Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft
File:                     Lamd3TmQcoABaWYXi_aOXEY8LrY.mft (raw, json)
Hash identifier:          mqvE8iLFfJmRLtN/pF5Vi7uT9R+beqaCmrVKqDDFjAM=
Subject key identifier:   09:AE:93:C3:F5:A2:F8:4E:81:85:42:FC:16:EB:FE:50:B5:15:0F:04
Authority key identifier: 2D:A9:9D:DD:39:90:72:80:01:69:66:17:8B:F6:8E:5C:46:3C:2E:B6
Certificate issuer:       /CN=2da99ddd39907280016966178bf68e5c463c2eb6
Certificate serial:       019D386679324238411E07285E9E1C6EC63C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lamd3TmQcoABaWYXi_aOXEY8LrY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:02:12 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:12 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:12 +0000
Files and hashes:         1: Lamd3TmQcoABaWYXi_aOXEY8LrY.crl (hash: kYXe0rNRW43P5gbBH0le/PG93USE8VcGu8HeKkuWBz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lamd3TmQcoABaWYXi_aOXEY8LrY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:79:32:42:38:41:1e:07:28:5e:9e:1c:6e:c6:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2da99ddd39907280016966178bf68e5c463c2eb6
        Validity
            Not Before: Mar 29 07:02:12 2026 GMT
            Not After : Mar 30 07:02:12 2026 GMT
        Subject: CN=09ae93c3f5a2f84e818542fc16ebfe50b5150f04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e7:ef:c1:7e:6f:5f:eb:2f:07:ba:a7:6a:ba:
                    b8:7a:d7:59:4a:4e:54:31:1e:d8:2d:53:a2:3e:93:
                    44:ca:f1:a8:fc:5b:94:85:43:2d:2a:05:39:15:b9:
                    0c:79:5a:3f:3c:ce:be:da:5f:dd:8b:d7:0a:a7:19:
                    13:1d:39:63:00:6d:4d:05:37:c9:bb:45:e3:63:47:
                    50:b9:d1:c3:27:c8:0c:e5:85:7a:81:d3:c7:6c:d2:
                    ff:4e:7c:2c:15:d4:d2:e7:86:7a:6c:da:42:e7:ff:
                    2d:e7:e9:59:43:7d:af:aa:0d:d9:9f:d8:86:b1:10:
                    c6:b3:5e:64:a6:8d:1c:64:b8:36:cb:4d:96:63:15:
                    d2:53:7a:d5:d3:d0:91:c7:6c:a4:c5:0d:25:df:de:
                    f6:90:6f:11:b0:ae:d5:39:52:9c:1c:22:68:2c:fa:
                    a5:59:4e:16:f3:07:f1:aa:5b:19:9e:00:41:5f:01:
                    8c:7b:57:30:62:1c:4e:44:d7:33:5c:e4:7a:71:2f:
                    6f:b4:1f:1f:d3:e2:53:28:fe:44:7e:3d:86:66:12:
                    ff:89:74:bf:8a:d2:2f:2d:ce:55:14:3b:ae:86:03:
                    26:f9:50:b3:60:bf:23:2e:78:4d:13:3d:47:36:80:
                    68:5e:e3:5f:12:52:ad:16:b3:0a:c2:ea:6b:df:3b:
                    50:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:AE:93:C3:F5:A2:F8:4E:81:85:42:FC:16:EB:FE:50:B5:15:0F:04
            X509v3 Authority Key Identifier:
