Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
File:                     lvMFpB83TbAVgTN3CNHHnr6nlxw.mft (raw, json)
Hash identifier:          vk+pzv2fjfkrfGMqivJgnlQCcUMAm2urv0XSWbqX1cM=
Subject key identifier:   63:7B:63:4F:23:FB:F5:32:7F:00:FA:3B:BD:E0:FB:DF:D1:3E:7D:66
Authority key identifier: 96:F3:05:A4:1F:37:4D:B0:15:81:33:77:08:D1:C7:9E:BE:A7:97:1C
Certificate issuer:       /CN=96f305a41f374db01581337708d1c79ebea7971c
Certificate serial:       019D386554B0E18DC508F65B7875E3E24068
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
Manifest number:          0711
Signing time:             Sun 29 Mar 2026 07:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:58 +0000
Files and hashes:         1: lvMFpB83TbAVgTN3CNHHnr6nlxw.crl (hash: 8Xq3sB0TkbDLUnWccjwa6YxH1HI5oAqYNSCzra26SPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:54:b0:e1:8d:c5:08:f6:5b:78:75:e3:e2:40:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96f305a41f374db01581337708d1c79ebea7971c
        Validity
            Not Before: Mar 29 07:00:58 2026 GMT
            Not After : Mar 30 07:00:58 2026 GMT
        Subject: CN=637b634f23fbf5327f00fa3bbde0fbdfd13e7d66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:35:79:2b:fb:33:77:2c:a1:68:59:73:db:e3:
                    42:71:bc:ff:3c:3e:20:e1:e6:8d:af:7c:2f:04:07:
                    f1:34:2f:3a:a0:90:0d:2b:c2:66:87:6d:64:3e:67:
                    f4:4c:24:e8:e4:a8:0a:6a:37:57:97:7e:b2:5f:8e:
                    d5:a4:3a:f2:b5:a6:17:03:a0:a7:23:80:a4:2f:e9:
                    65:e4:fe:3c:2a:e0:68:45:cf:63:dd:10:d2:18:8a:
                    24:76:96:84:fa:62:12:c9:98:a1:5d:68:f5:b2:83:
                    ce:ef:6e:af:de:88:de:6b:d3:54:15:4b:ce:a1:0f:
                    27:14:e4:80:29:06:ad:07:75:f0:df:b7:8c:3b:95:
                    ce:8c:5c:ff:dc:9d:8d:5d:1c:19:b7:bc:92:c1:b3:
                    a4:25:d1:b9:a7:4c:23:94:a5:8e:5a:a0:d2:8a:da:
                    35:ab:f7:bc:fc:e7:76:6e:90:ef:9e:0d:44:7b:55:
                    ac:09:3d:0e:b8:8e:be:7e:6a:de:07:ef:fc:4d:d7:
                    fc:07:46:53:ed:3f:cd:5b:c5:4c:ed:ff:73:89:92:
                    f3:0f:9a:d8:df:bf:64:d8:7b:e1:a3:ed:a2:3d:26:
                    f9:c4:d3:84:0d:74:20:be:87:ae:c5:b1:49:1b:8a:
                    d1:b3:e9:12:5a:1d:d5:c0:a9:80:62:23:7a:5d:43:
                    84:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:7B:63:4F:23:FB:F5:32:7F:00:FA:3B:BD:E0:FB:DF:D1:3E:7D:66
            X509v3 Authority Key Identifier:
