Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          t4b0JOZuXi3MFEIaQPxhuk2synABf3lk5nmeM5PR1OA=
Subject key identifier:   F8:D5:03:FF:E8:9C:B1:89:CD:DF:6A:39:9C:32:FF:36:06:28:1D:83
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       019D99CFF2FD9A736B48978F15DA80D192E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0CFA
Signing time:             Fri 17 Apr 2026 05:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:35 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: 2yc7PcWQ8GbnuFzjDXKGo020PlDqOBAXKZFuXXT4mdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:f2:fd:9a:73:6b:48:97:8f:15:da:80:d1:92:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Apr 17 05:00:35 2026 GMT
            Not After : Apr 18 05:00:35 2026 GMT
        Subject: CN=f8d503ffe89cb189cddf6a399c32ff3606281d83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f0:bf:8b:91:20:e8:8d:e8:e4:01:bb:2a:5c:
                    54:97:58:b1:8f:da:4d:5a:a4:34:eb:b7:07:87:51:
                    5e:e8:53:00:c8:08:4f:5a:fa:f7:8a:64:df:f0:b9:
                    d6:b5:68:20:bb:07:d7:62:74:a6:d3:7e:d4:27:f3:
                    16:e9:fb:73:c9:6b:e4:24:97:c2:f2:b4:07:80:32:
                    84:05:7f:d2:82:2d:8f:c4:ab:65:82:b4:63:3a:0c:
                    c6:e7:7d:09:cb:39:af:34:8a:d5:13:9c:06:59:cd:
                    a4:76:e1:c9:aa:b2:35:01:c2:9c:73:14:3a:9d:7f:
                    38:6c:c9:e3:a4:67:2f:de:68:39:e7:de:7c:f9:af:
                    02:72:1b:8c:54:e5:b2:8c:e0:16:75:f0:42:98:0a:
                    a9:21:93:39:2a:28:be:1b:01:84:10:b1:c0:d2:b7:
                    2b:88:f0:be:4d:fa:ec:f2:89:b3:f5:ed:46:ac:3f:
                    d5:de:b7:a9:91:83:35:90:29:6d:ba:84:09:cc:68:
                    91:81:58:4a:b5:e1:2c:97:07:8b:6b:af:cd:28:53:
                    a4:e3:21:4d:48:58:cb:c8:7d:f0:b3:50:3b:0e:e8:
                    79:d7:d9:f8:56:3e:58:81:81:16:90:7e:8e:0b:1f:
                    bc:f4:d8:0b:26:22:e7:0b:0d:ab:9f:f6:b4:3d:b8:
                    c1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:D5:03:FF:E8:9C:B1:89:CD:DF:6A:39:9C:32:FF:36:06:28:1D:83
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:3e:74:b9:ef:fa:fb:d7:2c:ca:5a:63:3e:df:0b:5e:a9:4b:
         06:67:40:ef:68:6a:3f:ba:9d:2e:25:13:b0:dd:f7:05:90:83:
         83:b7:bd:90:a4:f8:97:5d:fe:30:84:12:d0:c7:1c:c4:67:d3:
         81:f6:7c:02:14:73:fd:cd:46:b7:76:a2:a1:4a:1b:2b:dd:da:
         d9:67:67:7e:e3:7a:92:d9:b4:62:ca:a8:5b:86:e8:ac:2e:0d:
         1f:79:71:28:59:10:79:b3:30:73:7d:54:0a:9a:4e:c5:7e:f9:
         3b:56:1c:14:80:43:73:40:64:6b:4a:5c:d9:70:21:82:34:7e:
         a7:48:54:8b:73:f4:c3:31:64:b7:d8:fe:fd:e0:bf:22:5e:95:
         83:22:b0:0b:e1:9f:3d:4c:e2:92:8b:6f:43:de:a7:8a:de:2c:
         81:d3:a6:3d:da:19:9c:d6:19:7e:ae:89:8f:ac:a4:d7:7d:95:
         1d:ab:01:d2:ee:47:fe:eb:d9:11:05:c8:fa:6a:64:bc:22:10:
         da:f1:43:f5:fd:df:a7:0e:10:15:55:38:59:9c:38:dc:fc:07:
         f9:62:8c:a2:7c:d1:41:42:67:33:b4:f3:df:1e:66:b0:d9:f8:
         af:c6:8c:81:95:03:cd:0b:df:55:2b:2b:d8:d1:a8:90:0f:df:
         85:3e:13:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz/L9mnNrSJePFdqA0ZLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjYwNDE3MDUwMDM1WhcNMjYwNDE4MDUwMDM1WjAzMTEwLwYDVQQD
EyhmOGQ1MDNmZmU4OWNiMTg5Y2RkZjZhMzk5YzMyZmYzNjA2MjgxZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfC/i5Eg6I3o5AG7KlxUl1ixj9pN
WqQ067cHh1Fe6FMAyAhPWvr3imTf8LnWtWgguwfXYnSm037UJ/MW6ftzyWvkJJfC
8rQHgDKEBX/Sgi2PxKtlgrRjOgzG530JyzmvNIrVE5wGWc2kduHJqrI1AcKccxQ6
nX84bMnjpGcv3mg55958+a8CchuMVOWyjOAWdfBCmAqpIZM5Kii+GwGEELHA0rcr
iPC+Tfrs8omz9e1GrD/V3repkYM1kCltuoQJzGiRgVhKteEslweLa6/NKFOk4yFN
SFjLyH3ws1A7Duh519n4Vj5YgYEWkH6OCx+89NgLJiLnCw2rn/a0PbjB9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjVA//onLGJzd9qOZwy/zYGKB2DMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmD50ue/6
+9csylpjPt8LXqlLBmdA72hqP7qdLiUTsN33BZCDg7e9kKT4l13+MIQS0MccxGfT
gfZ8AhRz/c1Gt3aioUobK93a2WdnfuN6ktm0YsqoW4borC4NH3lxKFkQebMwc31U
CppOxX75O1YcFIBDc0Bka0pc2XAhgjR+p0hUi3P0wzFkt9j+/eC/Il6VgyKwC+Gf
PUzikotvQ96nit4sgdOmPdoZnNYZfq6Jj6yk132VHasB0u5H/uvZEQXI+mpkvCIQ
2vFD9f3fpw4QFVU4WZw43PwH+WKMonzRQUJnM7Tz3x5msNn4r8aMgZUDzQvfVSsr
2NGokA/fhT4TmQ==
-----END CERTIFICATE-----