Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
File:                     LphQiZ2cq14AM9C-lyKn6zBdfGA.mft (raw, json)
Hash identifier:          Zq61QZh4jWiLNsx1LDwNrH0IEmjeOPvbulgpCiiG4qc=
Subject key identifier:   12:B3:7B:6D:5E:67:06:D0:DC:DF:18:C9:C6:EA:67:1C:BB:F2:C6:57
Authority key identifier: 2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60
Certificate issuer:       /CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
Certificate serial:       019D3866A3350E5846D83E4E01503E962EDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:02:23 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:23 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:23 +0000
Files and hashes:         1: LphQiZ2cq14AM9C-lyKn6zBdfGA.crl (hash: WsD4Sqi6S/A1aTx49I6EPRELCHaB3wkR0A62e2AuXUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:a3:35:0e:58:46:d8:3e:4e:01:50:3e:96:2e:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
        Validity
            Not Before: Mar 29 07:02:23 2026 GMT
            Not After : Mar 30 07:02:23 2026 GMT
        Subject: CN=12b37b6d5e6706d0dcdf18c9c6ea671cbbf2c657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e3:82:22:fd:e2:71:bd:6b:d9:5d:5d:d5:9f:
                    de:62:88:7e:da:50:33:c5:fa:a2:5e:22:eb:d1:f9:
                    3d:ec:cc:40:c0:62:f2:1a:d2:1e:2b:55:b1:fa:e7:
                    d1:4a:9f:e5:87:9d:7e:9f:6e:eb:49:91:03:2d:8d:
                    cc:e2:58:10:dd:8e:c9:7b:c4:34:3e:5f:95:da:4b:
                    11:fa:a1:aa:9c:a1:cd:39:83:40:d0:bb:90:0f:1a:
                    0a:ce:77:66:64:da:dd:e4:79:56:35:31:23:4a:23:
                    d7:8b:96:42:8b:16:cf:e5:d9:ae:58:85:cd:fa:b9:
                    6b:f1:91:04:51:b7:27:1b:19:16:18:36:39:4e:76:
                    5d:fc:2b:0d:98:40:3f:27:82:fe:45:d8:26:6a:73:
                    4d:23:b0:79:e9:d4:ee:b4:4b:0e:33:13:8e:e1:fe:
                    8e:15:08:2e:df:0f:29:5e:d5:e0:12:c5:50:67:2e:
                    db:47:da:c6:a4:05:1c:5c:50:b3:ec:05:6a:42:c9:
                    cd:a1:b0:6d:da:2c:ec:0f:66:60:f5:19:f6:c8:2a:
                    9e:be:04:4d:ba:eb:2a:51:99:cd:cf:fb:dd:1f:da:
                    1c:f0:f8:2c:cc:40:bc:2a:5d:5a:27:cd:dd:a2:e0:
                    f6:26:5a:08:e3:12:5e:d1:70:49:f5:cb:b6:43:65:
                    52:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:B3:7B:6D:5E:67:06:D0:DC:DF:18:C9:C6:EA:67:1C:BB:F2:C6:57
            X509v3 Authority Key Identifier:
                keyid:2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:bb:03:cf:ed:3f:1d:a2:70:b1:6a:e3:bd:24:81:cd:f3:21:
         47:1d:fe:48:e7:08:be:70:c3:cd:75:da:e6:60:40:ab:89:ab:
         c8:f2:7e:64:c5:08:72:6a:65:f5:60:fe:3d:57:6f:29:13:cc:
         cd:49:e3:d2:a6:64:ca:3c:a4:40:06:c6:8e:ee:9f:0b:fc:4c:
         af:a9:4a:f6:fe:58:5c:a4:98:87:49:37:e1:a6:74:53:49:e1:
         91:24:2f:db:88:95:a7:ae:b7:91:61:4c:6a:a6:8a:35:e5:c9:
         14:47:82:d6:f7:cb:53:ad:b2:f3:d7:06:a7:b4:e3:9a:94:b1:
         6f:9c:47:56:4e:f3:c0:2d:e6:bb:82:7a:77:60:ba:a4:c2:5f:
         87:db:ab:55:4f:3c:f7:17:38:67:4d:f9:e2:e5:47:e1:90:03:
         d4:d4:c5:79:a7:c4:b0:8a:ed:da:90:d4:3f:90:23:fc:f6:3f:
         5e:7e:1d:c9:54:3c:90:2d:e1:bc:8f:c8:d1:2d:f0:49:99:4b:
         da:cc:fe:8d:73:37:91:f8:a7:11:e9:f3:e0:11:2e:98:28:5d:
         37:25:6a:25:8b:53:85:6f:15:6d:40:05:d2:64:ed:a6:a7:a7:
         cf:9a:06:3d:4b:98:13:a8:9b:83:fd:1b:7f:65:e0:01:c1:33:
         04:91:cb:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZqM1DlhG2D5OAVA+li7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOTg1MDg5OWQ5Y2FiNWUwMDMzZDBiZTk3MjJhN2ViMzA1
ZDdjNjAwHhcNMjYwMzI5MDcwMjIzWhcNMjYwMzMwMDcwMjIzWjAzMTEwLwYDVQQD
EygxMmIzN2I2ZDVlNjcwNmQwZGNkZjE4YzljNmVhNjcxY2JiZjJjNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOOCIv3icb1r2V1d1Z/eYoh+2lAz
xfqiXiLr0fk97MxAwGLyGtIeK1Wx+ufRSp/lh51+n27rSZEDLY3M4lgQ3Y7Je8Q0
Pl+V2ksR+qGqnKHNOYNA0LuQDxoKzndmZNrd5HlWNTEjSiPXi5ZCixbP5dmuWIXN
+rlr8ZEEUbcnGxkWGDY5TnZd/CsNmEA/J4L+RdgmanNNI7B56dTutEsOMxOO4f6O
FQgu3w8pXtXgEsVQZy7bR9rGpAUcXFCz7AVqQsnNobBt2izsD2Zg9Rn2yCqevgRN
uusqUZnNz/vdH9oc8PgszEC8Kl1aJ83douD2JloI4xJe0XBJ9cu2Q2VSkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKze21eZwbQ3N8YycbqZxy78sZXMB8GA1UdIwQY
MBaAFC6YUImdnKteADPQvpcip+swXXxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDct
NmI2YWQwNDU2YjY1LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDctNmI2YWQwNDU2YjY1
LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLsDz+0/
HaJwsWrjvSSBzfMhRx3+SOcIvnDDzXXa5mBAq4mryPJ+ZMUIcmpl9WD+PVdvKRPM
zUnj0qZkyjykQAbGju6fC/xMr6lK9v5YXKSYh0k34aZ0U0nhkSQv24iVp663kWFM
aqaKNeXJFEeC1vfLU62y89cGp7TjmpSxb5xHVk7zwC3mu4J6d2C6pMJfh9urVU88
9xc4Z0354uVH4ZAD1NTFeafEsIrt2pDUP5Aj/PY/Xn4dyVQ8kC3hvI/I0S3wSZlL
2sz+jXM3kfinEenz4BEumChdNyVqJYtThW8VbUAF0mTtpqenz5oGPUuYE6ibg/0b
f2XgAcEzBJHLnA==
-----END CERTIFICATE-----