                keyid:2D:A9:9D:DD:39:90:72:80:01:69:66:17:8B:F6:8E:5C:46:3C:2E:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lamd3TmQcoABaWYXi_aOXEY8LrY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c07b78-daed-4991-9db7-bec1a92a2f9f/1/Lamd3TmQcoABaWYXi_aOXEY8LrY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:ae:10:c8:0b:1b:2d:26:ec:d1:a3:04:fa:d7:5f:8f:8f:81:
         05:34:4b:3e:c0:56:26:66:1a:3d:71:68:28:29:b9:a6:c3:ad:
         32:13:a8:f0:39:f7:33:6a:44:92:9b:65:1f:45:d8:0a:f7:d9:
         27:2b:1b:1d:ce:23:0f:d4:8c:3c:fc:7c:e7:af:81:a0:76:57:
         08:25:ad:58:4b:dc:2a:e4:fb:dc:fd:7b:d5:c9:cf:9a:52:c6:
         25:2b:47:e0:21:89:8c:77:49:8c:77:1b:db:b8:df:4d:bd:24:
         41:88:1b:c1:0c:94:35:e3:ab:10:b0:d3:2d:23:c6:f3:43:aa:
         89:85:67:68:20:f0:9e:53:67:8b:26:6b:77:d4:11:9d:ed:fa:
         5e:77:a2:b4:15:8d:d2:2b:9a:d0:72:4b:77:0d:da:94:df:19:
         88:06:0e:59:05:e2:92:01:c9:e6:bf:a8:17:eb:d2:23:b5:36:
         ef:8b:3a:1d:6e:db:f9:3f:f6:f7:51:33:59:d9:57:03:91:61:
         e7:92:06:aa:e6:ce:ad:08:68:c3:16:f7:0a:02:94:31:6b:2f:
         5f:72:f3:8b:fb:1f:b4:50:62:5a:db:66:9a:79:12:96:2a:06:
         a5:bd:ff:a7:84:99:79:84:46:28:8b:d2:44:1e:e1:65:84:f0:
         34:02:81:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZnkyQjhBHgcoXp4cbsY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYTk5ZGRkMzk5MDcyODAwMTY5NjYxNzhiZjY4ZTVjNDYz
YzJlYjYwHhcNMjYwMzI5MDcwMjEyWhcNMjYwMzMwMDcwMjEyWjAzMTEwLwYDVQQD
EygwOWFlOTNjM2Y1YTJmODRlODE4NTQyZmMxNmViZmU1MGI1MTUwZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOfvwX5vX+svB7qnarq4etdZSk5U
MR7YLVOiPpNEyvGo/FuUhUMtKgU5FbkMeVo/PM6+2l/di9cKpxkTHTljAG1NBTfJ
u0XjY0dQudHDJ8gM5YV6gdPHbNL/TnwsFdTS54Z6bNpC5/8t5+lZQ32vqg3Zn9iG
sRDGs15kpo0cZLg2y02WYxXSU3rV09CRx2ykxQ0l3972kG8RsK7VOVKcHCJoLPql
WU4W8wfxqlsZngBBXwGMe1cwYhxORNczXOR6cS9vtB8f0+JTKP5Efj2GZhL/iXS/
itIvLc5VFDuuhgMm+VCzYL8jLnhNEz1HNoBoXuNfElKtFrMKwupr3ztQywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmuk8P1ovhOgYVC/Bbr/lC1FQ8EMB8GA1UdIwQY
MBaAFC2pnd05kHKAAWlmF4v2jlxGPC62MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGFtZDNUbVFjb0FCYVdZWGlfYU9YRVk4THJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jMDdiNzgtZGFlZC00OTkxLTlkYjct
YmVjMWE5MmEyZjlmLzEvTGFtZDNUbVFjb0FCYVdZWGlfYU9YRVk4THJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jMDdiNzgtZGFlZC00OTkxLTlkYjctYmVjMWE5MmEyZjlm
LzEvTGFtZDNUbVFjb0FCYVdZWGlfYU9YRVk4THJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFK4QyAsb
LSbs0aME+tdfj4+BBTRLPsBWJmYaPXFoKCm5psOtMhOo8Dn3M2pEkptlH0XYCvfZ
JysbHc4jD9SMPPx856+BoHZXCCWtWEvcKuT73P171cnPmlLGJStH4CGJjHdJjHcb
27jfTb0kQYgbwQyUNeOrELDTLSPG80OqiYVnaCDwnlNniyZrd9QRne36XneitBWN
0iua0HJLdw3alN8ZiAYOWQXikgHJ5r+oF+vSI7U274s6HW7b+T/291EzWdlXA5Fh
55IGqubOrQhowxb3CgKUMWsvX3Lzi/sftFBiWttmmnkSlioGpb3/p4SZeYRGKIvS
RB7hZYTwNAKBIA==
-----END CERTIFICATE-----