Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          J2RRsmkQIWs24LqN0yDeRkVmH+nCWNuHu7sdAiQL8D0=
Subject key identifier:   25:44:EF:C7:8C:60:F4:1C:0A:E4:0C:2D:AE:5E:88:6C:F2:8A:FA:0F
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       019D3299F6488F57B209891809149A8FE4F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          0420
Signing time:             Sat 28 Mar 2026 04:00:43 +0000
Manifest this update:     Sat 28 Mar 2026 04:00:43 +0000
Manifest next update:     Sun 29 Mar 2026 04:00:43 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: EwpniY5GGPGSqLpM9dZDd1gThwYLFpY9p4Luo+Nr/4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:99:f6:48:8f:57:b2:09:89:18:09:14:9a:8f:e4:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: Mar 28 04:00:43 2026 GMT
            Not After : Mar 29 04:00:43 2026 GMT
        Subject: CN=2544efc78c60f41c0ae40c2dae5e886cf28afa0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:2f:2d:c5:4b:85:6d:44:51:59:69:94:9b:f1:
                    b6:a0:a9:b1:c3:70:f9:1c:fd:b0:c6:09:24:23:78:
                    07:b5:d0:69:55:a1:7a:9b:46:e7:9b:11:2a:44:a3:
                    25:81:84:49:8c:c9:db:e9:7d:b2:08:a6:3b:86:2a:
                    40:5a:09:89:3c:89:3c:25:52:ec:3e:ba:cf:2a:80:
                    f3:16:12:5a:e4:06:b5:05:e5:c2:f9:7c:72:c4:3b:
                    d7:48:5e:10:fe:34:b5:02:75:b8:ef:32:4b:a3:85:
                    d7:fd:67:41:4b:ae:f7:3f:af:1d:2b:5c:a0:33:19:
                    59:07:aa:55:09:5e:27:e0:2e:95:f8:42:2a:59:88:
                    d3:6e:5a:89:fe:f6:35:33:68:30:b6:a0:dc:be:a8:
                    ca:5d:2d:11:71:69:4d:fb:9f:1a:63:9c:96:5d:ce:
                    95:ae:c5:b3:94:03:8b:21:e5:80:3f:b3:f6:15:73:
                    23:46:ba:97:fd:c9:40:7c:32:e5:be:e5:b6:23:1b:
                    27:a1:f4:ce:65:30:61:1b:b2:54:d2:18:c8:df:d9:
                    ed:65:7a:f0:2d:da:8f:c6:3c:28:a1:5e:bc:71:e0:
                    72:c0:d0:8c:0d:9d:0b:9d:aa:5b:df:e4:10:75:93:
                    f5:e0:c3:69:54:15:09:b5:ec:28:f4:40:6e:af:3f:
                    0d:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:44:EF:C7:8C:60:F4:1C:0A:E4:0C:2D:AE:5E:88:6C:F2:8A:FA:0F
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c7:2b:42:98:ec:54:a8:7b:c1:f0:90:db:5b:b9:d9:e8:76:
         f9:41:40:80:d5:3f:91:a1:44:6e:53:18:f9:bf:cf:9d:d8:c4:
         9f:47:81:23:df:45:de:db:02:4a:77:ed:da:7c:07:ea:4f:db:
         f5:86:30:d0:1f:d8:57:c5:d0:79:b8:01:ca:df:f1:86:7b:3a:
         c8:5b:36:9a:48:f1:1b:7d:ae:7f:62:76:b9:8c:8c:27:b2:ef:
         dd:73:45:5b:dd:16:0b:67:35:d7:d2:df:28:20:a7:60:a3:32:
         95:1c:78:66:b5:a6:7f:7a:f2:ab:1c:fb:1a:4b:6d:c4:78:fa:
         ae:de:9b:b9:9e:c8:21:5d:90:30:15:f0:9b:f5:fc:fc:f6:e9:
         44:75:43:8d:df:1d:64:f7:6a:42:78:37:ac:f8:a3:44:92:58:
         b5:a4:f2:8f:4d:b3:10:4b:e1:a4:41:f0:e9:4a:0a:fc:0c:6d:
         a0:17:df:de:dd:4f:e8:f5:48:4c:2a:ee:eb:7b:d0:17:1a:2c:
         cc:e7:3a:f7:5a:f8:66:b6:99:6c:c3:26:26:5b:74:62:d1:12:
         89:f9:23:0b:0e:33:37:b0:9e:34:b9:76:de:7e:75:07:95:a0:
         1f:23:60:84:0e:f7:a4:51:b5:fe:89:26:b6:92:ac:36:d6:bb:
         64:69:98:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymfZIj1eyCYkYCRSaj+T2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjYwMzI4MDQwMDQzWhcNMjYwMzI5MDQwMDQzWjAzMTEwLwYDVQQD
EygyNTQ0ZWZjNzhjNjBmNDFjMGFlNDBjMmRhZTVlODg2Y2YyOGFmYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli8txUuFbURRWWmUm/G2oKmxw3D5
HP2wxgkkI3gHtdBpVaF6m0bnmxEqRKMlgYRJjMnb6X2yCKY7hipAWgmJPIk8JVLs
PrrPKoDzFhJa5Aa1BeXC+XxyxDvXSF4Q/jS1AnW47zJLo4XX/WdBS673P68dK1yg
MxlZB6pVCV4n4C6V+EIqWYjTblqJ/vY1M2gwtqDcvqjKXS0RcWlN+58aY5yWXc6V
rsWzlAOLIeWAP7P2FXMjRrqX/clAfDLlvuW2IxsnofTOZTBhG7JU0hjI39ntZXrw
LdqPxjwooV68ceBywNCMDZ0Lnapb3+QQdZP14MNpVBUJtewo9EBurz8NlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVE78eMYPQcCuQMLa5eiGzyivoPMB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGscrQpjs
VKh7wfCQ21u52eh2+UFAgNU/kaFEblMY+b/PndjEn0eBI99F3tsCSnft2nwH6k/b
9YYw0B/YV8XQebgByt/xhns6yFs2mkjxG32uf2J2uYyMJ7Lv3XNFW90WC2c119Lf
KCCnYKMylRx4ZrWmf3ryqxz7GkttxHj6rt6buZ7IIV2QMBXwm/X8/PbpRHVDjd8d
ZPdqQng3rPijRJJYtaTyj02zEEvhpEHw6UoK/AxtoBff3t1P6PVITCru63vQFxos
zOc691r4ZraZbMMmJlt0YtESifkjCw4zN7CeNLl23n51B5WgHyNghA73pFG1/okm
tpKsNta7ZGmYIQ==
-----END CERTIFICATE-----