                keyid:96:F3:05:A4:1F:37:4D:B0:15:81:33:77:08:D1:C7:9E:BE:A7:97:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvMFpB83TbAVgTN3CNHHnr6nlxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3108a3-5b5d-48d2-853b-f12b6ac5a2b2/1/lvMFpB83TbAVgTN3CNHHnr6nlxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:c1:96:e1:54:11:1f:c9:1b:fd:be:44:6b:e1:25:a7:68:e3:
         48:57:5a:cb:5b:9d:98:62:16:b6:eb:1a:c5:03:33:8e:6a:1e:
         a4:84:df:c2:ec:77:c6:52:12:63:51:f0:8b:f2:27:c4:d7:73:
         86:e1:4c:98:21:f8:39:06:e5:71:95:e1:2c:b8:f5:17:66:1a:
         0e:d0:46:50:5e:4e:f8:98:87:d3:45:5a:05:7b:f5:2c:88:c9:
         82:4e:a0:fe:9c:ea:23:78:3d:b0:09:12:b3:d1:90:b6:72:80:
         2b:76:46:27:ee:cc:b9:3f:2c:65:27:e1:fe:1f:77:f9:c9:b8:
         d8:16:03:4b:de:a8:8b:f0:8a:64:e5:a0:ac:1e:29:95:87:88:
         ba:88:86:0b:2d:f2:be:ee:d7:78:e9:09:6f:61:01:e1:72:fa:
         c8:ad:74:3b:a4:86:dc:0c:8b:13:3a:c6:29:d8:6d:7c:db:53:
         6d:b6:ae:e0:1c:50:8c:99:7c:99:a8:dc:be:8d:5a:70:b5:75:
         30:21:44:1f:54:0a:85:92:66:35:d7:00:f1:3f:ff:ca:5e:fc:
         a3:76:0b:10:60:14:7e:ab:98:36:5f:a4:b0:72:75:57:4b:d1:
         1a:c7:10:00:e4:13:3c:39:8b:30:5b:5a:22:3d:62:12:c0:3b:
         b0:e3:8f:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVSw4Y3FCPZbeHXj4kBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjMwNWE0MWYzNzRkYjAxNTgxMzM3NzA4ZDFjNzllYmVh
Nzk3MWMwHhcNMjYwMzI5MDcwMDU4WhcNMjYwMzMwMDcwMDU4WjAzMTEwLwYDVQQD
Eyg2MzdiNjM0ZjIzZmJmNTMyN2YwMGZhM2JiZGUwZmJkZmQxM2U3ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTV5K/szdyyhaFlz2+NCcbz/PD4g
4eaNr3wvBAfxNC86oJANK8Jmh21kPmf0TCTo5KgKajdXl36yX47VpDrytaYXA6Cn
I4CkL+ll5P48KuBoRc9j3RDSGIokdpaE+mISyZihXWj1soPO726v3ojea9NUFUvO
oQ8nFOSAKQatB3Xw37eMO5XOjFz/3J2NXRwZt7ySwbOkJdG5p0wjlKWOWqDSito1
q/e8/Od2bpDvng1Ee1WsCT0OuI6+fmreB+/8Tdf8B0ZT7T/NW8VM7f9ziZLzD5rY
379k2Hvho+2iPSb5xNOEDXQgvoeuxbFJG4rRs+kSWh3VwKmAYiN6XUOE+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGN7Y08j+/UyfwD6O73g+9/RPn1mMB8GA1UdIwQY
MBaAFJbzBaQfN02wFYEzdwjRx56+p5ccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zMTA4YTMtNWI1ZC00OGQyLTg1M2It
ZjEyYjZhYzVhMmIyLzEvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zMTA4YTMtNWI1ZC00OGQyLTg1M2ItZjEyYjZhYzVhMmIy
LzEvbHZNRnBCODNUYkFWZ1ROM0NOSEhucjZubHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8GW4VQR
H8kb/b5Ea+Elp2jjSFday1udmGIWtusaxQMzjmoepITfwux3xlISY1Hwi/InxNdz
huFMmCH4OQblcZXhLLj1F2YaDtBGUF5O+JiH00VaBXv1LIjJgk6g/pzqI3g9sAkS
s9GQtnKAK3ZGJ+7MuT8sZSfh/h93+cm42BYDS96oi/CKZOWgrB4plYeIuoiGCy3y
vu7XeOkJb2EB4XL6yK10O6SG3AyLEzrGKdhtfNtTbbau4BxQjJl8majcvo1acLV1
MCFEH1QKhZJmNdcA8T//yl78o3YLEGAUfquYNl+ksHJ1V0vRGscQAOQTPDmLMFta
Ij1iEsA7sOOPNQ==
-----END CERTIFICATE-----