Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          YANv4OB3xrj4Aro+yqNxIdhSZiPu7j62eHyi03fRASU=
Subject key identifier:   28:BD:BB:47:CC:1D:45:78:D1:A3:5E:FD:E4:C3:F1:FA:92:F2:C9:40
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019D9AE27BA2D9C64317E3566CA03BC12DC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0FA3
Signing time:             Fri 17 Apr 2026 10:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:27 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: QjXoIx/gtlfJc7U3xnmD+89PK3caMVH+1TlC8RrpleI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:7b:a2:d9:c6:43:17:e3:56:6c:a0:3b:c1:2d:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Apr 17 10:00:27 2026 GMT
            Not After : Apr 18 10:00:27 2026 GMT
        Subject: CN=28bdbb47cc1d4578d1a35efde4c3f1fa92f2c940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a8:7e:2e:e3:03:28:3f:a6:5c:85:41:30:db:
                    a7:f8:9e:5d:5a:15:1a:86:36:bd:68:6c:92:cb:e1:
                    72:ba:dc:c6:b9:a8:17:d6:d9:dd:68:2f:4a:5d:12:
                    03:c6:6c:df:28:01:dd:b9:63:e9:15:f4:60:55:95:
                    7a:b4:c6:cc:25:78:23:f8:67:db:0b:2d:5b:ad:18:
                    3a:a1:5c:d4:1c:4d:0d:2e:55:f7:47:e4:bf:c0:93:
                    92:84:06:e6:5f:24:88:5a:f3:52:95:e8:e5:b1:8f:
                    ac:ca:54:9b:c6:f7:2d:fa:28:34:c8:86:2c:14:9b:
                    62:99:89:4d:89:ee:53:88:06:4b:60:b8:07:13:5b:
                    7f:a8:13:4e:26:7c:3c:cf:f2:ab:3f:b4:43:20:f5:
                    ed:30:aa:c2:f1:34:bf:36:76:6a:2f:94:e7:28:12:
                    7e:e5:8b:8b:c8:d1:47:a3:e9:74:04:48:fd:52:ea:
                    b0:c7:84:c7:17:be:fe:2c:f7:00:a6:52:66:03:0b:
                    0a:64:82:43:08:92:5d:9b:0a:19:28:b1:b7:ad:e7:
                    6e:47:65:98:08:8f:d7:b8:7c:1e:73:56:a5:04:4e:
                    1e:a1:b7:b2:6b:f5:62:cf:a6:65:3e:e7:84:95:0e:
                    55:f0:6a:f7:b0:ac:92:e7:ac:ef:80:9e:53:df:dd:
                    55:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:BD:BB:47:CC:1D:45:78:D1:A3:5E:FD:E4:C3:F1:FA:92:F2:C9:40
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:e4:fa:1c:1e:55:a8:2f:11:70:9a:b4:a0:e8:ca:13:0d:2a:
         3a:95:a2:10:34:19:3d:2a:f6:46:38:94:a0:45:84:2d:e1:28:
         39:b1:87:c8:07:f9:0c:d1:c8:91:38:27:56:4a:20:5b:34:71:
         6b:0b:c7:0f:09:94:2a:1c:09:6e:ac:d7:08:8d:72:15:62:4e:
         dd:af:01:1c:3c:a8:1c:35:cc:65:b5:27:63:34:0d:bd:f7:92:
         a5:94:a1:7d:09:5f:db:af:72:b1:d6:71:ff:6f:eb:5b:5f:9a:
         63:52:68:fb:5a:7b:a1:83:e9:47:13:35:48:be:93:76:c2:98:
         e0:f4:a8:b8:b6:d1:90:70:f3:6a:f8:af:50:8d:62:bf:11:81:
         e9:1d:3a:d4:b0:20:67:8e:82:ba:1c:47:69:41:7a:ec:99:8f:
         cc:f9:5e:0d:6e:76:a8:5e:d4:e3:3a:e6:df:71:65:db:43:80:
         77:89:96:b7:d3:e5:d3:21:64:0a:c2:be:e8:d6:b8:91:6c:6a:
         68:cf:12:59:8e:1c:ac:46:75:3c:ec:02:a5:9f:4f:0b:a1:75:
         95:1e:20:b9:e1:76:09:c5:91:4c:b1:f1:57:16:cc:67:cd:44:
         5d:18:cf:8f:b9:05:4c:ec:89:6c:4f:cf:a9:76:fe:30:94:54:
         13:ad:ca:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4nui2cZDF+NWbKA7wS3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwNDE3MTAwMDI3WhcNMjYwNDE4MTAwMDI3WjAzMTEwLwYDVQQD
EygyOGJkYmI0N2NjMWQ0NTc4ZDFhMzVlZmRlNGMzZjFmYTkyZjJjOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6h+LuMDKD+mXIVBMNun+J5dWhUa
hja9aGySy+FyutzGuagX1tndaC9KXRIDxmzfKAHduWPpFfRgVZV6tMbMJXgj+Gfb
Cy1brRg6oVzUHE0NLlX3R+S/wJOShAbmXySIWvNSlejlsY+sylSbxvct+ig0yIYs
FJtimYlNie5TiAZLYLgHE1t/qBNOJnw8z/KrP7RDIPXtMKrC8TS/NnZqL5TnKBJ+
5YuLyNFHo+l0BEj9Uuqwx4THF77+LPcAplJmAwsKZIJDCJJdmwoZKLG3reduR2WY
CI/XuHwec1alBE4eobeya/Viz6ZlPueElQ5V8Gr3sKyS56zvgJ5T391V0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCi9u0fMHUV40aNe/eTD8fqS8slAMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZuT6HB5V
qC8RcJq0oOjKEw0qOpWiEDQZPSr2RjiUoEWELeEoObGHyAf5DNHIkTgnVkogWzRx
awvHDwmUKhwJbqzXCI1yFWJO3a8BHDyoHDXMZbUnYzQNvfeSpZShfQlf269ysdZx
/2/rW1+aY1Jo+1p7oYPpRxM1SL6TdsKY4PSouLbRkHDzavivUI1ivxGB6R061LAg
Z46CuhxHaUF67JmPzPleDW52qF7U4zrm33Fl20OAd4mWt9Pl0yFkCsK+6Na4kWxq
aM8SWY4crEZ1POwCpZ9PC6F1lR4gueF2CcWRTLHxVxbMZ81EXRjPj7kFTOyJbE/P
qXb+MJRUE63KsQ==
-----END CERTIFICATE-----