Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          ZCQf3PAlcqFAsYb9O2fK04MGJyxVHGpz0a2arVrESxg=
Subject key identifier:   05:D6:F8:B0:AC:B1:71:6E:20:95:E5:E1:0D:90:5C:15:4B:9A:36:F4
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019D9C9A199E9214D4AA68DA5E0D7DB57A64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          063D
Signing time:             Fri 17 Apr 2026 18:00:37 +0000
Manifest this update:     Fri 17 Apr 2026 18:00:37 +0000
Manifest next update:     Sat 18 Apr 2026 18:00:37 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: mWoMXGSeQQMA//M2EmRlnAnDzEykwlx+Apqnbr2EaKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:9a:19:9e:92:14:d4:aa:68:da:5e:0d:7d:b5:7a:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Apr 17 18:00:37 2026 GMT
            Not After : Apr 18 18:00:37 2026 GMT
        Subject: CN=05d6f8b0acb1716e2095e5e10d905c154b9a36f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f3:d6:d9:51:cc:74:ed:92:51:60:95:0a:ed:
                    3f:df:30:29:18:ad:29:ee:88:5b:78:c0:f1:c0:03:
                    f5:79:c9:df:26:19:f6:cb:68:65:bd:38:51:1f:fb:
                    c8:c8:7e:e3:62:d8:d7:85:9d:63:3d:c5:1a:2a:e4:
                    99:48:08:77:90:b9:51:2f:b0:a2:25:e1:83:f4:45:
                    4c:89:ff:26:81:2f:c1:c0:0e:80:de:6c:85:e3:32:
                    3a:18:65:2f:36:74:07:57:5c:b0:e7:b8:fa:c7:5f:
                    61:89:8d:c3:a2:97:0f:3d:9b:92:96:11:ee:ab:ef:
                    eb:4f:7c:68:ab:f6:ab:7f:9e:6d:35:e1:68:d2:5b:
                    d5:34:21:cb:40:50:d3:4e:5b:d8:ca:04:45:07:57:
                    3b:64:39:23:df:8f:dd:22:1a:16:4e:62:7a:c9:a6:
                    16:20:1b:b8:45:a9:4f:a5:14:9b:f6:f8:30:d4:d1:
                    53:65:33:d1:6d:81:b8:eb:3d:3f:30:de:63:ad:b0:
                    95:32:1f:8a:ce:9f:1c:e1:94:bb:fb:6e:9d:d4:de:
                    3d:0d:b7:42:a6:eb:ca:d7:95:94:dd:f2:25:66:5d:
                    64:d1:f2:7f:1f:a7:e6:df:91:49:96:4d:4f:18:02:
                    8d:9f:fd:93:90:56:e8:bb:83:b6:7d:2a:f3:14:74:
                    e4:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:D6:F8:B0:AC:B1:71:6E:20:95:E5:E1:0D:90:5C:15:4B:9A:36:F4
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:96:fe:f7:4e:2b:ba:3f:6c:7e:45:32:8c:16:8e:82:2d:f4:
         37:3b:a9:34:d6:94:c8:75:93:88:2c:0a:42:86:66:aa:5e:f7:
         02:e5:cf:23:c7:30:ab:a7:d5:d6:33:25:f0:36:2f:65:5d:f8:
         8d:6a:d1:3b:4a:44:dd:a7:4c:c6:42:48:f1:d0:b8:cb:57:e4:
         78:a6:17:16:de:a2:83:6b:d7:2d:d4:e6:cc:60:50:3a:29:4e:
         83:77:c8:fc:34:1e:56:75:e8:55:7c:5e:87:a6:9f:d8:b7:9d:
         d5:69:a9:e0:72:81:ff:bb:d0:c0:3f:4d:b1:4b:3c:ab:a4:c7:
         8d:ea:d0:65:8a:bd:80:04:39:26:71:51:8b:30:9f:11:9e:5b:
         dd:33:d6:71:4a:e0:37:76:1e:c9:0f:b5:6c:c3:28:ad:da:c0:
         ad:c6:27:2f:b0:e6:dd:53:22:ed:4a:86:51:75:88:89:a0:11:
         86:a8:a4:80:fb:9d:ff:dc:1f:a2:7e:9f:0d:75:b3:16:c2:07:
         7b:ec:ed:3f:83:db:d3:3e:61:54:af:b1:71:86:1f:d1:e7:97:
         d0:fe:f3:cb:5c:df:ca:b1:44:9b:10:93:48:ee:eb:3b:bc:d3:
         43:67:ea:1e:05:c3:98:3a:11:d2:cf:13:bb:87:16:d6:fd:89:
         55:a7:7c:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cmhmekhTUqmjaXg19tXpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjYwNDE3MTgwMDM3WhcNMjYwNDE4MTgwMDM3WjAzMTEwLwYDVQQD
EygwNWQ2ZjhiMGFjYjE3MTZlMjA5NWU1ZTEwZDkwNWMxNTRiOWEzNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/PW2VHMdO2SUWCVCu0/3zApGK0p
7ohbeMDxwAP1ecnfJhn2y2hlvThRH/vIyH7jYtjXhZ1jPcUaKuSZSAh3kLlRL7Ci
JeGD9EVMif8mgS/BwA6A3myF4zI6GGUvNnQHV1yw57j6x19hiY3DopcPPZuSlhHu
q+/rT3xoq/arf55tNeFo0lvVNCHLQFDTTlvYygRFB1c7ZDkj34/dIhoWTmJ6yaYW
IBu4RalPpRSb9vgw1NFTZTPRbYG46z0/MN5jrbCVMh+Kzp8c4ZS7+26d1N49DbdC
puvK15WU3fIlZl1k0fJ/H6fm35FJlk1PGAKNn/2TkFbou4O2fSrzFHTk3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXW+LCssXFuIJXl4Q2QXBVLmjb0MB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5b+904r
uj9sfkUyjBaOgi30NzupNNaUyHWTiCwKQoZmql73AuXPI8cwq6fV1jMl8DYvZV34
jWrRO0pE3adMxkJI8dC4y1fkeKYXFt6ig2vXLdTmzGBQOilOg3fI/DQeVnXoVXxe
h6af2Led1Wmp4HKB/7vQwD9NsUs8q6THjerQZYq9gAQ5JnFRizCfEZ5b3TPWcUrg
N3YeyQ+1bMMordrArcYnL7Dm3VMi7UqGUXWIiaARhqikgPud/9wfon6fDXWzFsIH
e+ztP4Pb0z5hVK+xcYYf0eeX0P7zy1zfyrFEmxCTSO7rO7zTQ2fqHgXDmDoR0s8T
u4cW1v2JVad8FQ==
-----END CERTIFICATE-----