Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          n9PWWj6QPP0FrN3tOSMsr/rXy9FCkpLKHhkq+b0gvAA=
Subject key identifier:   90:4A:10:0E:2E:57:F6:20:AF:6A:4E:FD:D0:F9:00:43:26:3A:50:C4
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       019D27DFCBAEABAD4A91C66ECD98EE5DB4D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0CBF
Signing time:             Thu 26 Mar 2026 02:01:11 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:11 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:11 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: OGQPyArcicBR5A0OsazzEfDuE7yS3P+SwtcrBrEEDT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:cb:ae:ab:ad:4a:91:c6:6e:cd:98:ee:5d:b4:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Mar 26 02:01:11 2026 GMT
            Not After : Mar 27 02:01:11 2026 GMT
        Subject: CN=904a100e2e57f620af6a4efdd0f90043263a50c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:3a:5a:ee:f4:6b:cd:0b:77:d4:80:89:e5:2a:
                    a3:8d:d3:e1:f6:2a:3b:d2:f4:6c:9c:f2:ca:44:c3:
                    da:ce:bd:83:b3:54:18:04:c3:ec:1f:51:1e:1d:3f:
                    9f:a8:52:8a:8f:1d:4a:8b:0b:ac:d1:a3:72:08:ed:
                    bc:4b:5f:0c:9d:23:f4:43:21:1c:d9:38:ee:61:4e:
                    eb:1d:d0:7c:80:b6:97:5e:d4:17:92:84:a9:4f:d2:
                    fa:80:2c:78:28:1e:dd:6e:53:4b:ad:35:48:13:22:
                    3b:e2:6c:fe:4b:49:66:0c:05:f7:0b:68:97:e3:6d:
                    8b:51:55:bc:3a:38:30:23:27:e6:5d:53:2e:df:ec:
                    88:79:1e:fd:fb:f8:70:76:9a:7a:c5:4b:e2:20:11:
                    58:b4:17:80:2d:9a:37:eb:8a:a1:ef:a5:10:f8:f9:
                    54:4c:de:b6:e7:85:89:97:2a:dc:9a:98:f8:0b:f0:
                    17:0f:22:5b:0e:b3:a4:bd:1c:92:61:5b:ee:1b:ec:
                    f2:00:ad:e0:f5:4c:3f:5e:c8:46:cc:bb:35:82:29:
                    f0:0a:f4:73:c2:c6:e4:9d:63:25:ab:3f:d8:8d:31:
                    0f:da:50:3d:27:f9:bc:af:d0:b5:28:23:af:a1:e5:
                    af:88:90:b8:93:cd:35:b0:8b:22:96:90:2a:18:c1:
                    5d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:4A:10:0E:2E:57:F6:20:AF:6A:4E:FD:D0:F9:00:43:26:3A:50:C4
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:74:fd:ad:76:f2:2b:f5:51:08:1a:10:a7:c8:9b:62:ca:68:
         fe:bc:2e:7e:6a:2a:fa:1a:66:94:14:e1:e2:04:c7:dd:74:87:
         83:3c:2b:99:64:7b:26:af:9d:91:a0:44:f0:2e:46:05:a7:6a:
         e7:00:da:78:88:60:bc:cb:1d:51:b5:b2:49:e4:a0:1e:0e:67:
         ad:c8:4c:14:fc:40:38:76:d5:65:d9:00:7b:c4:e3:08:98:c8:
         43:16:7b:58:6d:2c:5f:8b:e4:2e:83:56:00:16:04:89:b7:8a:
         21:18:3b:1d:ef:e9:9f:fc:36:9e:eb:c4:25:50:78:da:7a:ee:
         80:c6:9c:d3:19:a9:06:44:e0:07:7b:45:ba:ae:93:93:2a:c1:
         07:6b:d9:29:ba:3a:4c:5b:1c:72:61:b2:f3:11:3b:24:c6:36:
         89:75:3c:60:6e:94:8b:e9:c0:60:56:b0:05:7a:d5:26:87:9d:
         cf:84:48:d5:cc:7b:55:56:83:5d:40:f3:fb:da:bf:38:bc:d0:
         51:de:bb:a7:d7:ef:89:d1:eb:97:86:38:82:7c:79:f5:a6:a5:
         e5:74:b2:83:71:12:13:4f:60:f1:8d:3b:75:92:b6:7e:4a:c7:
         71:f4:a9:18:7b:55:f5:bf:f6:fd:9d:21:88:c2:f8:70:da:6c:
         92:3a:17:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n38uuq61KkcZuzZjuXbTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjYwMzI2MDIwMTExWhcNMjYwMzI3MDIwMTExWjAzMTEwLwYDVQQD
Eyg5MDRhMTAwZTJlNTdmNjIwYWY2YTRlZmRkMGY5MDA0MzI2M2E1MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDpa7vRrzQt31ICJ5SqjjdPh9io7
0vRsnPLKRMPazr2Ds1QYBMPsH1EeHT+fqFKKjx1Kiwus0aNyCO28S18MnSP0QyEc
2TjuYU7rHdB8gLaXXtQXkoSpT9L6gCx4KB7dblNLrTVIEyI74mz+S0lmDAX3C2iX
422LUVW8OjgwIyfmXVMu3+yIeR79+/hwdpp6xUviIBFYtBeALZo364qh76UQ+PlU
TN6254WJlyrcmpj4C/AXDyJbDrOkvRySYVvuG+zyAK3g9Uw/XshGzLs1ginwCvRz
wsbknWMlqz/YjTEP2lA9J/m8r9C1KCOvoeWviJC4k801sIsilpAqGMFdJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBKEA4uV/Ygr2pO/dD5AEMmOlDEMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIHT9rXby
K/VRCBoQp8ibYspo/rwufmoq+hpmlBTh4gTH3XSHgzwrmWR7Jq+dkaBE8C5GBadq
5wDaeIhgvMsdUbWySeSgHg5nrchMFPxAOHbVZdkAe8TjCJjIQxZ7WG0sX4vkLoNW
ABYEibeKIRg7He/pn/w2nuvEJVB42nrugMac0xmpBkTgB3tFuq6TkyrBB2vZKbo6
TFsccmGy8xE7JMY2iXU8YG6Ui+nAYFawBXrVJoedz4RI1cx7VVaDXUDz+9q/OLzQ
Ud67p9fvidHrl4Y4gnx59aal5XSyg3ESE09g8Y07dZK2fkrHcfSpGHtV9b/2/Z0h
iML4cNpskjoX0g==
-----END CERTIFICATE-----