Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          dO0oacaAoGEV6wH2WIGsPazCgjhXXjWHtdf4mLeuvWU=
Subject key identifier:   2B:67:F3:81:2D:2F:CE:4C:39:B2:DC:3D:31:27:B2:09:A1:D6:B7:4F
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019D9962E960508CC24825B189B90D4921DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 03:01:29 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:29 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:29 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: +C3vmaPx8iZ9xJa0E1xuZ3q/n8WL+E9BRvA+o1aQShk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:e9:60:50:8c:c2:48:25:b1:89:b9:0d:49:21:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Apr 17 03:01:29 2026 GMT
            Not After : Apr 18 03:01:29 2026 GMT
        Subject: CN=2b67f3812d2fce4c39b2dc3d3127b209a1d6b74f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9e:29:e5:71:ff:8e:f3:44:26:2d:90:0a:36:
                    3c:20:cb:73:bf:14:e9:16:e2:9b:25:fc:1c:10:2e:
                    85:65:4d:b8:d9:bf:64:46:7f:e2:8c:ad:85:25:90:
                    23:b3:c1:3c:ca:f0:55:8b:b7:d4:8d:49:8b:89:38:
                    a2:45:64:65:1c:9b:b0:52:0e:a1:b1:ee:c9:60:7e:
                    e5:2b:02:b3:24:c6:ab:b4:52:48:6c:41:36:3b:65:
                    35:41:68:bf:da:05:78:1a:5f:98:ce:79:5c:d7:1c:
                    b9:8d:da:eb:23:ae:4c:b9:39:4b:53:7f:52:04:fb:
                    4e:1d:5d:ee:0f:c9:ed:17:e9:56:2d:9b:aa:9c:53:
                    f1:6b:92:c1:cc:54:42:83:75:6c:b3:0a:bb:46:fa:
                    cb:bd:4e:60:14:65:56:4d:f8:5c:8e:a1:03:ab:87:
                    f3:9f:59:22:54:b4:37:61:1c:8c:4a:f5:0d:56:85:
                    b1:0b:de:f7:dd:5d:49:41:fa:33:b8:87:8b:2b:66:
                    c6:f5:48:ce:64:9f:0a:64:72:b8:bb:d0:be:a0:de:
                    93:ab:b6:57:f8:32:78:6b:0f:f7:e5:99:bf:73:4c:
                    51:b5:dc:9e:8b:c8:ba:b8:b5:4a:08:7b:08:d2:db:
                    bf:1e:ed:af:14:da:0c:20:d7:57:a7:8f:a8:17:80:
                    c2:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:67:F3:81:2D:2F:CE:4C:39:B2:DC:3D:31:27:B2:09:A1:D6:B7:4F
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:96:85:2c:65:04:88:05:9f:86:90:43:69:2f:a1:3c:0d:6f:
         79:c4:8b:ec:56:85:06:5b:14:fc:8e:9a:17:4b:3b:81:95:0d:
         b2:0e:ff:f1:05:cc:22:08:4f:64:5b:06:5f:e4:8e:7b:00:70:
         42:0e:da:5d:d1:b2:03:0d:81:39:41:06:c6:e7:26:67:8e:62:
         f6:89:23:4b:57:a6:3d:87:ca:49:11:8d:81:db:2c:4c:23:93:
         95:9a:aa:80:ad:1d:f0:42:ae:b2:52:0f:61:d6:b8:a7:19:95:
         e1:5f:59:c3:28:62:92:b6:2e:1b:c3:e8:12:01:f3:84:e2:84:
         19:53:45:b3:5a:bb:82:4f:a9:a4:00:8a:ab:17:48:64:06:94:
         6a:ae:1c:b7:b3:b5:ca:80:3d:e8:48:e3:6b:fb:ca:25:54:7f:
         b5:74:f8:90:cf:41:a6:c9:3f:15:c8:45:a7:65:71:96:11:c7:
         ab:1d:3e:76:6a:2f:1c:c2:90:9b:96:e7:6d:f8:ce:01:da:b2:
         ec:ce:51:b6:3d:b0:92:f3:ee:ba:54:e0:d4:55:97:27:64:af:
         7a:cc:a0:fc:b4:13:cf:c0:f9:27:48:bc:f4:e1:fd:67:26:b0:
         35:5f:97:12:07:8c:3c:e6:9b:8f:9a:d4:2b:51:f8:7c:e4:e8:
         44:77:95:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYulgUIzCSCWxibkNSSHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjYwNDE3MDMwMTI5WhcNMjYwNDE4MDMwMTI5WjAzMTEwLwYDVQQD
EygyYjY3ZjM4MTJkMmZjZTRjMzliMmRjM2QzMTI3YjIwOWExZDZiNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp4p5XH/jvNEJi2QCjY8IMtzvxTp
FuKbJfwcEC6FZU242b9kRn/ijK2FJZAjs8E8yvBVi7fUjUmLiTiiRWRlHJuwUg6h
se7JYH7lKwKzJMartFJIbEE2O2U1QWi/2gV4Gl+Yznlc1xy5jdrrI65MuTlLU39S
BPtOHV3uD8ntF+lWLZuqnFPxa5LBzFRCg3Vsswq7RvrLvU5gFGVWTfhcjqEDq4fz
n1kiVLQ3YRyMSvUNVoWxC9733V1JQfozuIeLK2bG9UjOZJ8KZHK4u9C+oN6Tq7ZX
+DJ4aw/35Zm/c0xRtdyei8i6uLVKCHsI0tu/Hu2vFNoMINdXp4+oF4DCPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtn84EtL85MObLcPTEnsgmh1rdPMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC5aFLGUE
iAWfhpBDaS+hPA1vecSL7FaFBlsU/I6aF0s7gZUNsg7/8QXMIghPZFsGX+SOewBw
Qg7aXdGyAw2BOUEGxucmZ45i9okjS1emPYfKSRGNgdssTCOTlZqqgK0d8EKuslIP
Yda4pxmV4V9ZwyhikrYuG8PoEgHzhOKEGVNFs1q7gk+ppACKqxdIZAaUaq4ct7O1
yoA96Ejja/vKJVR/tXT4kM9Bpsk/FchFp2VxlhHHqx0+dmovHMKQm5bnbfjOAdqy
7M5Rtj2wkvPuulTg1FWXJ2Svesyg/LQTz8D5J0i89OH9ZyawNV+XEgeMPOabj5rU
K1H4fOToRHeVog==
-----END CERTIFICATE-----