Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          2yyEAbbm0ZirN6xWnN7hll4oH3+LLRxM+nf8OAtqSSQ=
Subject key identifier:   3C:16:CA:22:CB:30:C2:A8:8C:24:1D:95:9D:98:95:6F:15:EB:C2:DA
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019D389BE4F8C0986A3864305EFDBFC0007B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          053E
Signing time:             Sun 29 Mar 2026 08:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:33 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: 92Ta0Yj2gx+55Fe3TyEO/2LJVZGHJXNa3OerA8pNS/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:e4:f8:c0:98:6a:38:64:30:5e:fd:bf:c0:00:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Mar 29 08:00:33 2026 GMT
            Not After : Mar 30 08:00:33 2026 GMT
        Subject: CN=3c16ca22cb30c2a88c241d959d98956f15ebc2da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:88:76:cc:98:7e:42:b2:3e:47:5b:89:7a:b2:
                    bc:bc:5d:ba:19:18:4b:c2:67:3c:8f:d1:0f:52:be:
                    d4:57:c8:3b:6d:57:40:25:4d:2d:d2:89:24:1f:a7:
                    37:40:ab:47:3d:a5:b9:13:96:ef:35:b0:cc:bc:d1:
                    51:59:9d:70:9d:e3:bb:9d:dc:78:6a:c8:61:9f:63:
                    65:c7:1c:71:9e:68:ff:76:f8:a0:7f:4c:b9:9f:0c:
                    c0:89:56:12:2e:3e:ec:cd:9e:7e:73:f2:09:a1:56:
                    a5:4a:f0:e8:78:be:a0:cd:dc:9d:15:ba:5b:82:85:
                    41:13:04:62:fd:61:20:bd:d9:68:98:78:72:2d:4c:
                    be:51:4f:42:45:36:a2:05:c1:17:b1:a8:ec:13:39:
                    f8:8e:b5:77:d1:27:e9:f6:ba:1c:1a:a8:f3:2b:2b:
                    10:bb:56:e2:4b:0c:ab:0a:ed:6f:f3:99:98:da:53:
                    8a:6a:39:20:ac:9e:4d:09:b9:58:6b:5c:21:f1:ec:
                    9b:e2:fb:f4:f9:5c:39:83:56:22:0c:be:3f:fa:2b:
                    a4:a6:12:b7:06:b1:d3:84:e0:12:17:17:00:0a:d1:
                    5f:d2:7b:e6:7e:11:6d:b2:a7:94:35:69:46:48:7f:
                    30:02:e2:d5:dc:86:72:99:86:41:aa:e6:74:4b:f3:
                    50:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:16:CA:22:CB:30:C2:A8:8C:24:1D:95:9D:98:95:6F:15:EB:C2:DA
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:00:ba:0c:bf:89:8d:1e:b2:0b:49:d8:4c:b8:e2:f8:93:18:
         a6:d9:35:c2:7f:ac:4d:58:68:51:92:0c:d8:0a:94:f9:00:53:
         ca:51:8d:79:f8:b8:df:6a:ee:d3:2d:ea:e7:f6:2d:28:27:5d:
         6f:93:fe:55:20:5c:0f:ec:ab:15:31:bf:b6:18:df:73:98:0a:
         de:9f:db:57:5f:e9:12:86:31:40:ec:bd:77:73:4d:f7:ae:ee:
         7b:56:00:3a:f1:50:8e:dc:6a:f8:01:b9:e2:e8:25:9e:aa:29:
         9e:70:af:d5:52:73:42:63:6c:8d:77:f9:ce:a3:a5:e8:09:eb:
         d1:33:52:17:98:66:6e:a7:7a:3f:c6:20:e1:cb:69:12:a4:a5:
         39:16:dc:c1:a0:d8:a4:74:cf:9b:50:d7:2e:b7:dc:4c:59:7e:
         db:54:e3:29:a4:f0:59:c0:a6:3e:26:07:5b:a1:56:72:69:d5:
         0f:99:b2:26:2c:fa:48:16:e7:a8:55:aa:a9:a2:08:4f:e3:9e:
         f1:f0:0b:47:85:00:9d:0c:2c:f9:a9:9a:78:98:03:7f:41:46:
         ed:56:c0:2f:87:77:46:a1:76:70:d9:2b:84:4d:88:56:8c:13:
         32:4d:bb:e9:72:be:dd:cd:70:1a:44:96:ba:42:1d:46:e4:de:
         f4:1c:7d:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+T4wJhqOGQwXv2/wAB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjYwMzI5MDgwMDMzWhcNMjYwMzMwMDgwMDMzWjAzMTEwLwYDVQQD
EygzYzE2Y2EyMmNiMzBjMmE4OGMyNDFkOTU5ZDk4OTU2ZjE1ZWJjMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoh2zJh+QrI+R1uJerK8vF26GRhL
wmc8j9EPUr7UV8g7bVdAJU0t0okkH6c3QKtHPaW5E5bvNbDMvNFRWZ1wneO7ndx4
ashhn2Nlxxxxnmj/dvigf0y5nwzAiVYSLj7szZ5+c/IJoValSvDoeL6gzdydFbpb
goVBEwRi/WEgvdlomHhyLUy+UU9CRTaiBcEXsajsEzn4jrV30Sfp9rocGqjzKysQ
u1biSwyrCu1v85mY2lOKajkgrJ5NCblYa1wh8eyb4vv0+Vw5g1YiDL4/+iukphK3
BrHThOASFxcACtFf0nvmfhFtsqeUNWlGSH8wAuLV3IZymYZBquZ0S/NQcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwWyiLLMMKojCQdlZ2YlW8V68LaMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWgC6DL+J
jR6yC0nYTLji+JMYptk1wn+sTVhoUZIM2AqU+QBTylGNefi432ru0y3q5/YtKCdd
b5P+VSBcD+yrFTG/thjfc5gK3p/bV1/pEoYxQOy9d3NN967ue1YAOvFQjtxq+AG5
4uglnqopnnCv1VJzQmNsjXf5zqOl6Anr0TNSF5hmbqd6P8Yg4ctpEqSlORbcwaDY
pHTPm1DXLrfcTFl+21TjKaTwWcCmPiYHW6FWcmnVD5myJiz6SBbnqFWqqaIIT+Oe
8fALR4UAnQws+amaeJgDf0FG7VbAL4d3RqF2cNkrhE2IVowTMk276XK+3c1wGkSW
ukIdRuTe9Bx9vQ==
-----END CERTIFICATE-----