Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft
File:                     _ZTgRMvlw1KV-rxEWALakFgTtzI.mft (raw, json)
Hash identifier:          pEzvKrd2ClMDqguJXDPHa7WfVC+O4yDIcmUjdCdc9hE=
Subject key identifier:   EF:67:76:7B:76:1C:EE:8C:7B:E0:05:7B:C3:DC:2A:FE:EA:30:87:7F
Authority key identifier: FD:94:E0:44:CB:E5:C3:52:95:FA:BC:44:58:02:DA:90:58:13:B7:32
Certificate issuer:       /CN=fd94e044cbe5c35295fabc445802da905813b732
Certificate serial:       019D25BA551D2F6B22425517978E4DDCA6FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ZTgRMvlw1KV-rxEWALakFgTtzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft
Manifest number:          04E3
Signing time:             Wed 25 Mar 2026 16:01:01 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:01 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:01 +0000
Files and hashes:         1: _ZTgRMvlw1KV-rxEWALakFgTtzI.crl (hash: JqExg+qHSjTQpCLMAi4s6jKvrNtFi6Ut2WmTvkz4oBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ZTgRMvlw1KV-rxEWALakFgTtzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:55:1d:2f:6b:22:42:55:17:97:8e:4d:dc:a6:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd94e044cbe5c35295fabc445802da905813b732
        Validity
            Not Before: Mar 25 16:01:01 2026 GMT
            Not After : Mar 26 16:01:01 2026 GMT
        Subject: CN=ef67767b761cee8c7be0057bc3dc2afeea30877f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:72:61:20:a5:45:39:f8:ef:f3:ff:76:d6:dd:
                    16:09:cb:90:c1:85:79:54:32:01:ec:3d:d3:66:8e:
                    4a:90:a2:d0:e9:50:92:a4:ca:49:c1:97:fd:a0:36:
                    50:51:12:0e:b0:45:f6:9e:6d:d9:62:76:45:24:a5:
                    be:28:ee:dd:78:85:47:09:b7:97:c5:5f:d5:cd:0a:
                    e1:12:62:9c:00:9c:6d:d8:28:49:50:9e:5d:3b:4b:
                    7f:6d:0d:e8:7d:2b:f4:3d:f7:c7:86:25:06:1f:f5:
                    e7:84:3a:35:f9:d7:dc:06:6f:23:f2:29:b8:ed:c5:
                    25:8f:72:9c:9d:13:49:c3:0f:8d:8c:98:83:26:98:
                    95:41:06:80:1e:bd:2c:76:f8:82:80:e4:8f:43:38:
                    eb:23:5b:8b:28:3d:f9:95:04:de:0a:7e:67:cc:71:
                    be:bd:96:cc:a3:a9:f0:4b:7e:b7:19:59:ad:b3:60:
                    1f:56:02:92:ae:d0:1f:fe:41:e0:23:c6:40:8f:3e:
                    25:da:4f:56:f1:bc:01:21:70:02:1e:c2:e3:78:88:
                    c0:65:2e:3a:c3:4f:5f:bf:d8:01:7a:0f:4f:74:cc:
                    52:d9:04:7c:55:e2:65:ea:9e:e5:1d:8d:b3:0f:4b:
                    34:e8:48:9a:fa:cd:af:c5:92:fb:3d:3f:73:66:bd:
                    c1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:67:76:7B:76:1C:EE:8C:7B:E0:05:7B:C3:DC:2A:FE:EA:30:87:7F
            X509v3 Authority Key Identifier:
