Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
File:                     zEH27mce6lNY5xzn_BHJNsw3bGE.mft (raw, json)
Hash identifier:          zMCKE8ysCW4u6Sj7z0swGky9m3TPWVJDqOVwMYS2ZzU=
Subject key identifier:   86:8A:E9:81:B2:D6:D7:8D:09:FB:9B:5B:19:20:0D:7A:9E:F3:99:32
Authority key identifier: CC:41:F6:EE:67:1E:EA:53:58:E7:1C:E7:FC:11:C9:36:CC:37:6C:61
Certificate issuer:       /CN=cc41f6ee671eea5358e71ce7fc11c936cc376c61
Certificate serial:       019D265F125CC35A0587BFD4E3FA1F2F8AEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
Manifest number:          12B2
Signing time:             Wed 25 Mar 2026 19:00:57 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:57 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:57 +0000
Files and hashes:         1: zEH27mce6lNY5xzn_BHJNsw3bGE.crl (hash: tVzGamI6ikJSzNq+mWl6qKRerIH45FTypIWm2BKM4vc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:12:5c:c3:5a:05:87:bf:d4:e3:fa:1f:2f:8a:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc41f6ee671eea5358e71ce7fc11c936cc376c61
        Validity
            Not Before: Mar 25 19:00:57 2026 GMT
            Not After : Mar 26 19:00:57 2026 GMT
        Subject: CN=868ae981b2d6d78d09fb9b5b19200d7a9ef39932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f5:8c:26:ff:46:5b:f2:7c:ae:ac:0b:94:e2:
                    21:5e:56:60:85:b6:b0:d1:2f:80:8b:db:a2:05:6a:
                    1d:b3:4c:4e:aa:c9:60:3a:65:90:e9:ee:53:c2:55:
                    ff:af:83:76:b5:db:ae:ac:54:ca:17:85:4a:45:04:
                    e6:78:3f:bf:8a:4f:1d:c0:3a:18:66:dc:f6:11:2a:
                    b7:13:25:44:85:a4:8d:bf:da:2b:a2:25:b2:1a:fe:
                    b3:e0:5f:a4:6b:0b:52:99:0c:77:a1:47:a5:33:96:
                    8d:ef:fc:99:91:d5:53:98:24:56:f4:4b:34:5e:5a:
                    75:43:9b:81:bd:0b:85:24:47:0f:57:53:e8:3b:83:
                    e9:3c:b7:47:bd:bb:4b:a8:9c:3e:fd:6b:b3:f6:b9:
                    c2:8c:b8:e2:3f:a6:dc:c0:77:e8:60:bb:c7:66:77:
                    5c:27:bf:de:14:e9:ea:5c:3b:31:61:92:56:60:c0:
                    52:8b:09:e3:c6:57:71:55:76:07:72:4c:3a:1a:57:
                    3f:8b:ce:88:d6:74:a4:7a:54:47:33:6c:6d:75:de:
                    74:1a:33:f2:b8:08:09:d6:20:13:ee:1b:2e:5e:97:
                    7e:a1:b0:b4:b3:ec:7c:c4:5f:e5:cb:ad:fe:ca:3f:
                    a4:37:ab:50:4d:5b:fe:7d:5f:e9:df:e6:55:24:92:
                    af:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:8A:E9:81:B2:D6:D7:8D:09:FB:9B:5B:19:20:0D:7A:9E:F3:99:32
