Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          s62otqevtPLm1NnctQG+idAFrjDxDw/pgnqP3W6zYCw=
Subject key identifier:   BE:79:29:81:10:69:ED:3D:11:3A:36:90:95:78:CD:BC:64:74:82:FB
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       019D2704BEAA70B0F6450CCBE2F359BECF7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          1227
Signing time:             Wed 25 Mar 2026 22:01:55 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:55 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:55 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: +3qDcm/ZXbz/k21hYtINZcv8Crd3l5qXzeHLqyanykQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:be:aa:70:b0:f6:45:0c:cb:e2:f3:59:be:cf:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: Mar 25 22:01:55 2026 GMT
            Not After : Mar 26 22:01:55 2026 GMT
        Subject: CN=be7929811069ed3d113a36909578cdbc647482fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c3:28:f8:36:47:f8:64:2d:16:5a:fc:6c:f5:
                    20:72:75:37:7b:a0:a6:06:c4:d0:76:0c:dd:6d:d2:
                    fe:85:39:3b:4e:d6:77:7a:ae:9c:66:65:aa:43:5a:
                    1a:9b:96:f1:e3:36:20:c3:da:87:dc:7a:39:74:c6:
                    59:2d:c6:46:03:df:4d:2d:5b:98:93:ba:f0:ba:76:
                    2b:3b:c6:05:07:6b:1d:fa:33:97:06:b1:15:ae:34:
                    ae:d0:9b:37:86:8d:ea:b0:5c:d0:98:a3:bf:4d:5a:
                    0e:07:89:5a:da:a8:69:02:cd:69:1b:cd:96:98:18:
                    c7:ff:99:be:7e:c4:b7:59:28:7c:96:84:c1:f4:b0:
                    3f:06:6d:98:25:90:eb:f4:d5:41:fe:48:08:b1:77:
                    c3:fd:d2:79:26:58:48:cd:66:6c:8f:ec:43:de:9b:
                    c6:97:0e:bc:e0:84:d4:87:73:22:b3:69:66:44:b8:
                    b8:9e:39:c1:3c:ac:16:9f:d1:a5:70:3e:2e:66:d7:
                    5f:ee:ee:cb:3d:6e:66:8e:a6:3c:8e:42:2a:eb:ce:
                    dd:60:a1:8f:47:3a:62:64:fc:44:85:31:88:4a:c5:
                    2e:f7:65:30:a2:14:13:64:26:19:ae:20:20:d8:51:
                    3b:50:4c:64:8b:8a:b3:88:3a:d2:4f:6f:80:d9:d0:
                    ca:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:79:29:81:10:69:ED:3D:11:3A:36:90:95:78:CD:BC:64:74:82:FB
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:98:67:ed:61:ab:72:7d:67:93:f4:3f:33:6b:a1:5b:aa:23:
         7d:c1:07:2c:10:bc:a6:9a:2c:b7:4e:7b:8f:19:ec:13:58:24:
         c3:de:28:eb:d9:14:76:27:9a:ae:2d:76:93:76:f0:2c:00:31:
         c1:3d:83:76:72:fd:34:b3:59:bd:f0:99:fd:cb:ce:12:f4:7c:
         4a:b6:51:2f:a4:a3:22:8e:ee:5c:a8:50:26:5e:37:73:30:4d:
         30:f0:f1:7e:e9:11:5c:f6:55:6c:64:00:8c:1c:ae:6e:40:11:
         d2:a5:97:e2:25:5f:17:ae:56:98:f1:97:26:d2:31:34:89:9d:
         f9:f5:4e:cc:67:f4:2d:3b:15:6f:71:a2:c7:43:e5:5b:a9:b1:
         38:34:26:44:44:75:cd:2a:b7:fc:5a:7f:0d:15:06:95:19:02:
         06:be:c4:52:75:83:ec:de:51:4a:7c:59:4f:d3:c7:c4:40:0d:
         18:85:4a:59:aa:fe:2b:13:1d:e0:97:fd:db:de:bd:8d:8f:5a:
         29:74:7c:e5:5a:c0:42:17:be:92:fe:f8:3e:c6:06:a7:00:0c:
         e5:de:fa:d5:49:06:cf:fd:be:62:20:63:8a:5f:e1:96:a9:44:
         43:5f:5d:dc:9b:cb:0d:f5:c8:f4:44:26:71:c3:7c:2b:eb:af:
         05:f0:59:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBL6qcLD2RQzL4vNZvs96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjYwMzI1MjIwMTU1WhcNMjYwMzI2MjIwMTU1WjAzMTEwLwYDVQQD
EyhiZTc5Mjk4MTEwNjllZDNkMTEzYTM2OTA5NTc4Y2RiYzY0NzQ4MmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMMo+DZH+GQtFlr8bPUgcnU3e6Cm
BsTQdgzdbdL+hTk7TtZ3eq6cZmWqQ1oam5bx4zYgw9qH3Ho5dMZZLcZGA99NLVuY
k7rwunYrO8YFB2sd+jOXBrEVrjSu0Js3ho3qsFzQmKO/TVoOB4la2qhpAs1pG82W
mBjH/5m+fsS3WSh8loTB9LA/Bm2YJZDr9NVB/kgIsXfD/dJ5JlhIzWZsj+xD3pvG
lw684ITUh3Mis2lmRLi4njnBPKwWn9GlcD4uZtdf7u7LPW5mjqY8jkIq687dYKGP
RzpiZPxEhTGISsUu92UwohQTZCYZriAg2FE7UExki4qziDrST2+A2dDKUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL55KYEQae09ETo2kJV4zbxkdIL7MB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJhn7WGr
cn1nk/Q/M2uhW6ojfcEHLBC8ppost057jxnsE1gkw94o69kUdieari12k3bwLAAx
wT2DdnL9NLNZvfCZ/cvOEvR8SrZRL6SjIo7uXKhQJl43czBNMPDxfukRXPZVbGQA
jByubkAR0qWX4iVfF65WmPGXJtIxNImd+fVOzGf0LTsVb3Gix0PlW6mxODQmRER1
zSq3/Fp/DRUGlRkCBr7EUnWD7N5RSnxZT9PHxEANGIVKWar+KxMd4Jf92969jY9a
KXR85VrAQhe+kv74PsYGpwAM5d761UkGz/2+YiBjil/hlqlEQ19d3JvLDfXI9EQm
ccN8K+uvBfBZeg==
-----END CERTIFICATE-----