Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          /nyy03BIr6FGWbok4N6G6BwXKI+o80fOwq+zU/pkg30=
Subject key identifier:   9C:2B:28:0F:FD:A6:3D:C4:5A:FD:4D:B0:DE:37:4C:20:79:76:B7:4B
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       019D386644295F4C64562208BC7C91EFCC27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          04CC
Signing time:             Sun 29 Mar 2026 07:01:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:59 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: Md+ztdPpB+dd0lfJIn4zRQ6WvueejguxzON4t7Eb6mY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:44:29:5f:4c:64:56:22:08:bc:7c:91:ef:cc:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Mar 29 07:01:59 2026 GMT
            Not After : Mar 30 07:01:59 2026 GMT
        Subject: CN=9c2b280ffda63dc45afd4db0de374c207976b74b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:af:6a:8f:90:27:6d:4d:49:3d:66:46:3c:9a:
                    7c:74:8c:6d:68:a6:b7:f9:ef:12:c2:19:a1:1d:57:
                    77:28:2a:61:e6:45:11:26:b8:c5:8e:50:ef:8e:41:
                    a6:52:9a:f1:cf:5a:fe:f0:6e:05:c3:a6:13:47:80:
                    d7:b9:c3:b2:79:8e:47:66:af:dd:6c:ea:83:3a:0c:
                    bc:a6:85:34:10:b6:90:14:62:4d:97:f3:be:79:a5:
                    c6:a5:e6:3b:3c:f9:33:46:41:4b:a2:1a:a7:7f:d8:
                    7b:03:38:b5:0c:33:7c:08:12:dc:35:37:76:1f:39:
                    eb:99:3a:d6:ed:3e:82:0f:4b:5d:76:84:9f:7c:2e:
                    2b:d1:02:22:c3:11:bd:cc:3e:b5:57:a6:79:0b:02:
                    fd:df:93:3f:34:ae:e2:f2:6c:ad:ec:43:52:62:e2:
                    b9:76:48:9f:aa:b7:c0:76:6e:2a:1b:a5:8b:15:46:
                    b5:b3:9a:77:7c:31:63:ee:73:66:f6:97:ea:cb:ab:
                    3a:7a:7b:1e:05:25:17:7b:06:75:e0:c0:84:69:9c:
                    ac:56:1b:2f:68:ad:62:ae:41:58:96:d1:93:dd:db:
                    ca:ec:12:65:1b:d6:4f:36:63:a7:47:b1:e8:f0:6d:
                    c8:15:7c:19:fc:2a:bb:e9:4a:ad:15:c6:e7:8c:52:
                    94:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:2B:28:0F:FD:A6:3D:C4:5A:FD:4D:B0:DE:37:4C:20:79:76:B7:4B
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:7f:f3:34:7f:2c:30:ef:b0:13:1e:7c:e4:c5:3e:84:2d:5b:
         9f:64:cb:3e:6c:48:54:e3:4a:a2:53:4c:f5:25:ec:20:5c:93:
         c0:92:ec:a2:97:53:d9:7b:c6:af:1e:23:5a:93:32:a5:4d:0d:
         9b:be:0c:09:6f:db:8b:08:50:01:b3:2b:d9:82:d9:73:f3:26:
         52:f8:73:b7:e4:f1:77:f6:aa:f1:16:83:2f:1a:b3:a1:94:00:
         37:1f:25:15:72:37:ad:ba:8e:bd:56:b9:f1:5b:42:2b:14:11:
         99:86:55:fd:9d:4e:b2:81:49:01:44:5e:39:47:44:cc:17:82:
         af:38:2a:57:83:db:99:ea:b7:fd:b7:5a:dc:02:7b:87:21:8c:
         e3:8a:19:b5:6f:7d:59:36:d8:03:54:fc:ee:88:e4:0e:97:c9:
         1c:89:97:3b:b2:5a:fa:5f:3e:44:26:ff:e1:56:72:6d:1a:3e:
         31:32:5e:d0:f5:06:72:9c:4e:e0:66:2b:df:3d:1a:90:84:39:
         11:31:a4:cf:93:26:4d:70:fb:90:9d:a2:24:22:e5:d0:63:3b:
         fa:e7:ee:53:d8:df:ce:a9:99:9c:f5:b0:ff:c7:02:f9:01:88:
         68:10:7c:f4:8e:d8:59:ab:cb:c7:ad:dc:ee:19:3a:f9:e3:47:
         ad:56:0f:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkQpX0xkViIIvHyR78wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjYwMzI5MDcwMTU5WhcNMjYwMzMwMDcwMTU5WjAzMTEwLwYDVQQD
Eyg5YzJiMjgwZmZkYTYzZGM0NWFmZDRkYjBkZTM3NGMyMDc5NzZiNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8a9qj5AnbU1JPWZGPJp8dIxtaKa3
+e8SwhmhHVd3KCph5kURJrjFjlDvjkGmUprxz1r+8G4Fw6YTR4DXucOyeY5HZq/d
bOqDOgy8poU0ELaQFGJNl/O+eaXGpeY7PPkzRkFLohqnf9h7Azi1DDN8CBLcNTd2
HznrmTrW7T6CD0tddoSffC4r0QIiwxG9zD61V6Z5CwL935M/NK7i8myt7ENSYuK5
dkifqrfAdm4qG6WLFUa1s5p3fDFj7nNm9pfqy6s6enseBSUXewZ14MCEaZysVhsv
aK1irkFYltGT3dvK7BJlG9ZPNmOnR7Ho8G3IFXwZ/Cq76UqtFcbnjFKUEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwrKA/9pj3EWv1NsN43TCB5drdLMB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlH/zNH8s
MO+wEx585MU+hC1bn2TLPmxIVONKolNM9SXsIFyTwJLsopdT2XvGrx4jWpMypU0N
m74MCW/biwhQAbMr2YLZc/MmUvhzt+Txd/aq8RaDLxqzoZQANx8lFXI3rbqOvVa5
8VtCKxQRmYZV/Z1OsoFJAUReOUdEzBeCrzgqV4Pbmeq3/bda3AJ7hyGM44oZtW99
WTbYA1T87ojkDpfJHImXO7Ja+l8+RCb/4VZybRo+MTJe0PUGcpxO4GYr3z0akIQ5
ETGkz5MmTXD7kJ2iJCLl0GM7+ufuU9jfzqmZnPWw/8cC+QGIaBB89I7YWavLx63c
7hk6+eNHrVYPNA==
-----END CERTIFICATE-----