Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          TO9G3Ks8/ROvLi/KWYao+7hHy/jPJV5k4h+/bYHgMyc=
Subject key identifier:   57:DA:01:08:6C:F3:0E:DC:10:23:D1:34:17:51:D9:F5:EF:98:84:99
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       019CABD9877F3B35304EF30D2FC8749AF091
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0C6A
Signing time:             Mon 02 Mar 2026 00:01:25 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:25 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:25 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: Qk66EKkzL3dt1XdNJnewUwalJzLu3aQa5xZOgK0in5E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:87:7f:3b:35:30:4e:f3:0d:2f:c8:74:9a:f0:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Mar  2 00:01:25 2026 GMT
            Not After : Mar  3 00:01:25 2026 GMT
        Subject: CN=57da01086cf30edc1023d1341751d9f5ef988499
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0b:86:e3:32:69:76:dd:80:bf:05:fc:89:29:
                    72:20:2c:11:42:d6:6b:02:2d:d1:16:67:b2:0e:d2:
                    a8:a4:99:0f:54:ec:75:be:01:fb:a3:ef:b4:95:85:
                    d7:78:45:44:82:59:47:35:c0:61:ae:64:d8:3e:50:
                    d9:58:06:90:59:ab:7d:8f:6d:aa:5a:88:4d:0e:33:
                    ba:a5:c9:ab:de:02:89:42:91:1d:36:b9:b7:7e:06:
                    f4:43:79:e5:8b:5d:41:35:1c:c2:95:f8:9b:1e:00:
                    fd:4e:10:f0:2a:82:c3:3e:45:5f:e1:b3:49:17:95:
                    96:fa:49:c3:28:31:92:cf:92:85:18:04:4d:b2:e6:
                    b5:04:d3:44:e5:0a:fc:ff:0e:c6:55:29:98:c2:f4:
                    23:de:8d:eb:b1:6b:a0:44:8f:9e:e4:f8:ed:a6:54:
                    16:53:6d:67:cc:20:63:a6:86:27:83:f2:5b:36:bb:
                    a6:cd:36:96:e8:be:c6:2f:5f:70:49:2a:1a:49:34:
                    e3:f3:48:e1:f3:f9:18:8a:68:f2:59:d5:e3:38:bc:
                    1e:5b:26:e6:ed:b1:b3:87:cf:7b:dc:2d:c5:63:1e:
                    54:6a:e8:25:b4:2d:cb:6c:2a:37:cd:ef:18:02:b5:
                    bb:25:37:2a:2c:5a:67:87:34:60:31:8d:38:94:94:
                    cc:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:DA:01:08:6C:F3:0E:DC:10:23:D1:34:17:51:D9:F5:EF:98:84:99
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e5:4a:d3:8d:c9:ff:6f:75:4d:c5:27:91:bb:a5:9e:4f:57:
         19:6d:16:b2:a7:33:80:dd:18:54:42:92:2e:d4:ac:23:05:d9:
         9a:04:c8:43:3e:13:e0:26:ff:7f:57:7c:e5:c7:b6:c7:82:6a:
         fe:ea:b2:1a:cc:b4:80:ea:83:46:f4:8f:8b:40:91:23:5d:50:
         d5:19:be:63:c3:d2:7d:d3:bc:8b:30:66:c4:ff:d7:6c:f4:15:
         37:6b:e5:3c:8b:2d:fb:3e:cc:02:2e:c7:35:6d:3f:98:e3:23:
         87:01:cc:07:2b:c3:90:46:40:34:d1:2d:ed:0b:ac:b7:ca:9c:
         b9:43:cf:73:e0:8f:79:2a:28:35:13:9d:c0:1d:62:c9:b7:3f:
         f3:2a:00:28:4f:4f:71:89:a3:ea:c8:80:df:49:5a:bb:68:da:
         fd:9b:b8:05:9e:60:14:ea:bf:b3:7b:27:d0:7e:30:9c:14:c1:
         8e:49:ba:de:aa:fe:3d:f6:e5:99:3a:91:d4:eb:43:8f:7f:0c:
         8c:e1:f0:54:be:9b:a4:53:1c:cb:8e:8a:0d:49:fc:de:62:62:
         66:07:c3:7a:0a:99:49:7e:5d:7e:74:fe:c4:5a:3b:89:ae:67:
         e1:ac:66:4f:97:a0:1f:99:c9:e6:65:34:c1:81:58:20:64:30:
         3a:e0:d8:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2Yd/OzUwTvMNL8h0mvCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjYwMzAyMDAwMTI1WhcNMjYwMzAzMDAwMTI1WjAzMTEwLwYDVQQD
Eyg1N2RhMDEwODZjZjMwZWRjMTAyM2QxMzQxNzUxZDlmNWVmOTg4NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtguG4zJpdt2AvwX8iSlyICwRQtZr
Ai3RFmeyDtKopJkPVOx1vgH7o++0lYXXeEVEgllHNcBhrmTYPlDZWAaQWat9j22q
WohNDjO6pcmr3gKJQpEdNrm3fgb0Q3nli11BNRzClfibHgD9ThDwKoLDPkVf4bNJ
F5WW+knDKDGSz5KFGARNsua1BNNE5Qr8/w7GVSmYwvQj3o3rsWugRI+e5PjtplQW
U21nzCBjpoYng/JbNrumzTaW6L7GL19wSSoaSTTj80jh8/kYimjyWdXjOLweWybm
7bGzh8973C3FYx5UaugltC3LbCo3ze8YArW7JTcqLFpnhzRgMY04lJTMyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfaAQhs8w7cECPRNBdR2fXvmISZMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+VK043J
/291TcUnkbulnk9XGW0WsqczgN0YVEKSLtSsIwXZmgTIQz4T4Cb/f1d85ce2x4Jq
/uqyGsy0gOqDRvSPi0CRI11Q1Rm+Y8PSfdO8izBmxP/XbPQVN2vlPIst+z7MAi7H
NW0/mOMjhwHMByvDkEZANNEt7Qust8qcuUPPc+CPeSooNROdwB1iybc/8yoAKE9P
cYmj6siA30lau2ja/Zu4BZ5gFOq/s3sn0H4wnBTBjkm63qr+PfblmTqR1OtDj38M
jOHwVL6bpFMcy46KDUn83mJiZgfDegqZSX5dfnT+xFo7ia5n4axmT5egH5nJ5mU0
wYFYIGQwOuDYAQ==
-----END CERTIFICATE-----