Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          5+dEb1GnQjTjfDfkHBKNdRNZ5FLXi6W7jQLpfE2Nw+s=
Subject key identifier:   3D:A4:0E:D9:80:BD:5E:89:8F:B5:C4:1A:F8:16:09:E0:31:2C:1D:C3
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       019D2AE0D8875CEA6790DBD76DDEF3AC2CC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          033C
Signing time:             Thu 26 Mar 2026 16:01:11 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:11 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:11 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: UhJObUDtsEAOmCYWaxn3yxHkZ0OIR4tqfb09aqBgDrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:d8:87:5c:ea:67:90:db:d7:6d:de:f3:ac:2c:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Mar 26 16:01:11 2026 GMT
            Not After : Mar 27 16:01:11 2026 GMT
        Subject: CN=3da40ed980bd5e898fb5c41af81609e0312c1dc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:55:4d:3f:ad:c0:f4:00:ba:1c:d8:1b:c7:66:
                    c3:80:52:3a:39:9c:2e:d8:f1:c1:81:86:1d:db:c8:
                    f7:f0:c9:20:eb:36:94:f1:ad:da:d5:83:e0:d2:16:
                    cb:ad:38:37:f4:4b:ad:8c:5d:36:94:de:f9:bc:5a:
                    13:b4:ea:40:cb:94:cc:92:c0:ae:6d:26:cb:93:f1:
                    72:c6:48:4b:2d:76:6c:44:b9:2d:95:e4:83:7a:73:
                    df:78:21:08:31:77:c3:7c:75:64:f3:35:27:63:90:
                    b9:50:45:78:99:39:6b:a9:91:36:11:a4:8a:58:bd:
                    2e:63:6e:75:e8:78:97:ed:be:81:9e:0e:0f:c1:14:
                    0b:c9:89:ac:97:83:cf:93:92:02:bb:83:26:8a:e4:
                    0e:d9:1e:fd:e4:c9:29:4f:69:48:cc:8c:4e:52:c8:
                    f1:a5:38:2a:ba:92:11:97:98:dd:1c:e9:57:77:10:
                    6c:19:79:f0:fd:45:16:8f:c1:0e:34:4a:30:11:04:
                    4c:a4:3d:89:ae:be:be:64:b6:d2:8e:2d:fc:c2:8e:
                    92:f0:80:6b:19:19:d3:97:f4:84:09:e8:1d:d1:9b:
                    30:e6:43:79:ae:48:45:f7:6e:59:58:03:17:ff:b8:
                    ff:45:5f:5b:00:a8:67:d8:82:47:d7:2a:fb:81:58:
                    26:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:A4:0E:D9:80:BD:5E:89:8F:B5:C4:1A:F8:16:09:E0:31:2C:1D:C3
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:11:7f:46:5c:ce:9e:ec:14:8a:44:c2:24:ff:05:4d:d3:ad:
         52:71:16:20:f4:19:b7:8b:9c:ee:74:37:bc:dc:43:40:1c:0f:
         e4:75:1c:04:4c:c0:55:a8:a9:80:01:be:5f:31:87:e9:01:a4:
         ea:32:ac:89:e9:0d:66:6a:8c:bb:3c:29:b6:1d:d1:01:f8:da:
         13:47:51:56:fc:c6:e2:b6:bf:21:60:78:57:da:8b:e2:d0:e9:
         a1:83:fa:8e:85:49:60:6b:e5:fa:07:c2:d4:c8:c2:1d:e0:c9:
         85:30:79:3c:d3:cc:78:f1:00:8f:b7:9a:99:f5:f0:33:fc:aa:
         6f:8a:74:43:f6:5d:c9:9e:ba:02:81:ce:a3:34:cd:cc:ab:1f:
         d4:55:fc:54:80:80:4a:ea:75:27:08:fe:1c:ac:99:53:f8:06:
         ff:84:57:24:d7:55:08:42:62:a9:80:88:81:a9:54:10:d8:dc:
         7e:bf:d1:88:d8:3e:d2:af:5f:d1:a7:98:76:83:f4:0f:ae:d3:
         eb:38:fd:a8:9f:e6:90:89:2a:75:e6:b0:c1:53:f1:1a:a2:4c:
         02:a0:34:6d:78:43:9f:f3:1d:07:b3:7e:78:52:4d:3a:2e:57:
         53:0d:8c:93:7d:a3:82:6b:e1:d3:7d:65:22:39:80:1e:74:09:
         d6:21:da:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4NiHXOpnkNvXbd7zrCzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjYwMzI2MTYwMTExWhcNMjYwMzI3MTYwMTExWjAzMTEwLwYDVQQD
EygzZGE0MGVkOTgwYmQ1ZTg5OGZiNWM0MWFmODE2MDllMDMxMmMxZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1VNP63A9AC6HNgbx2bDgFI6OZwu
2PHBgYYd28j38Mkg6zaU8a3a1YPg0hbLrTg39EutjF02lN75vFoTtOpAy5TMksCu
bSbLk/FyxkhLLXZsRLktleSDenPfeCEIMXfDfHVk8zUnY5C5UEV4mTlrqZE2EaSK
WL0uY2516HiX7b6Bng4PwRQLyYmsl4PPk5ICu4MmiuQO2R795MkpT2lIzIxOUsjx
pTgqupIRl5jdHOlXdxBsGXnw/UUWj8EONEowEQRMpD2Jrr6+ZLbSji38wo6S8IBr
GRnTl/SECegd0Zsw5kN5rkhF925ZWAMX/7j/RV9bAKhn2IJH1yr7gVgmoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2kDtmAvV6Jj7XEGvgWCeAxLB3DMB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBF/RlzO
nuwUikTCJP8FTdOtUnEWIPQZt4uc7nQ3vNxDQBwP5HUcBEzAVaipgAG+XzGH6QGk
6jKsiekNZmqMuzwpth3RAfjaE0dRVvzG4ra/IWB4V9qL4tDpoYP6joVJYGvl+gfC
1MjCHeDJhTB5PNPMePEAj7eamfXwM/yqb4p0Q/ZdyZ66AoHOozTNzKsf1FX8VICA
Sup1Jwj+HKyZU/gG/4RXJNdVCEJiqYCIgalUENjcfr/RiNg+0q9f0aeYdoP0D67T
6zj9qJ/mkIkqdeawwVPxGqJMAqA0bXhDn/MdB7N+eFJNOi5XUw2Mk32jgmvh031l
IjmAHnQJ1iHaZg==
-----END CERTIFICATE-----