            X509v3 Authority Key Identifier:
                keyid:CC:41:F6:EE:67:1E:EA:53:58:E7:1C:E7:FC:11:C9:36:CC:37:6C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:35:68:fa:69:2e:1a:7f:1e:e1:b9:65:34:cd:26:c2:ba:ba:
         c2:9b:4a:3b:1b:55:4d:77:8d:42:d0:5b:29:eb:25:e5:5b:f2:
         79:be:ae:52:c2:34:93:e7:99:94:f2:c3:a3:50:cf:bf:63:98:
         68:87:5b:8f:70:b9:ef:10:5c:e4:b7:c3:cd:2e:ec:2b:b9:f6:
         e1:2b:0a:08:25:e4:e8:01:84:27:52:9e:61:aa:58:5a:ac:b5:
         84:21:fb:e5:d3:e6:99:3e:de:dd:f5:bf:73:48:d7:50:f0:d2:
         db:d6:d7:3a:4a:53:02:d9:2f:99:51:55:3b:dc:4a:78:f3:70:
         4d:86:e0:30:db:86:35:8d:75:e3:f9:ca:7b:59:87:b2:26:9e:
         7f:7f:45:27:d0:dd:08:86:a6:2c:97:8b:11:1c:c4:cd:08:28:
         59:6c:66:d7:ac:0c:02:6c:64:f5:63:18:b8:33:ce:e5:c2:44:
         03:34:05:97:f9:33:c4:42:3c:1f:63:0e:49:46:2e:d7:74:8e:
         dd:6b:cf:12:b0:ac:89:d6:3a:ce:33:66:a8:8e:cf:26:0a:76:
         aa:d6:dd:e5:32:7a:37:5a:f0:9a:ac:b3:86:aa:a9:e3:6a:96:
         52:a6:be:ec:44:56:a6:09:1e:78:22:f8:25:13:41:4e:9e:52:
         b8:58:12:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXxJcw1oFh7/U4/ofL4ruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDFmNmVlNjcxZWVhNTM1OGU3MWNlN2ZjMTFjOTM2Y2Mz
NzZjNjEwHhcNMjYwMzI1MTkwMDU3WhcNMjYwMzI2MTkwMDU3WjAzMTEwLwYDVQQD
Eyg4NjhhZTk4MWIyZDZkNzhkMDlmYjliNWIxOTIwMGQ3YTllZjM5OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/WMJv9GW/J8rqwLlOIhXlZghbaw
0S+Ai9uiBWods0xOqslgOmWQ6e5TwlX/r4N2tduurFTKF4VKRQTmeD+/ik8dwDoY
Ztz2ESq3EyVEhaSNv9oroiWyGv6z4F+kawtSmQx3oUelM5aN7/yZkdVTmCRW9Es0
Xlp1Q5uBvQuFJEcPV1PoO4PpPLdHvbtLqJw+/Wuz9rnCjLjiP6bcwHfoYLvHZndc
J7/eFOnqXDsxYZJWYMBSiwnjxldxVXYHckw6Glc/i86I1nSkelRHM2xtdd50GjPy
uAgJ1iAT7hsuXpd+obC0s+x8xF/ly63+yj+kN6tQTVv+fV/p3+ZVJJKvqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIaK6YGy1teNCfubWxkgDXqe85kyMB8GA1UdIwQY
MBaAFMxB9u5nHupTWOcc5/wRyTbMN2xhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODU3YTMtZGExZS00NTQ5LWFlYzAt
NmYyZTc5ZDgyN2UwLzEvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC84ODU3YTMtZGExZS00NTQ5LWFlYzAtNmYyZTc5ZDgyN2Uw
LzEvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACTVo+mku
Gn8e4bllNM0mwrq6wptKOxtVTXeNQtBbKesl5Vvyeb6uUsI0k+eZlPLDo1DPv2OY
aIdbj3C57xBc5LfDzS7sK7n24SsKCCXk6AGEJ1KeYapYWqy1hCH75dPmmT7e3fW/
c0jXUPDS29bXOkpTAtkvmVFVO9xKePNwTYbgMNuGNY114/nKe1mHsiaef39FJ9Dd
CIamLJeLERzEzQgoWWxm16wMAmxk9WMYuDPO5cJEAzQFl/kzxEI8H2MOSUYu13SO
3WvPErCsidY6zjNmqI7PJgp2qtbd5TJ6N1rwmqyzhqqp42qWUqa+7ERWpgkeeCL4
JRNBTp5SuFgSTQ==
-----END CERTIFICATE-----