Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          Tx0rXYbG7VxCoMzywKnC7trsbj00poU2t/M00sQ0yCk=
Subject key identifier:   66:03:2E:6C:D2:F4:F7:70:82:C5:62:62:5C:25:2F:C9:20:F9:53:AA
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       019D99627E6B76849BD82BF265ED3EF16A87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0CE5
Signing time:             Fri 17 Apr 2026 03:01:01 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:01 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:01 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: JKRpOUTySNk/kBzQGKwCVW4CGhioOVV1D7wAUfkWtTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:7e:6b:76:84:9b:d8:2b:f2:65:ed:3e:f1:6a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Apr 17 03:01:01 2026 GMT
            Not After : Apr 18 03:01:01 2026 GMT
        Subject: CN=66032e6cd2f4f77082c562625c252fc920f953aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:6b:a0:1f:fa:64:f4:f4:2e:0b:df:8c:37:b2:
                    8a:b9:64:01:35:e2:dd:4c:be:75:03:ea:33:c9:4a:
                    d7:91:79:27:1b:ca:81:46:9e:92:c3:f8:fc:06:4b:
                    d7:49:11:30:9f:f7:64:ee:a1:ff:89:a0:55:ff:83:
                    84:8b:fe:38:c5:f2:fe:62:e8:e7:ed:76:66:06:e5:
                    d2:56:11:6e:ab:d6:1e:e8:72:45:ce:8b:74:7b:e2:
                    17:9a:8b:c3:83:fc:67:a4:b7:39:2d:50:62:41:cc:
                    15:32:ca:0d:49:28:41:28:de:11:c5:63:4f:a1:48:
                    16:7a:91:b3:94:13:1a:0c:4b:08:f4:27:f1:7f:42:
                    46:c7:3c:fb:62:54:e5:9d:d6:64:cb:f3:40:1a:59:
                    29:23:0d:e6:d4:a5:23:cd:3c:3a:27:94:e5:55:1b:
                    04:dd:e3:94:6d:08:25:de:9d:43:de:45:13:87:14:
                    81:e9:6e:81:49:ad:de:66:db:37:b5:03:c0:63:eb:
                    75:9c:03:0c:d5:b1:06:10:82:46:00:2b:fc:88:d2:
                    f0:c8:a5:76:83:e0:31:f4:be:bc:00:fa:f2:e3:ac:
                    90:a5:14:a2:ab:69:87:d0:45:85:70:3b:c3:e9:40:
                    af:60:0d:c7:ae:c1:15:24:aa:55:33:3c:14:b4:d7:
                    f2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:03:2E:6C:D2:F4:F7:70:82:C5:62:62:5C:25:2F:C9:20:F9:53:AA
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:58:d1:78:13:78:31:02:c8:34:bf:e7:bc:c5:3d:01:4e:02:
         a6:ca:23:6f:39:9a:14:7c:70:e5:85:ef:23:3a:d0:a7:26:06:
         df:ff:ee:5e:67:72:ab:24:83:24:25:25:c3:51:63:c3:ef:18:
         36:ec:c2:98:6f:45:4c:21:a5:76:bb:37:b3:c7:d1:96:dd:6d:
         60:a3:08:d0:bb:3e:80:61:2a:4f:5d:3c:47:ac:53:ca:e9:ff:
         91:44:be:36:10:38:04:d0:fd:bf:ad:2b:1a:32:86:87:93:72:
         ea:86:7c:4b:c7:50:25:a8:0c:2d:90:b3:86:74:a1:bc:24:ad:
         0c:b2:38:b7:1b:79:d6:1b:3d:5d:88:48:77:9c:a8:19:e3:7d:
         f8:20:20:e7:d2:b1:d2:35:40:a3:bb:19:14:de:21:39:11:d8:
         40:08:24:1c:bf:d9:8b:7c:1b:79:9f:34:68:7a:3a:dd:ac:34:
         fd:61:23:3c:07:de:a3:1d:93:f8:4a:19:f1:6c:fe:f8:7f:5d:
         c3:9b:68:2b:b7:1a:1e:33:78:89:64:ba:e4:8b:09:ac:36:80:
         9f:04:f6:91:c3:36:92:8a:67:5e:9d:b0:39:d9:61:9c:24:68:
         1a:4a:bd:8a:6b:3f:f0:2c:32:a3:1e:61:d0:b5:4a:cb:fe:18:
         0f:b1:ad:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYn5rdoSb2CvyZe0+8WqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjYwNDE3MDMwMTAxWhcNMjYwNDE4MDMwMTAxWjAzMTEwLwYDVQQD
Eyg2NjAzMmU2Y2QyZjRmNzcwODJjNTYyNjI1YzI1MmZjOTIwZjk1M2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2ugH/pk9PQuC9+MN7KKuWQBNeLd
TL51A+ozyUrXkXknG8qBRp6Sw/j8BkvXSREwn/dk7qH/iaBV/4OEi/44xfL+Yujn
7XZmBuXSVhFuq9Ye6HJFzot0e+IXmovDg/xnpLc5LVBiQcwVMsoNSShBKN4RxWNP
oUgWepGzlBMaDEsI9Cfxf0JGxzz7YlTlndZky/NAGlkpIw3m1KUjzTw6J5TlVRsE
3eOUbQgl3p1D3kUThxSB6W6BSa3eZts3tQPAY+t1nAMM1bEGEIJGACv8iNLwyKV2
g+Ax9L68APry46yQpRSiq2mH0EWFcDvD6UCvYA3HrsEVJKpVMzwUtNfy8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYDLmzS9PdwgsViYlwlL8kg+VOqMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoljReBN4
MQLINL/nvMU9AU4CpsojbzmaFHxw5YXvIzrQpyYG3//uXmdyqySDJCUlw1Fjw+8Y
NuzCmG9FTCGldrs3s8fRlt1tYKMI0Ls+gGEqT108R6xTyun/kUS+NhA4BND9v60r
GjKGh5Ny6oZ8S8dQJagMLZCzhnShvCStDLI4txt51hs9XYhId5yoGeN9+CAg59Kx
0jVAo7sZFN4hORHYQAgkHL/Zi3wbeZ80aHo63aw0/WEjPAfeox2T+EoZ8Wz++H9d
w5toK7caHjN4iWS65IsJrDaAnwT2kcM2kopnXp2wOdlhnCRoGkq9ims/8Cwyox5h
0LVKy/4YD7GtTg==
-----END CERTIFICATE-----