Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          YsAsBF2RcuroPQTKrlCev2ikJn/2vx2LIAbylCJU/yE=
Subject key identifier:   18:E7:BE:66:79:92:FC:D9:C6:FB:77:C1:DF:ED:3F:02:87:23:7B:77
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       019D386654A1A2D2428492AE1C1E1A1E65C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          1472
Signing time:             Sun 29 Mar 2026 07:02:03 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:03 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:03 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: 0xmkm89CpGW04vQPFpf7b8KazyGaYV2umlu1la24k1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:54:a1:a2:d2:42:84:92:ae:1c:1e:1a:1e:65:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Mar 29 07:02:03 2026 GMT
            Not After : Mar 30 07:02:03 2026 GMT
        Subject: CN=18e7be667992fcd9c6fb77c1dfed3f0287237b77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b1:4e:8b:55:8e:7f:e7:ca:4c:05:5a:79:08:
                    2e:40:77:30:b8:c9:7f:8f:49:00:4a:eb:1d:ac:00:
                    1d:5e:b0:1e:af:af:2f:73:e5:d5:a2:d8:57:ae:c4:
                    df:81:a7:9c:15:16:f2:39:5d:9c:00:20:c6:5b:b2:
                    33:03:7e:7e:1c:b7:56:d5:7f:38:6f:b3:6e:73:b8:
                    f3:8d:97:b9:56:38:08:1e:7d:35:e4:19:f0:42:f7:
                    81:d2:d6:0c:f9:2a:bc:67:d7:3c:e1:f1:5d:b4:b9:
                    a8:6a:4d:0c:7e:d6:f8:f1:8e:fe:e4:43:0f:40:81:
                    08:bc:ce:15:16:56:a3:84:87:ad:c5:eb:a6:4e:cc:
                    09:46:9a:83:b7:65:a9:31:7e:26:71:ab:23:14:a0:
                    bb:bd:bc:26:47:ed:91:db:7d:19:7a:ec:f4:d7:28:
                    e2:f7:75:4d:cf:dc:83:ca:a7:8b:09:ee:fb:3b:0b:
                    51:5f:7d:b6:7d:ac:cc:11:11:94:c8:95:5d:f4:29:
                    f5:40:af:74:5b:ed:32:84:3f:af:31:93:8a:ac:1d:
                    e0:bf:32:42:b5:4c:07:52:81:5a:91:03:8a:02:a6:
                    56:bb:ae:02:7e:d1:d0:fd:36:63:8c:89:57:87:51:
                    60:a9:39:b2:36:56:9f:b8:7b:25:03:94:69:c3:3c:
                    87:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E7:BE:66:79:92:FC:D9:C6:FB:77:C1:DF:ED:3F:02:87:23:7B:77
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:2b:b1:ff:2e:8a:f3:b1:bb:8d:36:60:5e:5c:4f:54:d9:81:
         9d:1b:52:c9:2c:7e:a5:bc:da:67:6b:2a:64:b8:41:1a:c0:58:
         c9:2e:cf:57:d8:9f:b3:a8:f9:22:70:fd:bd:45:7d:12:48:63:
         d3:a5:08:71:ef:12:6e:5b:93:21:f9:f1:45:60:12:12:74:69:
         4e:a8:c5:92:99:e6:f1:68:cb:56:ed:f9:1b:a5:1f:ec:3b:d8:
         50:00:05:58:21:a1:fe:6a:ad:99:0a:3f:ff:61:03:aa:27:a9:
         1a:65:69:20:90:90:3f:5b:dd:de:0a:75:3e:af:b3:b8:e3:d2:
         3e:b1:74:d9:f3:4f:fc:35:79:11:ef:1c:27:24:e6:14:28:4e:
         d6:7c:48:24:6b:49:b0:58:d5:a2:d2:8d:62:87:7c:56:7a:9e:
         d8:07:83:f6:55:a1:3e:e9:52:ba:d1:46:af:8f:38:6c:aa:32:
         5c:66:49:82:8c:dd:dc:26:65:97:3a:d9:be:e9:4a:48:35:b2:
         56:1c:b0:c5:f1:ab:af:7f:a5:82:9f:e4:b6:6e:58:ac:cb:b5:
         b6:89:70:f4:a7:24:d7:53:af:db:82:77:cc:8f:bf:88:72:38:
         6b:7c:98:2a:4f:61:ab:a0:cb:dc:75:20:a2:85:9a:78:b3:a1:
         f9:91:bd:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlShotJChJKuHB4aHmXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjYwMzI5MDcwMjAzWhcNMjYwMzMwMDcwMjAzWjAzMTEwLwYDVQQD
EygxOGU3YmU2Njc5OTJmY2Q5YzZmYjc3YzFkZmVkM2YwMjg3MjM3Yjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrFOi1WOf+fKTAVaeQguQHcwuMl/
j0kASusdrAAdXrAer68vc+XVothXrsTfgaecFRbyOV2cACDGW7IzA35+HLdW1X84
b7Nuc7jzjZe5VjgIHn015BnwQveB0tYM+Sq8Z9c84fFdtLmoak0Mftb48Y7+5EMP
QIEIvM4VFlajhIetxeumTswJRpqDt2WpMX4mcasjFKC7vbwmR+2R230Zeuz01yji
93VNz9yDyqeLCe77OwtRX322fazMERGUyJVd9Cn1QK90W+0yhD+vMZOKrB3gvzJC
tUwHUoFakQOKAqZWu64CftHQ/TZjjIlXh1FgqTmyNlafuHslA5RpwzyHPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjnvmZ5kvzZxvt3wd/tPwKHI3t3MB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyux/y6K
87G7jTZgXlxPVNmBnRtSySx+pbzaZ2sqZLhBGsBYyS7PV9ifs6j5InD9vUV9Ekhj
06UIce8SbluTIfnxRWASEnRpTqjFkpnm8WjLVu35G6Uf7DvYUAAFWCGh/mqtmQo/
/2EDqiepGmVpIJCQP1vd3gp1Pq+zuOPSPrF02fNP/DV5Ee8cJyTmFChO1nxIJGtJ
sFjVotKNYod8Vnqe2AeD9lWhPulSutFGr484bKoyXGZJgozd3CZllzrZvulKSDWy
VhywxfGrr3+lgp/ktm5YrMu1tolw9Kck11Ov24J3zI+/iHI4a3yYKk9hq6DL3HUg
ooWaeLOh+ZG9gA==
-----END CERTIFICATE-----