Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          oYlhuEvYN2KZcPC6HKqLHBbXaCw42kgZhQqhcMGb3G8=
Subject key identifier:   7F:30:27:0C:A8:E6:01:6A:6F:F3:9D:EA:DA:3B:8D:EA:56:BB:A9:28
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019D2960AA877ABEEDDB315F5FEB41D6B794
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 09:01:33 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:33 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:33 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: 1AqSWQkNxUUmLl6fK3rQh/klShUFaPzftGLl/QVlQy8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:aa:87:7a:be:ed:db:31:5f:5f:eb:41:d6:b7:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Mar 26 09:01:33 2026 GMT
            Not After : Mar 27 09:01:33 2026 GMT
        Subject: CN=7f30270ca8e6016a6ff39deada3b8dea56bba928
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:66:bb:2e:f5:f7:cb:ed:16:c8:c7:5c:aa:46:
                    5d:6e:6e:08:18:c5:d4:aa:da:2b:1e:5e:b1:02:f8:
                    28:da:a0:fa:ec:e9:c7:fa:6d:1b:61:f8:18:01:92:
                    a4:fa:19:58:26:d5:fd:0d:bf:71:ad:19:c8:6d:1f:
                    c6:93:7e:cb:b6:e7:fe:ac:b0:c1:b4:7e:4f:2e:c0:
                    e6:cf:15:0b:8d:57:d7:75:72:50:55:ff:23:b9:91:
                    a5:04:51:bb:ae:c5:a8:63:0f:e2:de:cd:4f:41:03:
                    a5:fa:7e:0c:d9:8a:aa:03:4b:db:d0:9f:f6:0d:88:
                    5e:e7:66:5f:5e:36:a8:62:d0:98:d9:d7:0e:aa:1d:
                    e0:e2:70:ce:01:aa:6b:7c:f3:41:5b:ea:5a:1e:02:
                    48:4e:a2:3f:80:f5:31:42:1e:21:26:f6:b7:3a:e9:
                    66:ad:9a:4c:0f:7e:bb:c7:e0:29:88:b8:78:2f:87:
                    7f:54:54:71:fc:8e:42:3d:ab:8f:b4:cb:31:a3:4f:
                    c6:e4:b3:44:5c:77:2b:18:e8:01:1b:24:55:4d:6c:
                    b0:4c:0b:b9:36:31:f3:a7:59:9e:8f:cb:97:5a:91:
                    1a:54:b6:dc:fd:b4:d0:ab:34:5d:d0:ad:bc:c4:e7:
                    7f:72:95:45:3d:3c:33:27:03:ed:81:0e:8f:2e:e0:
                    22:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:30:27:0C:A8:E6:01:6A:6F:F3:9D:EA:DA:3B:8D:EA:56:BB:A9:28
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:13:10:cb:c8:29:d6:c8:43:11:4e:18:63:7d:30:39:02:9b:
         e4:e8:8a:e7:16:30:ba:74:38:00:c1:81:60:6c:a7:cf:59:18:
         a8:62:94:f8:ce:c1:1a:70:a6:ae:ca:ef:7c:fc:b1:ed:04:f6:
         86:50:a8:27:f2:0a:f9:ce:e2:36:5e:ab:7a:cd:c6:75:d0:48:
         8c:bc:c9:ce:5d:9c:aa:e6:59:06:89:f8:26:47:82:ea:0c:5c:
         73:64:34:dd:a4:b8:a7:2c:7f:63:ab:4e:53:80:b1:9f:d7:ab:
         2b:10:39:db:89:8b:1d:75:26:de:5b:ae:cf:26:b0:3f:84:0f:
         14:8b:14:85:3f:86:2f:e4:9b:80:56:52:23:f4:94:3b:48:98:
         c0:ea:68:ad:7f:38:df:fe:71:33:62:99:3e:81:26:17:af:e0:
         6c:a3:6e:20:ec:89:b5:80:8a:bc:d2:9d:4d:26:74:1f:d4:a5:
         0e:dd:cd:ba:e1:55:88:d8:2d:c7:96:5a:da:a4:bc:23:7f:79:
         ab:22:de:b2:a0:75:d9:85:22:8b:d3:5b:c8:7b:3f:4b:55:63:
         fc:55:81:35:bb:c1:fc:10:f5:61:c4:4e:8e:80:bd:7e:c2:02:
         63:29:cf:0e:34:df:fe:76:de:3f:74:72:e1:35:5f:25:98:52:
         77:da:11:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYKqHer7t2zFfX+tB1reUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjYwMzI2MDkwMTMzWhcNMjYwMzI3MDkwMTMzWjAzMTEwLwYDVQQD
Eyg3ZjMwMjcwY2E4ZTYwMTZhNmZmMzlkZWFkYTNiOGRlYTU2YmJhOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2a7LvX3y+0WyMdcqkZdbm4IGMXU
qtorHl6xAvgo2qD67OnH+m0bYfgYAZKk+hlYJtX9Db9xrRnIbR/Gk37Ltuf+rLDB
tH5PLsDmzxULjVfXdXJQVf8juZGlBFG7rsWoYw/i3s1PQQOl+n4M2YqqA0vb0J/2
DYhe52ZfXjaoYtCY2dcOqh3g4nDOAaprfPNBW+paHgJITqI/gPUxQh4hJva3Oulm
rZpMD367x+ApiLh4L4d/VFRx/I5CPauPtMsxo0/G5LNEXHcrGOgBGyRVTWywTAu5
NjHzp1mej8uXWpEaVLbc/bTQqzRd0K28xOd/cpVFPTwzJwPtgQ6PLuAiPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8wJwyo5gFqb/Od6to7jepWu6koMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkRMQy8gp
1shDEU4YY30wOQKb5OiK5xYwunQ4AMGBYGynz1kYqGKU+M7BGnCmrsrvfPyx7QT2
hlCoJ/IK+c7iNl6res3GddBIjLzJzl2cquZZBon4JkeC6gxcc2Q03aS4pyx/Y6tO
U4Cxn9erKxA524mLHXUm3luuzyawP4QPFIsUhT+GL+SbgFZSI/SUO0iYwOporX84
3/5xM2KZPoEmF6/gbKNuIOyJtYCKvNKdTSZ0H9SlDt3NuuFViNgtx5Za2qS8I395
qyLesqB12YUii9NbyHs/S1Vj/FWBNbvB/BD1YcROjoC9fsICYynPDjTf/nbeP3Ry
4TVfJZhSd9oREw==
-----END CERTIFICATE-----