Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft
File:                     ZpDQciFADjewHnSnEvrnxtcDFZU.mft (raw, json)
Hash identifier:          4nt8c8U2vzB80WuzqMWUWNSGxeoFdmAHb3H0CDUIisw=
Subject key identifier:   55:77:27:E2:77:5B:C5:C0:88:65:6A:B8:38:73:8B:51:DE:ED:C6:96
Authority key identifier: 66:90:D0:72:21:40:0E:37:B0:1E:74:A7:12:FA:E7:C6:D7:03:15:95
Certificate issuer:       /CN=6690d07221400e37b01e74a712fae7c6d7031595
Certificate serial:       019D984F9199F8899795CC7359479977D2BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZpDQciFADjewHnSnEvrnxtcDFZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft
Manifest number:          136E
Signing time:             Thu 16 Apr 2026 22:00:44 +0000
Manifest this update:     Thu 16 Apr 2026 22:00:44 +0000
Manifest next update:     Fri 17 Apr 2026 22:00:44 +0000
Files and hashes:         1: ZpDQciFADjewHnSnEvrnxtcDFZU.crl (hash: ucVLBzwSG79acnvc/tO3bJwp/7i+0CEU7sAACxu0jbg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZpDQciFADjewHnSnEvrnxtcDFZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:91:99:f8:89:97:95:cc:73:59:47:99:77:d2:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6690d07221400e37b01e74a712fae7c6d7031595
        Validity
            Not Before: Apr 16 22:00:44 2026 GMT
            Not After : Apr 17 22:00:44 2026 GMT
        Subject: CN=557727e2775bc5c088656ab838738b51deedc696
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ec:7c:a0:34:2f:de:f2:00:05:79:a9:91:f2:
                    b0:d8:57:cb:c4:0f:6e:58:c5:39:a1:a4:36:07:be:
                    98:39:be:c4:5e:6d:b3:ff:5e:3c:cf:e7:4e:8a:e4:
                    d0:d9:8f:39:85:b2:ef:cf:6a:97:2f:25:b8:e1:09:
                    87:d3:39:46:9e:51:96:34:32:04:40:14:df:07:4c:
                    de:a7:22:e1:de:40:c1:8a:96:1a:e0:79:7a:1e:ef:
                    2f:d5:31:21:33:08:6a:b8:0d:55:c8:33:00:48:53:
                    3c:bf:4c:1e:bf:21:91:23:31:6e:8d:da:94:b8:7b:
                    98:99:30:55:bc:0a:fe:e2:f3:5c:92:f7:d8:55:30:
                    34:55:31:b0:11:af:7e:b1:dc:f5:f5:4c:f2:67:45:
                    cd:75:69:db:81:bd:c5:37:21:34:f8:8d:55:42:40:
                    e4:92:3c:7a:72:d2:88:f4:b2:b9:6a:df:55:a3:fb:
                    c2:bc:a1:be:d9:aa:87:2c:9d:a0:f0:71:84:b3:35:
                    b2:cb:c7:b3:d9:c9:83:39:9e:2a:3a:5c:5d:82:c2:
                    f7:c2:99:c9:f4:92:85:cd:e0:c3:6d:f4:d2:0c:36:
                    77:ad:47:f8:80:22:03:d1:e4:76:d7:1f:ad:90:6b:
                    e5:7e:7f:ea:b3:ca:45:5f:1e:4a:27:28:9a:62:9e:
                    ad:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:77:27:E2:77:5B:C5:C0:88:65:6A:B8:38:73:8B:51:DE:ED:C6:96
            X509v3 Authority Key Identifier:
