Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
File:                     zsUHpaHlUBp61jVTNazf5j2ryQs.mft (raw, json)
Hash identifier:          enGqNcep9uf/sufYYWZERDlEHq+Pg2JvZjtQMkehVxc=
Subject key identifier:   8D:86:F8:5F:07:36:52:97:21:94:3F:8B:1C:AE:49:F0:6D:73:2F:59
Authority key identifier: CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B
Certificate issuer:       /CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
Certificate serial:       019D284D8EDEF1DB2E4FC7DDBBCBB7FCD698
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 04:01:04 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:04 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:04 +0000
Files and hashes:         1: zsUHpaHlUBp61jVTNazf5j2ryQs.crl (hash: Ij1wBMumnUugKlQ9QTTijX09nUzAT0Ov6IcnGyPqCoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:8e:de:f1:db:2e:4f:c7:dd:bb:cb:b7:fc:d6:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
        Validity
            Not Before: Mar 26 04:01:04 2026 GMT
            Not After : Mar 27 04:01:04 2026 GMT
        Subject: CN=8d86f85f0736529721943f8b1cae49f06d732f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b7:48:8b:88:c6:97:db:20:db:1e:ab:c8:c9:
                    70:81:a0:9b:4c:96:03:17:be:7a:e0:e7:18:54:e8:
                    06:aa:f1:8d:15:93:e9:f3:a4:75:76:28:cc:75:6e:
                    5c:33:6f:51:5f:83:2c:d0:3d:aa:2f:92:6f:c2:b5:
                    46:58:2c:69:89:13:39:7a:bc:ef:c4:83:7b:ab:85:
                    79:e9:2a:2e:dd:75:94:19:80:6e:27:da:80:69:34:
                    49:30:f9:c1:b0:1a:d9:cc:66:20:87:53:70:f4:c8:
                    f2:e0:1d:99:52:cc:9e:77:02:69:01:0c:37:68:a2:
                    66:40:fe:24:76:e1:c0:9b:49:90:49:03:39:d2:ef:
                    05:b4:a0:44:88:3c:4c:78:ab:85:64:4e:35:35:39:
                    93:4c:0e:bf:59:d6:63:5f:29:ec:8c:43:17:16:dd:
                    6a:5e:bb:8c:86:f2:8f:5d:f4:8f:db:0f:bc:a5:78:
                    67:58:e6:36:3d:3c:1b:ad:30:a5:f6:e9:40:cd:ad:
                    72:17:40:e2:79:e6:12:66:7c:4d:d9:e5:31:91:e4:
                    f1:3c:fe:3b:c2:07:50:f1:57:b1:49:88:e1:91:d3:
                    b7:86:63:7c:bb:28:34:1e:bd:9a:60:02:57:0f:6d:
                    e4:b6:5e:c1:48:a2:94:08:73:86:79:9c:53:d6:e7:
                    f8:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:86:F8:5F:07:36:52:97:21:94:3F:8B:1C:AE:49:F0:6D:73:2F:59
            X509v3 Authority Key Identifier:
                keyid:CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:f6:18:5c:72:22:78:db:a1:36:1c:b9:f5:ca:5d:ca:0a:ce:
         a6:68:28:cc:12:09:c9:59:b4:ee:8b:9c:19:62:a5:a9:56:f4:
         f2:d2:d2:a9:ef:5d:ee:e9:b3:ed:91:fa:59:21:5d:35:88:fe:
         4b:17:37:2e:8f:c1:cf:62:3c:4f:76:6b:8d:0e:4b:d4:e0:97:
         38:42:77:c4:71:be:de:d6:4a:27:ca:b1:b8:db:4e:a5:45:89:
         71:9c:d9:a6:2d:96:50:f5:4c:b0:fd:5e:3e:8a:d8:85:45:1b:
         24:c1:a3:62:32:aa:02:7a:24:20:51:50:ce:46:29:43:cd:61:
         e9:7e:35:3d:bd:45:41:a6:55:89:9b:c3:04:93:82:58:b5:6e:
         86:73:79:45:06:db:34:0a:12:89:17:95:1a:bd:66:e0:14:7c:
         f5:cc:71:3d:4c:2c:9a:a0:f8:b6:34:72:e3:00:c0:85:cc:f4:
         5d:5c:46:1b:99:ed:24:68:ef:01:0e:b9:41:eb:e7:c4:93:b5:
         6a:aa:48:26:5f:24:6c:1d:40:47:67:98:7c:2b:6d:45:ff:21:
         45:97:1a:7f:a6:c7:8a:1d:fe:9b:02:f1:35:37:e2:2e:c6:9f:
         2d:e7:3c:5a:1e:89:91:e9:6b:79:a0:06:db:6a:e7:28:85:40:
         0a:8e:b4:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTY7e8dsuT8fdu8u3/NaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzUwN2E1YTFlNTUwMWE3YWQ2MzU1MzM1YWNkZmU2M2Rh
YmM5MGIwHhcNMjYwMzI2MDQwMTA0WhcNMjYwMzI3MDQwMTA0WjAzMTEwLwYDVQQD
Eyg4ZDg2Zjg1ZjA3MzY1Mjk3MjE5NDNmOGIxY2FlNDlmMDZkNzMyZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrdIi4jGl9sg2x6ryMlwgaCbTJYD
F7564OcYVOgGqvGNFZPp86R1dijMdW5cM29RX4Ms0D2qL5JvwrVGWCxpiRM5erzv
xIN7q4V56Sou3XWUGYBuJ9qAaTRJMPnBsBrZzGYgh1Nw9Mjy4B2ZUsyedwJpAQw3
aKJmQP4kduHAm0mQSQM50u8FtKBEiDxMeKuFZE41NTmTTA6/WdZjXynsjEMXFt1q
XruMhvKPXfSP2w+8pXhnWOY2PTwbrTCl9ulAza1yF0DieeYSZnxN2eUxkeTxPP47
wgdQ8VexSYjhkdO3hmN8uyg0Hr2aYAJXD23ktl7BSKKUCHOGeZxT1uf4OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2G+F8HNlKXIZQ/ixyuSfBtcy9ZMB8GA1UdIwQY
MBaAFM7FB6Wh5VAaetY1UzWs3+Y9q8kLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2Mt
ZDI0YWE1Nzk0ZDhiLzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2MtZDI0YWE1Nzk0ZDhi
LzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJvYYXHIi
eNuhNhy59cpdygrOpmgozBIJyVm07oucGWKlqVb08tLSqe9d7umz7ZH6WSFdNYj+
Sxc3Lo/Bz2I8T3ZrjQ5L1OCXOEJ3xHG+3tZKJ8qxuNtOpUWJcZzZpi2WUPVMsP1e
PorYhUUbJMGjYjKqAnokIFFQzkYpQ81h6X41Pb1FQaZViZvDBJOCWLVuhnN5RQbb
NAoSiReVGr1m4BR89cxxPUwsmqD4tjRy4wDAhcz0XVxGG5ntJGjvAQ65QevnxJO1
aqpIJl8kbB1AR2eYfCttRf8hRZcaf6bHih3+mwLxNTfiLsafLec8Wh6JkelreaAG
22rnKIVACo604w==
-----END CERTIFICATE-----