Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
File:                     LONOJrtlYwuGk29JaTU-18hplcg.mft (raw, json)
Hash identifier:          u3lgpIUwN07AfqDRgtvYRs9dnRL8LizrIFDfFGuWPNs=
Subject key identifier:   DB:82:94:57:95:6E:C4:33:8F:B3:E9:4F:0F:65:0D:C1:76:78:F4:1F
Authority key identifier: 2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8
Certificate issuer:       /CN=2ce34e26bb65630b86936f4969353ed7c86995c8
Certificate serial:       019D39AF5E22148798797504E78D8B7DFA57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
Manifest number:          17CA
Signing time:             Sun 29 Mar 2026 13:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:27 +0000
Files and hashes:         1: LONOJrtlYwuGk29JaTU-18hplcg.crl (hash: yKFo4F9+rm/EN+rDLuwcHvBEaALEctCdMEChqU8LnJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:5e:22:14:87:98:79:75:04:e7:8d:8b:7d:fa:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ce34e26bb65630b86936f4969353ed7c86995c8
        Validity
            Not Before: Mar 29 13:01:27 2026 GMT
            Not After : Mar 30 13:01:27 2026 GMT
        Subject: CN=db829457956ec4338fb3e94f0f650dc17678f41f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b7:bf:c2:f2:58:0f:c7:8b:fd:6b:f3:f8:1e:
                    dc:68:70:53:f2:e0:66:87:ab:af:ce:47:c0:06:11:
                    29:ba:83:0e:18:15:6d:76:f8:74:2c:ff:0e:d4:1d:
                    e4:2f:cd:2b:11:10:e2:78:d4:b3:15:36:3b:c9:c7:
                    c2:9f:09:21:14:0d:7c:ee:d9:cd:8f:34:80:c5:73:
                    4b:39:f0:b1:17:bb:e6:e0:48:eb:47:6e:1a:35:1a:
                    2b:c9:09:95:7f:b6:c9:ee:80:dd:f6:10:79:31:37:
                    7a:e6:b1:1e:94:a6:b7:6f:84:4f:a8:c6:6f:98:db:
                    66:62:a4:42:92:9d:12:ee:43:0f:f1:3c:ac:a3:39:
                    94:92:5e:ad:7b:3c:e2:45:ed:5d:90:87:6d:1a:8a:
                    48:ec:3d:8d:bf:4e:cd:6f:8e:88:e1:4b:40:6d:53:
                    76:d8:8c:7b:03:4f:d7:c8:e1:d4:63:8a:85:bc:6e:
                    4a:7b:dd:47:8e:cf:a8:65:b4:a7:c8:85:34:db:47:
                    05:7f:a4:7e:14:48:8b:f3:c9:bd:67:87:95:c7:b7:
                    af:4e:a3:ca:42:7e:f5:95:40:64:5c:07:83:1b:69:
                    c7:70:e6:20:98:46:a2:de:87:c4:f2:8e:8b:1e:ae:
                    f4:82:c5:24:17:6f:63:41:b3:db:32:6c:0a:90:72:
                    53:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:82:94:57:95:6E:C4:33:8F:B3:E9:4F:0F:65:0D:C1:76:78:F4:1F
            X509v3 Authority Key Identifier:
                keyid:2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b9:2b:94:12:9c:29:55:ff:6a:d6:61:e8:bc:e0:5c:2a:e7:
         de:83:98:f6:56:81:1a:d8:8c:66:12:5b:0b:2c:cb:30:9b:b9:
         92:73:f7:ad:23:fb:9c:50:4f:48:93:13:49:46:58:3c:71:9c:
         cc:fb:b7:48:00:ea:4c:5f:23:85:93:59:13:df:ed:39:a9:01:
         cd:ef:bc:f2:ff:58:e2:fe:7a:02:10:3d:e8:9e:5d:83:be:3a:
         4f:02:27:19:a5:16:42:94:22:57:eb:df:cf:6f:fc:34:2a:a4:
         09:14:13:00:bd:d1:cc:18:4e:bb:c0:b5:c2:a7:b7:5d:85:cf:
         6e:6d:f5:f9:09:f8:7e:e5:fe:0e:99:f7:c3:78:78:ce:f8:d2:
         fd:d5:79:ed:11:a1:4b:42:fd:76:2e:41:81:07:d2:2c:e8:8d:
         30:7e:c1:64:45:02:14:e9:20:14:bc:a9:7f:f3:73:00:f4:8c:
         aa:4c:09:f7:b4:5a:cd:3f:04:e1:f5:da:f9:a1:7c:50:24:06:
         17:76:c7:ef:46:91:a6:0f:90:ab:5e:6b:46:ad:f9:32:80:f5:
         c8:42:63:8d:5a:ec:ee:d0:df:fd:ef:2d:e1:58:87:ec:a5:84:
         94:91:a2:c8:d8:77:d1:8b:e9:4c:d0:aa:c2:45:7a:46:60:81:
         ad:16:0e:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r14iFIeYeXUE542LffpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTM0ZTI2YmI2NTYzMGI4NjkzNmY0OTY5MzUzZWQ3Yzg2
OTk1YzgwHhcNMjYwMzI5MTMwMTI3WhcNMjYwMzMwMTMwMTI3WjAzMTEwLwYDVQQD
EyhkYjgyOTQ1Nzk1NmVjNDMzOGZiM2U5NGYwZjY1MGRjMTc2NzhmNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Le/wvJYD8eL/Wvz+B7caHBT8uBm
h6uvzkfABhEpuoMOGBVtdvh0LP8O1B3kL80rERDieNSzFTY7ycfCnwkhFA187tnN
jzSAxXNLOfCxF7vm4EjrR24aNRoryQmVf7bJ7oDd9hB5MTd65rEelKa3b4RPqMZv
mNtmYqRCkp0S7kMP8TysozmUkl6tezziRe1dkIdtGopI7D2Nv07Nb46I4UtAbVN2
2Ix7A0/XyOHUY4qFvG5Ke91Hjs+oZbSnyIU020cFf6R+FEiL88m9Z4eVx7evTqPK
Qn71lUBkXAeDG2nHcOYgmEai3ofE8o6LHq70gsUkF29jQbPbMmwKkHJTswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuClFeVbsQzj7PpTw9lDcF2ePQfMB8GA1UdIwQY
MBaAFCzjTia7ZWMLhpNvSWk1PtfIaZXIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWIt
YjU5OTcyM2ZjMDUzLzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWItYjU5OTcyM2ZjMDUz
LzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLkrlBKc
KVX/atZh6LzgXCrn3oOY9laBGtiMZhJbCyzLMJu5knP3rSP7nFBPSJMTSUZYPHGc
zPu3SADqTF8jhZNZE9/tOakBze+88v9Y4v56AhA96J5dg746TwInGaUWQpQiV+vf
z2/8NCqkCRQTAL3RzBhOu8C1wqe3XYXPbm31+Qn4fuX+Dpn3w3h4zvjS/dV57RGh
S0L9di5BgQfSLOiNMH7BZEUCFOkgFLypf/NzAPSMqkwJ97RazT8E4fXa+aF8UCQG
F3bH70aRpg+Qq15rRq35MoD1yEJjjVrs7tDf/e8t4ViH7KWElJGiyNh30YvpTNCq
wkV6RmCBrRYOXg==
-----END CERTIFICATE-----