Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          vmZYjtGtRZIO0c01Y1C+TSb/9ijPycHFSOmvEs0h+SY=
Subject key identifier:   38:BB:43:DF:73:EA:9A:E8:CB:2E:F2:AE:2D:BA:6F:7E:B8:06:0A:94
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       019D2B4F023FCC4799EBD7985C10DABB1798
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          0497
Signing time:             Thu 26 Mar 2026 18:01:31 +0000
Manifest this update:     Thu 26 Mar 2026 18:01:31 +0000
Manifest next update:     Fri 27 Mar 2026 18:01:31 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: 0mpZO79ANkULxEb/epwLMQFS/RJ8xYAQD3PBLcVQrBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 18:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:4f:02:3f:cc:47:99:eb:d7:98:5c:10:da:bb:17:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Mar 26 18:01:31 2026 GMT
            Not After : Mar 27 18:01:31 2026 GMT
        Subject: CN=38bb43df73ea9ae8cb2ef2ae2dba6f7eb8060a94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:55:e4:32:65:6f:e2:c4:0e:48:6b:60:d1:5c:
                    33:43:56:0a:9c:6f:13:37:96:e8:60:75:69:6d:2c:
                    20:c6:0f:c7:88:00:e6:4f:48:d7:6c:4a:b2:0a:61:
                    de:37:41:9c:59:6d:32:1d:9b:c9:80:97:db:42:40:
                    f0:07:d1:bc:25:59:56:5f:91:e6:09:bc:48:8d:e0:
                    e5:96:8e:db:59:09:9e:9e:09:9f:2e:71:c7:ae:a2:
                    54:78:4e:49:b8:de:0f:82:82:89:a8:e2:ef:7e:77:
                    d7:c7:b7:bb:a0:be:04:f8:64:4b:dd:a6:8a:67:be:
                    ea:76:9f:7e:76:08:2c:87:6a:ed:2a:ad:91:bc:cc:
                    93:4d:c4:2e:ae:03:e1:f8:fb:48:d2:01:40:94:a0:
                    e2:8b:8d:23:67:71:d3:ac:fc:d0:f0:55:b9:3f:96:
                    53:2d:58:c5:ba:82:c3:15:08:87:a5:3d:7d:2c:12:
                    05:c0:2c:a7:85:ab:ba:e9:6d:4e:ee:08:97:f9:98:
                    c0:b2:09:77:9d:aa:e2:16:27:81:bd:f6:0d:1e:57:
                    3d:0b:f4:80:f9:3f:65:bc:ac:2a:27:93:6d:3e:76:
                    a7:3f:e3:00:d2:12:b0:e2:a9:a8:c8:16:0d:e9:8e:
                    eb:e0:2c:6b:9b:11:da:70:c7:ee:47:36:67:51:e6:
                    f1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:BB:43:DF:73:EA:9A:E8:CB:2E:F2:AE:2D:BA:6F:7E:B8:06:0A:94
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:76:d7:f0:ef:41:33:41:3c:13:88:49:bd:0a:0c:6d:cb:cb:
         4d:96:1e:65:e4:91:fd:af:66:36:e4:ec:7d:3d:27:5c:21:16:
         5c:8b:a4:37:76:24:79:9a:a9:06:3e:40:1f:e3:ad:a8:da:04:
         68:6b:43:63:ee:87:f5:06:91:50:83:1f:d0:75:8a:23:4e:ec:
         9b:14:b8:3d:f8:cd:6d:c6:46:e3:03:e1:ba:6a:38:a3:34:d8:
         a7:05:fe:09:f7:cf:9c:10:30:92:3f:57:ce:98:22:77:9a:6b:
         d8:85:73:2f:86:93:b0:35:6b:91:5c:88:ba:e1:a5:e2:4d:50:
         47:20:27:2a:49:44:c8:60:57:1b:da:c7:bc:d3:52:b3:cf:8e:
         99:f4:58:63:ea:bc:aa:39:02:11:50:dd:90:b1:85:e0:51:64:
         3f:bd:6c:1a:b7:c3:44:6e:b1:17:76:b2:f5:32:05:8e:db:35:
         13:d2:e6:cc:26:91:c8:47:88:44:ab:f4:d0:2e:5e:cd:87:ff:
         a2:a2:81:ac:45:fc:bc:6d:54:a8:11:bb:c5:e7:6c:b2:22:e9:
         ab:18:ff:0a:3d:0f:e0:4d:45:ee:0c:2c:de:00:dc:b2:2d:ea:
         7f:e8:80:8e:f4:da:b9:8c:05:b7:2f:74:00:4c:7e:7c:cf:a9:
         81:af:d3:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTwI/zEeZ69eYXBDauxeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjYwMzI2MTgwMTMxWhcNMjYwMzI3MTgwMTMxWjAzMTEwLwYDVQQD
EygzOGJiNDNkZjczZWE5YWU4Y2IyZWYyYWUyZGJhNmY3ZWI4MDYwYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVXkMmVv4sQOSGtg0VwzQ1YKnG8T
N5boYHVpbSwgxg/HiADmT0jXbEqyCmHeN0GcWW0yHZvJgJfbQkDwB9G8JVlWX5Hm
CbxIjeDllo7bWQmengmfLnHHrqJUeE5JuN4PgoKJqOLvfnfXx7e7oL4E+GRL3aaK
Z77qdp9+dggsh2rtKq2RvMyTTcQurgPh+PtI0gFAlKDii40jZ3HTrPzQ8FW5P5ZT
LVjFuoLDFQiHpT19LBIFwCynhau66W1O7giX+ZjAsgl3nariFieBvfYNHlc9C/SA
+T9lvKwqJ5NtPnanP+MA0hKw4qmoyBYN6Y7r4CxrmxHacMfuRzZnUebxjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi7Q99z6proyy7yri26b364BgqUMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOHbX8O9B
M0E8E4hJvQoMbcvLTZYeZeSR/a9mNuTsfT0nXCEWXIukN3YkeZqpBj5AH+OtqNoE
aGtDY+6H9QaRUIMf0HWKI07smxS4PfjNbcZG4wPhumo4ozTYpwX+CffPnBAwkj9X
zpgid5pr2IVzL4aTsDVrkVyIuuGl4k1QRyAnKklEyGBXG9rHvNNSs8+OmfRYY+q8
qjkCEVDdkLGF4FFkP71sGrfDRG6xF3ay9TIFjts1E9LmzCaRyEeIRKv00C5ezYf/
oqKBrEX8vG1UqBG7xedssiLpqxj/Cj0P4E1F7gws3gDcsi3qf+iAjvTauYwFty90
AEx+fM+pga/T4Q==
-----END CERTIFICATE-----