                keyid:FD:94:E0:44:CB:E5:C3:52:95:FA:BC:44:58:02:DA:90:58:13:B7:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ZTgRMvlw1KV-rxEWALakFgTtzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9602a9-74b6-4992-b71d-bab247fe7d7c/1/_ZTgRMvlw1KV-rxEWALakFgTtzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:6b:b4:2a:23:1f:da:1c:d9:47:b6:95:00:7d:f0:61:d5:af:
         50:14:f5:25:28:df:50:83:66:44:b7:1f:06:97:73:b7:fe:0c:
         60:77:63:79:03:63:26:0f:06:df:a5:bc:dd:1e:c1:7f:09:6f:
         88:99:10:9c:40:1e:64:3c:d6:2d:1d:7e:95:ec:dc:0d:9d:dc:
         32:44:93:36:e3:d8:39:eb:0f:33:e9:b5:61:c6:c2:64:76:4d:
         84:38:70:d1:ec:6b:3e:f2:c6:b4:e8:b5:7f:28:1e:7e:89:4f:
         8d:f3:ae:c9:64:e5:52:59:28:cb:80:e5:b6:7d:c2:d3:f6:0e:
         61:f0:36:6f:d8:db:b7:0c:03:d9:25:c8:b1:d1:8b:a4:75:58:
         26:ad:2f:de:aa:f7:24:cd:f4:b0:9c:47:42:11:64:d1:6a:5b:
         36:24:26:8a:2e:3a:78:ad:a8:3d:0e:17:fb:0c:f8:27:f9:c8:
         fc:b7:33:87:7a:ca:38:4f:9b:d6:4f:42:b0:89:c7:13:0c:2b:
         22:b4:c7:be:82:a1:06:be:02:97:7b:35:87:78:16:e9:dd:b7:
         4b:a3:dc:54:53:5a:45:c6:98:44:d9:83:ab:a3:32:90:33:61:
         48:b5:50:98:6b:39:f6:65:d3:1f:84:64:4b:34:db:50:a4:37:
         30:a2:b3:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lulUdL2siQlUXl45N3Kb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOTRlMDQ0Y2JlNWMzNTI5NWZhYmM0NDU4MDJkYTkwNTgx
M2I3MzIwHhcNMjYwMzI1MTYwMTAxWhcNMjYwMzI2MTYwMTAxWjAzMTEwLwYDVQQD
EyhlZjY3NzY3Yjc2MWNlZThjN2JlMDA1N2JjM2RjMmFmZWVhMzA4NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXJhIKVFOfjv8/921t0WCcuQwYV5
VDIB7D3TZo5KkKLQ6VCSpMpJwZf9oDZQURIOsEX2nm3ZYnZFJKW+KO7deIVHCbeX
xV/VzQrhEmKcAJxt2ChJUJ5dO0t/bQ3ofSv0PffHhiUGH/XnhDo1+dfcBm8j8im4
7cUlj3KcnRNJww+NjJiDJpiVQQaAHr0sdviCgOSPQzjrI1uLKD35lQTeCn5nzHG+
vZbMo6nwS363GVmts2AfVgKSrtAf/kHgI8ZAjz4l2k9W8bwBIXACHsLjeIjAZS46
w09fv9gBeg9PdMxS2QR8VeJl6p7lHY2zD0s06Eia+s2vxZL7PT9zZr3BDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9ndnt2HO6Me+AFe8PcKv7qMId/MB8GA1UdIwQY
MBaAFP2U4ETL5cNSlfq8RFgC2pBYE7cyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1pUZ1JNdmx3MUtWLXJ4RVdBTGFrRmdUdHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85NjAyYTktNzRiNi00OTkyLWI3MWQt
YmFiMjQ3ZmU3ZDdjLzEvX1pUZ1JNdmx3MUtWLXJ4RVdBTGFrRmdUdHpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85NjAyYTktNzRiNi00OTkyLWI3MWQtYmFiMjQ3ZmU3ZDdj
LzEvX1pUZ1JNdmx3MUtWLXJ4RVdBTGFrRmdUdHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2u0KiMf
2hzZR7aVAH3wYdWvUBT1JSjfUINmRLcfBpdzt/4MYHdjeQNjJg8G36W83R7Bfwlv
iJkQnEAeZDzWLR1+lezcDZ3cMkSTNuPYOesPM+m1YcbCZHZNhDhw0exrPvLGtOi1
fygefolPjfOuyWTlUlkoy4Dltn3C0/YOYfA2b9jbtwwD2SXIsdGLpHVYJq0v3qr3
JM30sJxHQhFk0WpbNiQmii46eK2oPQ4X+wz4J/nI/Lczh3rKOE+b1k9CsInHEwwr
IrTHvoKhBr4Cl3s1h3gW6d23S6PcVFNaRcaYRNmDq6MykDNhSLVQmGs59mXTH4Rk
SzTbUKQ3MKKz5A==
-----END CERTIFICATE-----