Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          tvQ1zPmc4Fz9AZHdWCzxU4eOYjy4+h2EFQsBm45eM1A=
Subject key identifier:   38:5A:B5:61:9C:A1:48:0E:15:76:7E:DC:E3:7C:CE:8D:9D:20:92:7D
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019CAB6B410497251975B67C6248AC743C54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0F27
Signing time:             Sun 01 Mar 2026 22:00:58 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:58 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:58 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: B4Pgz+ckMn71PwphSgBZo37OGP4wDi0wCk2QBgAF1/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:41:04:97:25:19:75:b6:7c:62:48:ac:74:3c:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Mar  1 22:00:58 2026 GMT
            Not After : Mar  2 22:00:58 2026 GMT
        Subject: CN=385ab5619ca1480e15767edce37cce8d9d20927d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:77:6b:73:cc:b9:2f:6c:d7:b0:d7:12:ae:4f:
                    a9:62:7c:2c:b8:e1:32:6a:a8:11:17:94:f4:c8:4a:
                    68:49:86:5f:88:05:ef:06:e4:8b:33:72:a5:01:4d:
                    4f:22:f8:7b:79:26:1a:26:3e:d2:dc:c0:1c:53:97:
                    2e:21:8f:a3:d8:23:0a:20:e7:c3:fc:4b:f9:04:b6:
                    47:49:61:1b:aa:1e:f3:4c:b8:3b:72:72:08:0b:6b:
                    c7:be:80:ff:6a:7b:76:83:1c:d9:82:20:9c:17:28:
                    7c:3a:de:cf:34:06:a3:b0:83:82:1c:ad:b6:fa:bb:
                    23:a6:c4:50:91:a2:93:f6:cb:06:fd:98:39:12:27:
                    e1:6c:6e:85:6c:26:d7:b5:38:06:39:ab:c8:ef:2f:
                    b2:e9:63:8c:72:33:ac:57:a9:d0:bd:c2:fd:35:25:
                    7d:de:8d:d3:27:45:27:15:14:cb:47:d8:7b:71:5c:
                    3f:e5:ac:59:49:85:b6:9e:bf:ed:31:01:71:bd:56:
                    54:37:e0:1e:7d:7a:37:f8:96:ff:47:88:c2:71:80:
                    c9:fc:b1:39:e3:bb:97:26:5f:74:b7:39:48:6e:74:
                    fc:af:82:5e:7b:ac:ee:76:55:95:9e:5c:e1:7e:03:
                    57:9a:5e:b0:2b:5e:7e:09:a2:ed:69:38:8a:ef:95:
                    08:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:5A:B5:61:9C:A1:48:0E:15:76:7E:DC:E3:7C:CE:8D:9D:20:92:7D
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:36:f2:69:f1:3f:72:1f:7e:2c:fb:3c:63:44:cf:07:2d:25:
         18:84:53:a0:70:75:f4:05:af:e7:40:df:40:21:a1:38:6e:71:
         23:0b:e6:9c:0a:bf:1f:aa:28:9d:02:12:e9:8c:f8:29:60:fe:
         6d:d5:49:23:f7:bc:41:89:e1:93:d0:a0:f7:5a:34:fa:a8:46:
         1f:9d:cb:03:97:63:b4:e9:8b:3a:35:34:e9:32:27:57:2a:8e:
         49:a8:20:35:01:3e:a7:d6:25:a9:5f:f8:42:1a:3e:0a:35:a0:
         40:55:42:c4:80:87:c6:15:f0:5d:c4:da:07:91:91:b2:52:b3:
         d0:c3:8a:c2:77:7f:2c:b2:50:02:05:76:82:56:2d:49:94:0c:
         bb:e3:c8:05:40:f5:a2:9c:b2:50:d9:14:e3:a1:ef:38:6e:31:
         34:93:b4:9e:64:d3:20:f8:1e:1d:e5:01:82:42:c3:89:eb:ad:
         5e:78:fd:c3:cb:b0:2f:1a:7b:bf:11:59:b0:39:4d:ad:10:6c:
         15:b9:06:93:35:95:52:9b:4b:48:be:c1:26:33:cc:22:f6:a0:
         a3:1e:bc:97:38:1d:36:a7:b8:f0:b2:d1:21:84:e0:b9:a3:e5:
         f3:40:d0:38:d1:67:01:fd:76:a4:67:8f:5c:c9:ee:ee:b4:3e:
         b3:b2:4e:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0EElyUZdbZ8YkisdDxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwMzAxMjIwMDU4WhcNMjYwMzAyMjIwMDU4WjAzMTEwLwYDVQQD
EygzODVhYjU2MTljYTE0ODBlMTU3NjdlZGNlMzdjY2U4ZDlkMjA5MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwndrc8y5L2zXsNcSrk+pYnwsuOEy
aqgRF5T0yEpoSYZfiAXvBuSLM3KlAU1PIvh7eSYaJj7S3MAcU5cuIY+j2CMKIOfD
/Ev5BLZHSWEbqh7zTLg7cnIIC2vHvoD/ant2gxzZgiCcFyh8Ot7PNAajsIOCHK22
+rsjpsRQkaKT9ssG/Zg5EifhbG6FbCbXtTgGOavI7y+y6WOMcjOsV6nQvcL9NSV9
3o3TJ0UnFRTLR9h7cVw/5axZSYW2nr/tMQFxvVZUN+AefXo3+Jb/R4jCcYDJ/LE5
47uXJl90tzlIbnT8r4Jee6zudlWVnlzhfgNXml6wK15+CaLtaTiK75UIOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhatWGcoUgOFXZ+3ON8zo2dIJJ9MB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARjbyafE/
ch9+LPs8Y0TPBy0lGIRToHB19AWv50DfQCGhOG5xIwvmnAq/H6oonQIS6Yz4KWD+
bdVJI/e8QYnhk9Cg91o0+qhGH53LA5djtOmLOjU06TInVyqOSaggNQE+p9YlqV/4
Qho+CjWgQFVCxICHxhXwXcTaB5GRslKz0MOKwnd/LLJQAgV2glYtSZQMu+PIBUD1
opyyUNkU46HvOG4xNJO0nmTTIPgeHeUBgkLDieutXnj9w8uwLxp7vxFZsDlNrRBs
FbkGkzWVUptLSL7BJjPMIvagox68lzgdNqe48LLRIYTguaPl80DQONFnAf12pGeP
XMnu7rQ+s7JObg==
-----END CERTIFICATE-----