80:d9:ad:8b:e7:84:4b:
                    83:d1:1a:be:88:49:db:6d:93:67:48:53:f1:8f:e6:
                    d5:93:9e:2f:df:d9:6e:50:43:ad:a8:39:29:f8:a1:
                    fe:75:31:21:88:49:9b:38:e1:b9:fe:ed:b8:dd:6c:
                    60:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:1D:0E:8A:98:F4:AD:EA:63:16:0D:B8:0D:0E:17:02:98:D8:01:BA
            X509v3 Authority Key Identifier:
                keyid:CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:20:a8:c2:64:82:2d:ee:20:fe:ad:d9:a2:99:e3:7a:5f:f3:
         c2:02:02:27:4e:85:32:e4:e3:4c:cd:d0:0f:8b:9d:13:c9:c4:
         1f:1e:4a:ed:e6:7b:ca:bb:79:d0:b5:37:40:f4:d5:56:fe:e8:
         52:61:1b:ca:99:96:7b:8b:3b:e7:62:20:03:c2:8c:a7:7e:93:
         17:f4:f2:4a:ed:22:36:bd:c6:9c:1d:60:00:c4:bc:d7:32:02:
         a0:ce:94:7c:da:d2:17:e0:28:2c:9e:36:df:52:52:09:ce:a4:
         a7:1a:3b:02:02:ce:af:a3:4e:03:14:50:de:d6:4d:e7:5a:d7:
         d7:15:89:4e:40:40:59:a7:9a:d6:cf:1d:33:02:00:5a:93:97:
         1a:e7:db:0c:67:d3:58:f9:45:72:07:4c:e6:28:31:1f:e6:2c:
         e4:bf:62:17:7a:37:a3:6a:20:6a:d0:91:be:55:0d:13:95:a9:
         71:73:80:a1:55:dc:fa:d9:b2:84:ba:66:bd:23:f4:37:d1:1d:
         bf:a0:21:da:ee:91:45:a2:a8:03:7b:0c:21:ba:55:b5:74:5a:
         59:5e:c9:71:29:cf:6a:a9:d5:c7:1e:77:37:54:25:a7:d3:d6:
         15:87:14:76:a1:83:f6:6d:5b:83:31:9a:f6:8b:37:78:4a:81:
         9a:ca:9e:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX2NnJ3XPzvv+IeL7CpefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZDBhZTQxY2RhYjU1OTg2Mjk2NDE3OGJmZWFlMzY4NDk2
YjA3ZDcwHhcNMjYwMzI1MTkwMTE4WhcNMjYwMzI2MTkwMTE4WjAzMTEwLwYDVQQD
EyhiYzFkMGU4YTk4ZjRhZGVhNjMxNjBkYjgwZDBlMTcwMjk4ZDgwMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncZVxEBfN74alRnNtgC1Y6KPk1EV
XwKVL30prTQB0xt1O2urQVsPAXjflZo1fUzfRyKIF76hTJWVs6THdgBmgtND9J5p
Chiz1YzbpRSNBrVw/6nBl/9rXC9N3nq7KW6VYQH6xBuu1Ad07FWr9a0XgWd6C6EA
tYP8KyyN6XqhvppJ6cvwXANB9tFsE9ea7UC+CqgIW3UlNQWRTcGGR7amooVlBJfl
RwRRFqduI4JlqYQ1Y6sSmfenjNMvjvoTF9ohWf8mQH8qyqvBtIDZrYvnhEuD0Rq+
iEnbbZNnSFPxj+bVk54v39luUEOtqDkp+KH+dTEhiEmbOOG5/u243WxghwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwdDoqY9K3qYxYNuA0OFwKY2AG6MB8GA1UdIwQY
MBaAFM3QrkHNq1WYYpZBeL/q42hJawfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEt
NDI4MzI0YTkyNDRlLzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEtNDI4MzI0YTkyNDRl
LzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCCowmSC
Le4g/q3Zopnjel/zwgICJ06FMuTjTM3QD4udE8nEHx5K7eZ7yrt50LU3QPTVVv7o
UmEbypmWe4s752IgA8KMp36TF/TySu0iNr3GnB1gAMS81zICoM6UfNrSF+AoLJ42
31JSCc6kpxo7AgLOr6NOAxRQ3tZN51rX1xWJTkBAWaea1s8dMwIAWpOXGufbDGfT
WPlFcgdM5igxH+Ys5L9iF3o3o2ogatCRvlUNE5WpcXOAoVXc+tmyhLpmvSP0N9Ed
v6Ah2u6RRaKoA3sMIbpVtXRaWV7JcSnPaqnVxx53N1Qlp9PWFYcUdqGD9m1bgzGa
9os3eEqBmsqecA==
-----END CERTIFICATE-----