Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
File:                     ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft (raw, json)
Hash identifier:          tlP34Yb+kDGJtgWDXsp65TJNKvumMGbMzMns+ZrzRxg=
Subject key identifier:   85:02:64:BE:E0:4E:6C:DD:31:37:37:BB:AD:10:00:E4:F6:BA:45:EA
Authority key identifier: 65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B
Certificate issuer:       /CN=654364d0c6c93df28027488afcbfcf329726392b
Certificate serial:       019D98F4B1CE870D1CFA63B5A27225F9AA1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
Manifest number:          0C54
Signing time:             Fri 17 Apr 2026 01:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:06 +0000
Files and hashes:         1: ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl (hash: LX98aFDJ4kO+X/pgAFc1g10pcjWQFv1tRH4FukNrFTs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:b1:ce:87:0d:1c:fa:63:b5:a2:72:25:f9:aa:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654364d0c6c93df28027488afcbfcf329726392b
        Validity
            Not Before: Apr 17 01:01:06 2026 GMT
            Not After : Apr 18 01:01:06 2026 GMT
        Subject: CN=850264bee04e6cdd313737bbad1000e4f6ba45ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ef:86:65:c0:6e:34:fe:d4:ed:88:fb:0b:2f:
                    bc:3a:0f:d1:a7:e0:9e:3a:02:60:ae:bc:c5:25:32:
                    a6:f9:86:d7:c3:22:2e:cc:b1:7e:97:d8:49:0f:b8:
                    fe:79:20:7d:13:0b:4d:e0:aa:23:90:e3:e5:ea:be:
                    65:e3:30:63:43:22:6e:8f:24:b8:48:5b:cc:29:ed:
                    7e:23:90:11:be:7f:eb:d5:a0:b1:60:54:6d:f4:b3:
                    c0:0c:35:92:a0:52:30:98:e5:8a:64:4f:33:63:d2:
                    b2:7d:b4:bb:b6:3c:45:7e:56:df:4f:93:c7:96:a9:
                    54:b9:99:1f:5e:23:70:1c:ee:20:76:3f:d9:ab:e4:
                    c4:0a:bb:19:4a:de:b9:68:e3:62:da:b5:70:21:5a:
                    45:70:8a:ae:d8:d0:ee:b2:88:c7:9c:4d:fe:bd:df:
                    89:53:83:1c:c0:57:5d:45:38:21:24:e5:ba:01:e9:
                    52:e4:7c:b1:b2:0e:f8:58:7d:13:b9:44:ce:40:fe:
                    49:b0:84:d0:aa:0d:b8:ee:be:6f:7a:d9:2b:7d:68:
                    b9:f8:43:69:09:da:b8:78:c6:0a:02:88:51:f5:27:
                    6e:ff:f1:66:91:12:22:e6:53:52:94:40:22:15:e2:
                    54:e8:85:46:bc:86:29:e0:ef:b5:6a:ca:4a:39:2e:
                    55:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:02:64:BE:E0:4E:6C:DD:31:37:37:BB:AD:10:00:E4:F6:BA:45:EA
            X509v3 Authority Key Identifier:
