Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
File:                     lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json)
Hash identifier:          bKWeGSpL9Zpv5zuzZ91kY2lZzCGnfePpCLhyQxTMMJc=
Subject key identifier:   80:C6:61:81:BD:95:93:E8:41:52:2F:74:26:41:76:00:51:DB:2E:D8
Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24
Certificate issuer:       /CN=956e316c983804c2501ecc5abea53a2a83b57324
Certificate serial:       019D386611C0608355BB1821696BB33329FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
Manifest number:          185F
Signing time:             Sun 29 Mar 2026 07:01:46 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:46 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:46 +0000
Files and hashes:         1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: b16QMyFUCBIazzg3a1EpPN/3llXh7q0T0v6D1mecc8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:11:c0:60:83:55:bb:18:21:69:6b:b3:33:29:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324
        Validity
            Not Before: Mar 29 07:01:46 2026 GMT
            Not After : Mar 30 07:01:46 2026 GMT
        Subject: CN=80c66181bd9593e841522f742641760051db2ed8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cb:ea:00:10:94:5c:0e:0d:9e:a0:24:10:65:
                    10:12:df:3f:f0:b7:57:93:49:60:fa:fc:4f:2d:0b:
                    f3:d8:e8:67:61:57:b3:16:e2:5d:42:58:0c:5c:8d:
                    47:2a:c1:ac:fb:4a:20:85:43:8f:e1:2d:30:5f:c3:
                    a2:a1:88:ef:3d:8d:cd:04:63:04:99:d6:42:6f:df:
                    f7:07:76:bb:cb:19:53:23:e8:46:34:26:36:05:6f:
                    9d:c7:bb:ce:f8:59:b6:f9:09:d9:cc:37:af:e5:12:
                    02:3d:ce:c2:50:b2:24:88:83:aa:97:cf:0b:57:ba:
                    5a:b5:32:b2:3f:8b:07:05:29:6d:c9:38:20:42:c1:
                    81:ef:4c:6e:8b:a7:b6:7c:ca:db:73:e3:e6:4e:c2:
                    3e:b8:ec:b0:f2:a3:d2:5f:30:c2:89:a9:e1:07:ba:
                    5a:77:3d:6d:6f:53:c9:7a:85:05:65:e9:de:86:77:
                    b9:6b:70:7f:47:8a:b5:34:8f:c1:8a:c1:4f:f2:20:
                    d3:b8:44:77:5a:3d:c1:f0:4a:13:c0:e8:10:4c:1b:
                    dc:24:52:51:92:71:04:68:34:42:ec:62:59:62:f0:
                    06:d8:67:20:04:5c:ac:8d:c9:3f:a7:e3:ff:85:08:
                    03:48:35:d4:9d:82:81:24:d9:0b:a6:c3:6e:3a:9c:
                    b5:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:C6:61:81:BD:95:93:E8:41:52:2F:74:26:41:76:00:51:DB:2E:D8
            X509v3 Authority Key Identifier:
                keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:28:42:a2:f1:db:3a:82:fe:72:6f:d3:a4:2f:bc:84:da:71:
         11:b1:cb:c7:7e:7d:93:e9:63:4a:36:ae:6a:4f:a7:fd:29:fd:
         89:9c:5d:72:f8:ce:4f:64:f2:08:f6:7f:d1:eb:30:eb:1d:5f:
         1d:64:ab:a7:48:d7:f5:78:b0:4e:44:62:f5:79:b4:a7:f2:57:
         8b:7c:84:20:ff:7e:74:f7:0e:4a:7a:59:61:d9:fc:35:5b:cb:
         de:ff:af:4a:f7:ff:3a:a3:06:69:76:a2:fd:7b:13:ac:e0:1d:
         6c:16:13:77:a8:9b:3c:79:cd:76:12:89:7c:fb:8d:f6:56:5a:
         60:ba:3d:05:3d:88:c9:c0:0e:15:83:9d:ac:10:2c:60:29:c0:
         bf:17:74:c3:13:53:72:0e:14:04:38:4c:38:d3:08:48:d7:a6:
         1a:ff:70:ef:c8:43:e9:cb:06:75:aa:0f:49:0c:79:f0:04:11:
         ff:20:c9:e4:8d:07:e0:20:2e:af:57:e5:f2:ed:a6:af:e2:d9:
         6b:ab:9f:45:41:e5:4e:d7:20:00:a6:ca:dd:c3:a8:87:23:57:
         96:f4:9d:38:89:52:d0:dc:c9:2f:50:d3:6a:49:a4:f3:65:70:
         84:70:d1:3a:1b:52:9e:2c:b5:a5:85:de:8d:75:3f:84:89:c1:
         59:07:19:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhHAYINVuxghaWuzMyn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi
NTczMjQwHhcNMjYwMzI5MDcwMTQ2WhcNMjYwMzMwMDcwMTQ2WjAzMTEwLwYDVQQD
Eyg4MGM2NjE4MWJkOTU5M2U4NDE1MjJmNzQyNjQxNzYwMDUxZGIyZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8vqABCUXA4NnqAkEGUQEt8/8LdX
k0lg+vxPLQvz2OhnYVezFuJdQlgMXI1HKsGs+0oghUOP4S0wX8OioYjvPY3NBGME
mdZCb9/3B3a7yxlTI+hGNCY2BW+dx7vO+Fm2+QnZzDev5RICPc7CULIkiIOql88L
V7patTKyP4sHBSltyTggQsGB70xui6e2fMrbc+PmTsI+uOyw8qPSXzDCianhB7pa
dz1tb1PJeoUFZenehne5a3B/R4q1NI/BisFP8iDTuER3Wj3B8EoTwOgQTBvcJFJR
knEEaDRC7GJZYvAG2GcgBFysjck/p+P/hQgDSDXUnYKBJNkLpsNuOpy1zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDGYYG9lZPoQVIvdCZBdgBR2y7YMB8GA1UdIwQY
MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt
Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj
LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFChCovHb
OoL+cm/TpC+8hNpxEbHLx359k+ljSjauak+n/Sn9iZxdcvjOT2TyCPZ/0esw6x1f
HWSrp0jX9XiwTkRi9Xm0p/JXi3yEIP9+dPcOSnpZYdn8NVvL3v+vSvf/OqMGaXai
/XsTrOAdbBYTd6ibPHnNdhKJfPuN9lZaYLo9BT2IycAOFYOdrBAsYCnAvxd0wxNT
cg4UBDhMONMISNemGv9w78hD6csGdaoPSQx58AQR/yDJ5I0H4CAur1fl8u2mr+LZ
a6ufRUHlTtcgAKbK3cOohyNXlvSdOIlS0NzJL1DTakmk82VwhHDROhtSniy1pYXe
jXU/hInBWQcZZw==
-----END CERTIFICATE-----