Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
File:                     L1OI95ZqevrAc2x57WA7K3iGVsQ.mft (raw, json)
Hash identifier:          undewHnBN/QnrgGPpErkYbEpwXt77iWWct6D4bYc3E0=
Subject key identifier:   F3:72:F7:48:5A:7B:E8:F0:96:44:F8:75:DF:36:57:C7:11:15:DD:D1
Authority key identifier: 2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4
Certificate issuer:       /CN=2f5388f7966a7afac0736c79ed603b2b788656c4
Certificate serial:       019D3AF83C5EC001865DFE4A5F37BC72F2A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
Manifest number:          0307
Signing time:             Sun 29 Mar 2026 19:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 19:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 19:00:40 +0000
Files and hashes:         1: L1OI95ZqevrAc2x57WA7K3iGVsQ.crl (hash: wFYFGHpknxvgoQacFg8/XfrIASoySUcnIu5bl6EbNjc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f8:3c:5e:c0:01:86:5d:fe:4a:5f:37:bc:72:f2:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f5388f7966a7afac0736c79ed603b2b788656c4
        Validity
            Not Before: Mar 29 19:00:40 2026 GMT
            Not After : Mar 30 19:00:40 2026 GMT
        Subject: CN=f372f7485a7be8f09644f875df3657c71115ddd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c7:f7:fa:bb:e9:90:dd:46:13:19:14:17:06:
                    34:6a:67:d9:cb:e4:46:aa:49:42:0d:7b:c6:69:d3:
                    9f:e5:92:63:78:bd:c3:a6:17:73:1d:66:30:57:19:
                    5e:ae:43:4e:05:8e:d2:77:39:bc:3a:79:c4:06:f6:
                    e7:27:60:0d:16:d1:09:4f:05:b5:9e:b0:6e:ae:4d:
                    ef:10:0d:8a:1d:f5:27:7c:7a:d7:bf:81:bd:b4:44:
                    a0:cb:f1:78:0d:fb:1f:b0:73:f5:ea:a9:29:99:db:
                    1c:33:e1:af:9a:12:71:bd:35:aa:96:3e:b5:4b:da:
                    e9:63:dd:21:05:66:a0:89:0a:26:ce:d6:63:36:db:
                    a4:02:fd:3e:1b:a8:89:88:48:a2:27:12:cd:42:23:
                    85:23:75:88:b3:1a:bd:36:6b:58:ae:b2:83:5f:63:
                    44:76:8b:ce:f4:cd:0c:c9:e7:85:c7:0b:44:da:68:
                    19:1b:be:b1:6c:c9:02:64:82:3a:68:02:24:e3:e3:
                    c1:4c:87:b8:81:5d:65:b5:e8:9b:48:ce:81:12:d1:
                    4d:7b:9e:8f:94:83:c8:2d:34:9f:41:05:9d:a7:96:
                    90:e0:d2:71:49:d8:dd:92:70:9d:52:6d:b0:a9:ae:
                    9b:77:5b:03:33:cb:d5:88:a3:40:b9:2e:35:d2:30:
                    43:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:72:F7:48:5A:7B:E8:F0:96:44:F8:75:DF:36:57:C7:11:15:DD:D1
            X509v3 Authority Key Identifier:
                keyid:2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:a9:38:f8:4a:a4:4f:0d:60:e4:79:d7:4c:82:28:31:bb:72:
         6f:76:9c:38:03:78:26:26:42:a7:c8:f8:70:a4:fe:f2:80:36:
         2b:15:67:f0:0e:7b:6c:7e:47:cf:e4:ba:a3:b0:4f:04:0c:2e:
         3e:23:72:6f:33:50:7f:9b:fb:97:a3:a4:da:72:ec:45:6d:50:
         34:33:3e:1d:d8:13:f6:26:7c:d3:2d:78:cb:9a:87:2a:f8:c6:
         7f:b0:ab:28:c7:cf:da:73:0d:8a:9b:67:5e:59:0e:69:65:ff:
         e4:ca:6e:f0:51:50:2b:23:87:19:a3:a4:d5:f8:f4:ad:8b:fb:
         a5:45:b6:38:30:ff:92:3b:2e:a4:55:19:8d:39:58:ae:cd:d2:
         cb:fc:0b:d1:19:84:3d:47:0d:c4:bf:3c:c3:39:20:41:c5:f2:
         dd:49:e3:a8:4c:e6:9d:98:d9:63:27:0e:c8:2e:46:56:65:b2:
         01:c9:4d:07:f2:0b:55:ce:5d:be:d1:cf:a0:e5:9c:28:5f:f7:
         bb:f6:eb:1b:cf:52:80:f9:f5:d2:82:9e:4a:f4:f6:6e:01:50:
         95:69:8c:28:8f:93:2c:55:55:36:25:15:c5:04:78:69:7a:d1:
         ce:fc:95:c5:f2:cb:43:e3:0d:39:09:46:ef:fc:75:d0:3c:d3:
         69:02:13:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+DxewAGGXf5KXze8cvKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTM4OGY3OTY2YTdhZmFjMDczNmM3OWVkNjAzYjJiNzg4
NjU2YzQwHhcNMjYwMzI5MTkwMDQwWhcNMjYwMzMwMTkwMDQwWjAzMTEwLwYDVQQD
EyhmMzcyZjc0ODVhN2JlOGYwOTY0NGY4NzVkZjM2NTdjNzExMTVkZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMf3+rvpkN1GExkUFwY0amfZy+RG
qklCDXvGadOf5ZJjeL3DphdzHWYwVxlerkNOBY7Sdzm8OnnEBvbnJ2ANFtEJTwW1
nrBurk3vEA2KHfUnfHrXv4G9tESgy/F4DfsfsHP16qkpmdscM+GvmhJxvTWqlj61
S9rpY90hBWagiQomztZjNtukAv0+G6iJiEiiJxLNQiOFI3WIsxq9NmtYrrKDX2NE
dovO9M0MyeeFxwtE2mgZG76xbMkCZII6aAIk4+PBTIe4gV1lteibSM6BEtFNe56P
lIPILTSfQQWdp5aQ4NJxSdjdknCdUm2wqa6bd1sDM8vViKNAuS410jBDVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNy90hae+jwlkT4dd82V8cRFd3RMB8GA1UdIwQY
MBaAFC9TiPeWanr6wHNsee1gOyt4hlbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGIt
NDE5MGIxODQ2MGE3LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGItNDE5MGIxODQ2MGE3
LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANKk4+Eqk
Tw1g5HnXTIIoMbtyb3acOAN4JiZCp8j4cKT+8oA2KxVn8A57bH5Hz+S6o7BPBAwu
PiNybzNQf5v7l6Ok2nLsRW1QNDM+HdgT9iZ80y14y5qHKvjGf7CrKMfP2nMNiptn
XlkOaWX/5Mpu8FFQKyOHGaOk1fj0rYv7pUW2ODD/kjsupFUZjTlYrs3Sy/wL0RmE
PUcNxL88wzkgQcXy3UnjqEzmnZjZYycOyC5GVmWyAclNB/ILVc5dvtHPoOWcKF/3
u/brG89SgPn10oKeSvT2bgFQlWmMKI+TLFVVNiUVxQR4aXrRzvyVxfLLQ+MNOQlG
7/x10DzTaQITXA==
-----END CERTIFICATE-----