                keyid:65:43:64:D0:C6:C9:3D:F2:80:27:48:8A:FC:BF:CF:32:97:26:39:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3f9ab1-eab1-46cc-88e7-b6e8ea912480/1/ZUNk0MbJPfKAJ0iK_L_PMpcmOSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:2d:58:6e:61:3f:ee:b3:b5:7a:ba:84:fd:19:d9:5b:8a:d1:
         29:7d:ad:3b:1b:d2:35:16:78:cd:c4:52:b9:84:4d:61:cf:63:
         07:82:74:4d:1d:ef:b0:6c:7c:1b:de:e4:3e:15:4b:3d:04:8a:
         84:57:17:42:fe:6f:ed:f8:01:af:2e:00:df:09:b3:bc:ee:12:
         1e:3a:1c:d8:42:60:0c:79:31:a8:06:c4:d5:66:28:6c:5a:54:
         f9:c4:b3:72:77:33:1b:ef:d7:25:3a:a0:3f:5e:bc:7c:69:9d:
         5a:bc:f2:28:26:28:70:c7:bb:b3:60:b0:77:07:8e:56:6e:b2:
         1b:3f:37:22:c0:1b:e9:ee:35:8c:e8:aa:76:33:76:56:d4:bc:
         1b:c7:c8:fb:24:2e:35:4e:3b:c0:7b:0c:92:f6:69:30:a4:a7:
         bf:8e:43:50:17:1b:31:3e:8b:06:af:bd:4e:9a:4b:24:0d:1a:
         98:a3:75:4d:5c:e7:5c:0e:55:49:e6:fd:07:6a:c9:cc:dd:d7:
         06:a5:0d:f9:b4:53:2b:84:ad:eb:75:7d:bc:0b:b1:72:b2:9a:
         38:50:99:37:e2:f6:00:91:7f:08:22:96:96:d2:7e:f1:da:e0:
         ba:72:7e:20:43:1c:d6:bf:7c:30:2a:a5:12:f7:1f:b4:77:f0:
         a5:c1:3e:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9LHOhw0c+mO1onIl+aoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDM2NGQwYzZjOTNkZjI4MDI3NDg4YWZjYmZjZjMyOTcy
NjM5MmIwHhcNMjYwNDE3MDEwMTA2WhcNMjYwNDE4MDEwMTA2WjAzMTEwLwYDVQQD
Eyg4NTAyNjRiZWUwNGU2Y2RkMzEzNzM3YmJhZDEwMDBlNGY2YmE0NWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve+GZcBuNP7U7Yj7Cy+8Og/Rp+Ce
OgJgrrzFJTKm+YbXwyIuzLF+l9hJD7j+eSB9EwtN4KojkOPl6r5l4zBjQyJujyS4
SFvMKe1+I5ARvn/r1aCxYFRt9LPADDWSoFIwmOWKZE8zY9KyfbS7tjxFflbfT5PH
lqlUuZkfXiNwHO4gdj/Zq+TECrsZSt65aONi2rVwIVpFcIqu2NDusojHnE3+vd+J
U4McwFddRTghJOW6AelS5Hyxsg74WH0TuUTOQP5JsITQqg247r5vetkrfWi5+ENp
Cdq4eMYKAohR9Sdu//FmkRIi5lNSlEAiFeJU6IVGvIYp4O+1aspKOS5VXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUCZL7gTmzdMTc3u60QAOT2ukXqMB8GA1UdIwQY
MBaAFGVDZNDGyT3ygCdIivy/zzKXJjkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTct
YjZlOGVhOTEyNDgwLzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZjlhYjEtZWFiMS00NmNjLTg4ZTctYjZlOGVhOTEyNDgw
LzEvWlVOazBNYkpQZktBSjBpS19MX1BNcGNtT1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJi1YbmE/
7rO1erqE/RnZW4rRKX2tOxvSNRZ4zcRSuYRNYc9jB4J0TR3vsGx8G97kPhVLPQSK
hFcXQv5v7fgBry4A3wmzvO4SHjoc2EJgDHkxqAbE1WYobFpU+cSzcnczG+/XJTqg
P168fGmdWrzyKCYocMe7s2CwdweOVm6yGz83IsAb6e41jOiqdjN2VtS8G8fI+yQu
NU47wHsMkvZpMKSnv45DUBcbMT6LBq+9TppLJA0amKN1TVznXA5VSeb9B2rJzN3X
BqUN+bRTK4St63V9vAuxcrKaOFCZN+L2AJF/CCKWltJ+8drgunJ+IEMc1r98MCql
EvcftHfwpcE+Fg==
-----END CERTIFICATE-----