Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft
File:                     LKVMSc_kyVm2nIriZoMm8QX2K50.mft (raw, json)
Hash identifier:          6MVWXHE1VuvBZiAbKtxrvv8wlK8YzvETr/JZjCBGkAM=
Subject key identifier:   59:BD:20:ED:56:73:D2:D8:48:B7:41:41:56:05:78:FE:E3:9A:3B:C9
Authority key identifier: 2C:A5:4C:49:CF:E4:C9:59:B6:9C:8A:E2:66:83:26:F1:05:F6:2B:9D
Certificate issuer:       /CN=2ca54c49cfe4c959b69c8ae2668326f105f62b9d
Certificate serial:       019D37891403642521E5221E920E87ECB34A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKVMSc_kyVm2nIriZoMm8QX2K50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft
Manifest number:          0870
Signing time:             Sun 29 Mar 2026 03:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:23 +0000
Files and hashes:         1: LKVMSc_kyVm2nIriZoMm8QX2K50.crl (hash: yW+jWP26yPUEydYg+5BuoJAak45ocl1rX2fwWSAfdgQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKVMSc_kyVm2nIriZoMm8QX2K50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:14:03:64:25:21:e5:22:1e:92:0e:87:ec:b3:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ca54c49cfe4c959b69c8ae2668326f105f62b9d
        Validity
            Not Before: Mar 29 03:00:23 2026 GMT
            Not After : Mar 30 03:00:23 2026 GMT
        Subject: CN=59bd20ed5673d2d848b74141560578fee39a3bc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:0e:71:4c:bd:a6:83:51:0a:74:12:1c:22:87:
                    6f:74:ab:44:63:c7:c2:1e:fe:3d:86:6b:fd:da:66:
                    3d:4c:26:0c:be:57:a6:33:21:60:ae:48:8f:18:bb:
                    fd:14:d6:72:04:20:ec:ba:1a:ad:59:b2:a5:6d:63:
                    6e:15:a6:41:3d:3c:c7:c8:fa:b8:ec:6e:d8:f9:93:
                    2f:38:64:9f:9c:e3:3f:00:0d:83:96:41:46:2b:fc:
                    27:e2:07:01:02:5f:b0:bc:8f:38:0e:b9:53:d1:a6:
                    5f:1e:ba:65:a6:da:9d:b6:d9:68:c0:1d:e7:1b:cf:
                    c3:23:a4:7d:7c:19:05:23:91:22:a2:c1:f2:5d:42:
                    32:85:e6:a1:06:25:72:55:8c:c6:e5:9f:a9:cf:b7:
                    45:4e:f6:72:34:6c:11:6f:90:80:1b:42:c3:62:5a:
                    a8:f7:8c:18:d3:be:59:93:81:85:24:93:70:dc:29:
                    fb:3e:f0:37:44:2f:ce:d0:8a:1a:e2:f6:70:d7:5d:
                    84:9b:df:18:31:01:e9:35:7a:63:f7:92:b7:23:6d:
                    e9:8b:a4:95:85:97:3c:29:7a:3e:88:6a:13:d6:04:
                    b0:ad:64:7c:91:68:f5:74:81:af:a7:2e:4a:ca:6e:
                    4b:cf:61:b6:af:23:ec:b3:a2:77:a8:38:4b:15:66:
                    90:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:BD:20:ED:56:73:D2:D8:48:B7:41:41:56:05:78:FE:E3:9A:3B:C9
            X509v3 Authority Key Identifier:
