Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
File:                     ZQXsmbwMbKl7--a9UkTeywKGbis.mft (raw, json)
Hash identifier:          qnmYDFP+dvNAxfN6fRtOv8w13R+e0ZeKLr3k9kCGGz0=
Subject key identifier:   78:76:BA:14:5B:B1:9B:44:AD:1A:74:E6:00:75:7F:D0:E5:26:C1:98
Authority key identifier: 65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B
Certificate issuer:       /CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
Certificate serial:       019DA4541D2A14727471DCA1CFEDCE71EF3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
Manifest number:          0DBB
Signing time:             Sun 19 Apr 2026 06:01:09 +0000
Manifest this update:     Sun 19 Apr 2026 06:01:09 +0000
Manifest next update:     Mon 20 Apr 2026 06:01:09 +0000
Files and hashes:         1: ZQXsmbwMbKl7--a9UkTeywKGbis.crl (hash: cfJOWnEllwzVidipVGQfmyROlRNAL3v3n5Tkpg4xf5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:54:1d:2a:14:72:74:71:dc:a1:cf:ed:ce:71:ef:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
        Validity
            Not Before: Apr 19 06:01:09 2026 GMT
            Not After : Apr 20 06:01:09 2026 GMT
        Subject: CN=7876ba145bb19b44ad1a74e600757fd0e526c198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6b:af:2f:2c:e5:65:13:c6:3d:cd:dc:04:32:
                    d5:45:af:b8:03:0a:43:a5:9b:91:51:e4:53:eb:e9:
                    35:aa:6b:c4:d4:06:88:d2:f3:c9:df:e0:47:a8:35:
                    da:75:43:33:3c:04:1f:a9:f9:4f:da:c2:98:85:6b:
                    a7:53:ee:5d:fa:3c:c1:ad:ed:66:4b:d8:59:51:73:
                    32:9b:b5:c2:7f:53:7b:81:32:b9:ce:5d:69:b6:74:
                    e2:6b:a6:5a:34:2b:4c:9c:b6:c8:9e:02:97:17:0d:
                    6c:5f:43:f7:87:00:29:20:27:8c:89:23:06:54:12:
                    43:65:fd:96:55:92:61:c4:21:5e:45:10:bd:64:b5:
                    04:20:c7:bd:40:65:76:60:74:eb:10:dd:82:d0:d7:
                    1d:1b:87:81:95:61:0b:85:44:8f:30:fc:f4:b4:b7:
                    86:e9:5f:5d:ab:49:a5:b5:39:85:75:46:95:6a:f4:
                    c8:4e:5b:3d:3d:fb:d9:b7:e8:aa:bf:60:a8:92:a2:
                    96:13:8c:11:b3:82:ea:08:92:b7:ca:7b:44:60:18:
                    16:1f:cb:b0:fe:98:97:4b:a7:a0:24:b2:2e:eb:be:
                    34:07:c7:9f:47:b5:e4:c1:7a:85:2b:a6:7b:48:69:
                    49:61:0a:ca:b1:ea:4d:03:82:3e:8b:80:92:69:ca:
                    46:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:76:BA:14:5B:B1:9B:44:AD:1A:74:E6:00:75:7F:D0:E5:26:C1:98
            X509v3 Authority Key Identifier:
                keyid:65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:8d:58:1c:e2:4e:12:5c:58:1c:ca:0e:10:cb:94:70:c9:22:
         0f:43:a5:41:10:3d:5d:c7:7d:0a:41:33:6c:46:9a:94:2a:72:
         8d:30:7d:59:03:50:99:c1:f9:31:ef:e6:82:bb:52:33:67:0f:
         c1:70:13:11:6d:5c:10:b4:e9:bc:c2:d9:9f:b6:a4:7a:bf:11:
         d8:2c:ee:a2:1f:3c:13:e3:3f:b4:69:09:21:d2:fb:40:90:aa:
         30:d6:94:f1:e0:ae:c5:94:7c:14:d5:f4:4b:e7:81:46:6d:8e:
         04:81:61:53:18:e2:0a:a3:76:37:85:71:4f:45:03:53:40:d9:
         a3:e1:e0:fe:bf:f9:fc:db:2b:d4:60:e4:d1:b0:13:54:68:35:
         94:93:44:09:c0:05:8a:8e:1a:b0:cd:a5:8e:20:f3:e3:c7:d0:
         fe:4f:9e:92:86:68:93:aa:5b:2f:c6:15:22:8d:87:46:a7:5f:
         22:7a:6b:12:6d:70:38:f1:b9:d9:85:97:68:cd:13:03:01:60:
         e8:a4:e5:c5:f7:3b:3c:0a:5c:41:3b:da:b8:f3:50:ad:b4:b7:
         7e:36:ff:ba:4c:9d:9f:95:2b:1c:27:1d:33:7d:17:82:6e:bb:
         0f:08:e2:9f:a0:05:e1:0d:47:56:f4:18:9f:36:a0:a9:98:20:
         ec:c4:48:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kVB0qFHJ0cdyhz+3Oce86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDVlYzk5YmMwYzZjYTk3YmZiZTZiZDUyNDRkZWNiMDI4
NjZlMmIwHhcNMjYwNDE5MDYwMTA5WhcNMjYwNDIwMDYwMTA5WjAzMTEwLwYDVQQD
Eyg3ODc2YmExNDViYjE5YjQ0YWQxYTc0ZTYwMDc1N2ZkMGU1MjZjMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmuvLyzlZRPGPc3cBDLVRa+4AwpD
pZuRUeRT6+k1qmvE1AaI0vPJ3+BHqDXadUMzPAQfqflP2sKYhWunU+5d+jzBre1m
S9hZUXMym7XCf1N7gTK5zl1ptnTia6ZaNCtMnLbIngKXFw1sX0P3hwApICeMiSMG
VBJDZf2WVZJhxCFeRRC9ZLUEIMe9QGV2YHTrEN2C0NcdG4eBlWELhUSPMPz0tLeG
6V9dq0mltTmFdUaVavTITls9PfvZt+iqv2CokqKWE4wRs4LqCJK3yntEYBgWH8uw
/piXS6egJLIu6740B8efR7XkwXqFK6Z7SGlJYQrKsepNA4I+i4CSacpG8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHh2uhRbsZtErRp05gB1f9DlJsGYMB8GA1UdIwQY
MBaAFGUF7Jm8DGype/vmvVJE3ssChm4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEt
ZmRhNWRkNTkwZjE2LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEtZmRhNWRkNTkwZjE2
LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVI1YHOJO
ElxYHMoOEMuUcMkiD0OlQRA9Xcd9CkEzbEaalCpyjTB9WQNQmcH5Me/mgrtSM2cP
wXATEW1cELTpvMLZn7aker8R2Czuoh88E+M/tGkJIdL7QJCqMNaU8eCuxZR8FNX0
S+eBRm2OBIFhUxjiCqN2N4VxT0UDU0DZo+Hg/r/5/Nsr1GDk0bATVGg1lJNECcAF
io4asM2ljiDz48fQ/k+ekoZok6pbL8YVIo2HRqdfInprEm1wOPG52YWXaM0TAwFg
6KTlxfc7PApcQTvauPNQrbS3fjb/ukydn5UrHCcdM30Xgm67Dwjin6AF4Q1HVvQY
nzagqZgg7MRIqw==
-----END CERTIFICATE-----