Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
File:                     z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft (raw, json)
Hash identifier:          kXDGbEE1vyiD4E0ybfimqlb1g8FOUW6lPk1DKR0OZIM=
Subject key identifier:   CD:AC:8E:62:7C:04:CB:E5:EE:E9:C1:88:74:28:5A:52:98:46:F4:11
Authority key identifier: CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06
Certificate issuer:       /CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
Certificate serial:       019D29CE1F6497C8511E0B62BBC3DCBE5BDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
Manifest number:          0726
Signing time:             Thu 26 Mar 2026 11:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:07 +0000
Files and hashes:         1: z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl (hash: CawlH1kDk498UwioE7x4BNOOh3wlKWMB8KUlgaNlt5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:1f:64:97:c8:51:1e:0b:62:bb:c3:dc:be:5b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
        Validity
            Not Before: Mar 26 11:01:07 2026 GMT
            Not After : Mar 27 11:01:07 2026 GMT
        Subject: CN=cdac8e627c04cbe5eee9c18874285a529846f411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:99:d5:1a:99:05:f4:17:36:8d:3b:72:ee:6b:
                    1f:fd:e3:29:e4:02:83:86:6b:6b:a9:00:f7:41:ef:
                    31:1f:c5:f5:7d:52:3d:f1:a8:bc:2c:ec:2e:dc:7e:
                    ec:a0:de:63:64:97:cc:80:84:c4:af:e4:c4:ab:9a:
                    ff:31:51:2b:00:0e:7c:7c:c4:47:12:69:33:2f:2a:
                    97:17:6a:a2:6f:93:b1:65:05:2e:f7:64:69:1c:e5:
                    a5:1e:47:40:40:23:97:a4:18:cf:ee:4a:ec:1b:7d:
                    8b:be:fd:94:f5:d0:9d:6c:cb:7e:bb:7c:22:a3:d7:
                    4c:5f:8e:73:ab:ed:5e:f1:ab:6a:67:07:b2:d0:66:
                    2a:9b:86:a8:25:18:87:d8:cc:5f:f8:3f:c4:d8:d1:
                    12:02:7c:55:99:84:de:55:59:a2:10:f3:81:5e:5b:
                    4b:37:31:7d:d4:a0:99:97:eb:6a:14:4b:c8:16:fc:
                    60:20:e0:cf:5c:a7:0f:a5:39:ab:c3:38:05:d3:7e:
                    27:fb:3e:35:28:6c:70:3c:70:6f:4b:5c:b0:50:05:
                    1a:0b:50:3c:71:e5:03:6b:cf:d0:a5:55:3f:e9:2d:
                    41:a9:aa:39:b8:b1:76:d3:f0:d8:fa:91:24:4c:75:
                    a0:ff:1a:be:23:ca:41:27:8d:43:d9:e9:b2:af:a4:
                    7b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:AC:8E:62:7C:04:CB:E5:EE:E9:C1:88:74:28:5A:52:98:46:F4:11
            X509v3 Authority Key Identifier:
                keyid:CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:39:49:ce:03:94:0b:f6:49:aa:54:3e:55:5c:94:56:f4:3c:
         66:b3:a1:88:c5:c8:fa:74:e5:98:e3:e3:16:8b:43:c7:cf:5b:
         d8:65:97:bb:63:c9:13:5d:99:28:93:7c:a9:8d:5b:9c:51:24:
         fa:a9:ae:65:95:d1:66:72:8d:0c:dc:10:6e:95:a5:b8:5f:2d:
         22:6f:4f:5b:8c:30:fe:9e:3b:9e:d8:6d:32:da:41:81:ec:6f:
         96:e9:67:92:3b:db:8f:18:1d:2c:93:80:6c:86:47:d8:b4:9b:
         50:ea:4a:ae:ab:7d:4f:59:05:c1:29:e3:72:2b:1a:44:f5:4b:
         5a:ed:1a:f6:6c:c6:2b:11:e3:14:f8:34:eb:ff:ab:ea:11:fd:
         c1:29:09:f6:56:37:76:e5:bf:3e:be:57:c8:20:68:f5:45:91:
         5d:27:0e:97:8b:93:22:33:b8:e3:1a:7f:84:ce:e4:c3:2f:f2:
         3f:d4:7b:c7:34:8d:92:2e:fc:29:8b:94:4e:22:5a:c9:8d:2e:
         14:8a:b8:48:8f:b4:a5:cf:50:da:79:d5:f8:77:49:f1:12:12:
         cb:13:65:03:7d:0f:e5:e6:1d:25:a6:34:bb:7b:32:93:70:b7:
         f1:ba:6e:45:3d:28:f1:bd:fb:01:81:b2:01:71:01:4b:fe:04:
         54:60:c7:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzh9kl8hRHgtiu8PcvlvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Y1YzU5ODA1OWUxYWU1OTc2YzgxZWEyYjgyNjY5N2Vl
MTk5MDYwHhcNMjYwMzI2MTEwMTA3WhcNMjYwMzI3MTEwMTA3WjAzMTEwLwYDVQQD
EyhjZGFjOGU2MjdjMDRjYmU1ZWVlOWMxODg3NDI4NWE1Mjk4NDZmNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5nVGpkF9Bc2jTty7msf/eMp5AKD
hmtrqQD3Qe8xH8X1fVI98ai8LOwu3H7soN5jZJfMgITEr+TEq5r/MVErAA58fMRH
EmkzLyqXF2qib5OxZQUu92RpHOWlHkdAQCOXpBjP7krsG32Lvv2U9dCdbMt+u3wi
o9dMX45zq+1e8atqZwey0GYqm4aoJRiH2Mxf+D/E2NESAnxVmYTeVVmiEPOBXltL
NzF91KCZl+tqFEvIFvxgIODPXKcPpTmrwzgF034n+z41KGxwPHBvS1ywUAUaC1A8
ceUDa8/QpVU/6S1Bqao5uLF20/DY+pEkTHWg/xq+I8pBJ41D2emyr6R7bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2sjmJ8BMvl7unBiHQoWlKYRvQRMB8GA1UdIwQY
MBaAFM9/XFmAWeGuWXbIHqK4Jml+4ZkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMt
ZTFkYzY5ZTMzM2RmLzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMtZTFkYzY5ZTMzM2Rm
LzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATTlJzgOU
C/ZJqlQ+VVyUVvQ8ZrOhiMXI+nTlmOPjFotDx89b2GWXu2PJE12ZKJN8qY1bnFEk
+qmuZZXRZnKNDNwQbpWluF8tIm9PW4ww/p47nthtMtpBgexvlulnkjvbjxgdLJOA
bIZH2LSbUOpKrqt9T1kFwSnjcisaRPVLWu0a9mzGKxHjFPg06/+r6hH9wSkJ9lY3
duW/Pr5XyCBo9UWRXScOl4uTIjO44xp/hM7kwy/yP9R7xzSNki78KYuUTiJayY0u
FIq4SI+0pc9Q2nnV+HdJ8RISyxNlA30P5eYdJaY0u3syk3C38bpuRT0o8b37AYGy
AXEBS/4EVGDHWw==
-----END CERTIFICATE-----