                keyid:2C:A5:4C:49:CF:E4:C9:59:B6:9C:8A:E2:66:83:26:F1:05:F6:2B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKVMSc_kyVm2nIriZoMm8QX2K50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/4b1f9e-88fe-4939-ad58-f23f29cefee6/1/LKVMSc_kyVm2nIriZoMm8QX2K50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:cf:27:ec:59:92:9b:3e:9d:11:51:4e:4b:28:77:34:d7:dc:
         e9:37:a3:38:9e:62:9c:cd:c0:82:37:1b:88:6a:2b:e0:ec:a1:
         f1:57:46:7c:3c:ff:8b:08:85:f3:ba:fd:e2:f3:57:ab:44:7b:
         96:b6:f3:4d:e2:81:50:5f:c7:bd:67:eb:47:2f:81:d3:61:45:
         fe:e9:f5:16:d4:19:ec:0b:30:bf:48:a4:47:8b:88:b9:cf:54:
         46:d0:e3:15:67:18:d9:ca:20:da:97:fe:c2:47:4e:f0:ed:d0:
         22:b5:a5:fb:9d:9c:6b:90:a4:89:3f:62:19:b2:7d:ae:6a:c9:
         9c:b4:b7:b2:84:e2:d1:5a:97:37:a0:a6:68:22:5d:ee:0d:fe:
         47:eb:fb:fe:39:33:8a:62:ee:33:2e:be:f5:42:00:ab:17:5c:
         dd:df:3c:d1:4d:e4:35:41:a7:d9:96:d6:4a:20:4a:dd:76:88:
         ab:c0:40:fd:be:c5:e8:06:cc:3a:73:ac:16:ac:4d:61:85:43:
         49:73:98:74:ac:0f:14:d7:b0:c1:ac:40:97:55:99:6b:10:a1:
         6b:4d:b1:10:36:8e:73:4d:f7:39:dc:a6:44:10:f1:e6:fe:6e:
         4e:c9:2a:cc:b4:c7:8c:87:ad:e4:07:aa:bb:8d:88:5e:9b:15:
         1f:86:a4:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRQDZCUh5SIekg6H7LNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYTU0YzQ5Y2ZlNGM5NTliNjljOGFlMjY2ODMyNmYxMDVm
NjJiOWQwHhcNMjYwMzI5MDMwMDIzWhcNMjYwMzMwMDMwMDIzWjAzMTEwLwYDVQQD
Eyg1OWJkMjBlZDU2NzNkMmQ4NDhiNzQxNDE1NjA1NzhmZWUzOWEzYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyw5xTL2mg1EKdBIcIodvdKtEY8fC
Hv49hmv92mY9TCYMvlemMyFgrkiPGLv9FNZyBCDsuhqtWbKlbWNuFaZBPTzHyPq4
7G7Y+ZMvOGSfnOM/AA2DlkFGK/wn4gcBAl+wvI84DrlT0aZfHrplptqdttlowB3n
G8/DI6R9fBkFI5EiosHyXUIyheahBiVyVYzG5Z+pz7dFTvZyNGwRb5CAG0LDYlqo
94wY075Zk4GFJJNw3Cn7PvA3RC/O0Ioa4vZw112Em98YMQHpNXpj95K3I23pi6SV
hZc8KXo+iGoT1gSwrWR8kWj1dIGvpy5Kym5Lz2G2ryPss6J3qDhLFWaQdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFm9IO1Wc9LYSLdBQVYFeP7jmjvJMB8GA1UdIwQY
MBaAFCylTEnP5MlZtpyK4maDJvEF9iudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEtWTVNjX2t5Vm0ybklyaVpvTW04UVgySzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80YjFmOWUtODhmZS00OTM5LWFkNTgt
ZjIzZjI5Y2VmZWU2LzEvTEtWTVNjX2t5Vm0ybklyaVpvTW04UVgySzUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80YjFmOWUtODhmZS00OTM5LWFkNTgtZjIzZjI5Y2VmZWU2
LzEvTEtWTVNjX2t5Vm0ybklyaVpvTW04UVgySzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKc8n7FmS
mz6dEVFOSyh3NNfc6TejOJ5inM3AgjcbiGor4Oyh8VdGfDz/iwiF87r94vNXq0R7
lrbzTeKBUF/HvWfrRy+B02FF/un1FtQZ7Aswv0ikR4uIuc9URtDjFWcY2cog2pf+
wkdO8O3QIrWl+52ca5CkiT9iGbJ9rmrJnLS3soTi0VqXN6CmaCJd7g3+R+v7/jkz
imLuMy6+9UIAqxdc3d880U3kNUGn2ZbWSiBK3XaIq8BA/b7F6AbMOnOsFqxNYYVD
SXOYdKwPFNewwaxAl1WZaxCha02xEDaOc033OdymRBDx5v5uTskqzLTHjIet5Aeq
u42IXpsVH4akVA==
-----END CERTIFICATE-----