Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          N+SwjLVDQ0uIfQmsunwM5PIGlDi9OWwZADf3xSNCTY8=
Subject key identifier:   3D:B2:15:3F:73:29:BA:FC:6C:5C:6B:8A:C9:EB:97:D9:86:46:6A:CD
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       019D9AE2910EBBB2E49FF3B3093306705455
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          083B
Signing time:             Fri 17 Apr 2026 10:00:32 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:32 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:32 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: l9QyTM9kZt2YBcaaPZCNgw1PkJteSaB4huRhK+0HdVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:91:0e:bb:b2:e4:9f:f3:b3:09:33:06:70:54:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Apr 17 10:00:32 2026 GMT
            Not After : Apr 18 10:00:32 2026 GMT
        Subject: CN=3db2153f7329bafc6c5c6b8ac9eb97d986466acd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cc:c1:00:4b:84:e4:38:62:85:50:91:c0:68:
                    5b:30:5b:98:a2:77:b1:7d:41:7e:52:ce:62:02:cb:
                    64:97:0a:e7:60:98:e3:e1:57:f6:ba:47:52:fd:ff:
                    00:61:66:61:e4:cd:b9:f7:5a:9f:50:8a:aa:85:42:
                    8a:9b:0b:6d:82:6e:73:2d:46:b7:25:85:44:c3:05:
                    d2:8c:cc:bc:27:7f:77:52:5a:1c:e5:ed:ba:58:48:
                    9c:0f:a0:1f:2e:e6:0e:ce:75:24:65:49:18:7c:de:
                    29:b1:5f:dc:82:4a:cf:fd:62:26:28:8d:8f:7b:cf:
                    22:8a:0a:a0:2d:dd:3f:d3:86:c4:7a:6e:01:83:38:
                    07:58:94:4a:a5:b7:ff:4e:15:19:13:99:99:64:00:
                    0a:54:3b:37:32:32:3d:1d:4a:be:9c:0c:a1:45:3d:
                    42:24:6a:e6:fd:92:be:6d:bf:1a:fa:31:06:3c:96:
                    7d:47:ab:0a:66:d7:7a:39:c0:da:20:7d:2c:a6:aa:
                    a3:a0:6c:a5:a1:ce:6c:d0:25:cf:11:51:cd:be:4b:
                    93:24:e4:64:aa:6f:a5:ef:0b:39:95:95:d0:30:af:
                    ec:d1:44:09:97:ec:28:de:ea:fb:02:42:b1:53:05:
                    7a:bb:59:73:99:38:09:79:4d:b7:6e:9c:45:89:b7:
                    0d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:B2:15:3F:73:29:BA:FC:6C:5C:6B:8A:C9:EB:97:D9:86:46:6A:CD
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:ec:d1:93:91:04:00:00:a9:09:c5:5b:0e:6d:42:0a:64:7f:
         eb:32:be:1e:21:29:27:b1:ec:0e:43:70:68:12:f3:76:e1:74:
         2f:e8:77:b3:a7:9e:78:15:47:3d:a6:af:05:da:db:18:33:55:
         f0:26:0d:06:fa:69:86:c1:4e:ba:b5:00:5f:21:e3:5f:e8:83:
         a0:4d:ea:dc:1c:6a:e0:7b:43:1d:0f:fb:3c:6d:7d:de:58:df:
         02:7d:eb:ed:fd:92:4e:11:a3:cf:90:bf:59:ae:8f:d0:00:b2:
         ed:80:e5:41:bf:a1:d5:a4:60:7f:cd:96:ac:f8:84:d4:e3:5f:
         e5:b1:37:1e:7c:77:dd:e9:26:ba:a2:ac:aa:f1:e5:17:25:b9:
         c3:b6:52:2d:6e:1c:5f:23:d0:58:ae:64:e9:ba:05:20:ba:d9:
         bd:dd:14:e3:fd:38:37:25:96:23:4d:7e:25:e0:dc:7d:51:96:
         03:11:34:1d:23:13:09:0e:7b:9c:c4:e7:1c:56:87:18:ae:72:
         48:f5:a6:c1:59:51:a9:68:2f:38:09:1e:ce:35:36:54:a5:a6:
         57:4f:d1:da:8d:66:a1:27:d7:31:18:69:c8:4c:8f:4f:97:54:
         98:94:0c:06:96:7c:ca:7b:24:c6:49:68:3d:d2:17:a3:f0:71:
         79:ab:6e:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4pEOu7Lkn/OzCTMGcFRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjYwNDE3MTAwMDMyWhcNMjYwNDE4MTAwMDMyWjAzMTEwLwYDVQQD
EygzZGIyMTUzZjczMjliYWZjNmM1YzZiOGFjOWViOTdkOTg2NDY2YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8zBAEuE5DhihVCRwGhbMFuYonex
fUF+Us5iAstklwrnYJjj4Vf2ukdS/f8AYWZh5M2591qfUIqqhUKKmwttgm5zLUa3
JYVEwwXSjMy8J393Uloc5e26WEicD6AfLuYOznUkZUkYfN4psV/cgkrP/WImKI2P
e88iigqgLd0/04bEem4BgzgHWJRKpbf/ThUZE5mZZAAKVDs3MjI9HUq+nAyhRT1C
JGrm/ZK+bb8a+jEGPJZ9R6sKZtd6OcDaIH0spqqjoGyloc5s0CXPEVHNvkuTJORk
qm+l7ws5lZXQMK/s0UQJl+wo3ur7AkKxUwV6u1lzmTgJeU23bpxFibcNiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2yFT9zKbr8bFxrisnrl9mGRmrNMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuzRk5EE
AACpCcVbDm1CCmR/6zK+HiEpJ7HsDkNwaBLzduF0L+h3s6eeeBVHPaavBdrbGDNV
8CYNBvpphsFOurUAXyHjX+iDoE3q3Bxq4HtDHQ/7PG193ljfAn3r7f2SThGjz5C/
Wa6P0ACy7YDlQb+h1aRgf82WrPiE1ONf5bE3Hnx33ekmuqKsqvHlFyW5w7ZSLW4c
XyPQWK5k6boFILrZvd0U4/04NyWWI01+JeDcfVGWAxE0HSMTCQ57nMTnHFaHGK5y
SPWmwVlRqWgvOAkezjU2VKWmV0/R2o1moSfXMRhpyEyPT5dUmJQMBpZ8ynskxklo
PdIXo/Bxeatu+Q==
-----END CERTIFICATE-----