                keyid:66:90:D0:72:21:40:0E:37:B0:1E:74:A7:12:FA:E7:C6:D7:03:15:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpDQciFADjewHnSnEvrnxtcDFZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d565b2-dc18-4460-bf02-461acb8a1c9f/1/ZpDQciFADjewHnSnEvrnxtcDFZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:3a:3d:4b:7d:eb:55:e8:ef:c1:dc:e2:e2:42:b0:5c:d0:fe:
         8d:96:d8:b3:71:b1:5d:bd:f6:64:11:e9:ce:a0:83:af:76:69:
         f5:d3:92:21:34:2b:ab:40:87:00:24:4d:16:cf:d8:d8:51:be:
         e6:76:27:c9:ca:d1:ee:4f:3d:ca:ab:cf:a2:de:2a:94:e7:9f:
         5d:db:a2:fb:81:be:3d:11:7a:53:0a:48:55:73:67:22:8a:97:
         43:69:4e:25:e1:56:e3:99:8f:4c:ce:cb:2f:a1:55:32:8f:70:
         d1:c8:89:00:a7:10:f9:2a:c8:b4:79:1c:9b:ec:d1:51:d6:dd:
         b6:e8:d5:8f:ae:d4:c4:85:1a:64:3f:cf:17:f4:bc:80:79:2e:
         0d:33:39:69:fe:a3:02:ff:3d:d3:f1:c2:57:33:73:80:33:fe:
         4f:a2:49:9a:23:1a:72:83:44:7c:07:59:1d:da:ee:f0:2e:9e:
         9f:1e:66:e2:9e:af:0d:d7:4f:a7:0d:74:ed:55:65:d5:0f:4f:
         8c:db:cb:1b:ec:37:04:d1:24:37:bd:5e:c6:f3:68:a3:92:17:
         8a:9d:23:5c:49:f3:34:db:85:99:ed:3a:63:a7:23:8d:16:74:
         c9:c6:96:55:f2:c3:14:e5:0a:c4:33:c7:86:95:cb:95:b0:b0:
         ac:1d:57:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT5GZ+ImXlcxzWUeZd9K9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTBkMDcyMjE0MDBlMzdiMDFlNzRhNzEyZmFlN2M2ZDcw
MzE1OTUwHhcNMjYwNDE2MjIwMDQ0WhcNMjYwNDE3MjIwMDQ0WjAzMTEwLwYDVQQD
Eyg1NTc3MjdlMjc3NWJjNWMwODg2NTZhYjgzODczOGI1MWRlZWRjNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ux8oDQv3vIABXmpkfKw2FfLxA9u
WMU5oaQ2B76YOb7EXm2z/148z+dOiuTQ2Y85hbLvz2qXLyW44QmH0zlGnlGWNDIE
QBTfB0zepyLh3kDBipYa4Hl6Hu8v1TEhMwhquA1VyDMASFM8v0wevyGRIzFujdqU
uHuYmTBVvAr+4vNckvfYVTA0VTGwEa9+sdz19UzyZ0XNdWnbgb3FNyE0+I1VQkDk
kjx6ctKI9LK5at9Vo/vCvKG+2aqHLJ2g8HGEszWyy8ez2cmDOZ4qOlxdgsL3wpnJ
9JKFzeDDbfTSDDZ3rUf4gCID0eR21x+tkGvlfn/qs8pFXx5KJyiaYp6tpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFV3J+J3W8XAiGVquDhzi1He7caWMB8GA1UdIwQY
MBaAFGaQ0HIhQA43sB50pxL658bXAxWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBEUWNpRkFEamV3SG5TbkV2cm54dGNERlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kNTY1YjItZGMxOC00NDYwLWJmMDIt
NDYxYWNiOGExYzlmLzEvWnBEUWNpRkFEamV3SG5TbkV2cm54dGNERlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kNTY1YjItZGMxOC00NDYwLWJmMDItNDYxYWNiOGExYzlm
LzEvWnBEUWNpRkFEamV3SG5TbkV2cm54dGNERlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFzo9S33r
Vejvwdzi4kKwXND+jZbYs3GxXb32ZBHpzqCDr3Zp9dOSITQrq0CHACRNFs/Y2FG+
5nYnycrR7k89yqvPot4qlOefXdui+4G+PRF6UwpIVXNnIoqXQ2lOJeFW45mPTM7L
L6FVMo9w0ciJAKcQ+SrItHkcm+zRUdbdtujVj67UxIUaZD/PF/S8gHkuDTM5af6j
Av890/HCVzNzgDP+T6JJmiMacoNEfAdZHdru8C6enx5m4p6vDddPpw107VVl1Q9P
jNvLG+w3BNEkN71exvNoo5IXip0jXEnzNNuFme06Y6cjjRZ0ycaWVfLDFOUKxDPH
hpXLlbCwrB1XaA==
-----END CERTIFICATE-----