Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
File:                     LkWQWSMqS7ky9j-w37ZUk-ucgng.mft (raw, json)
Hash identifier:          O8xxr/BQcLM1wyGU2XopB4EwLR7VniI06zykkauVau0=
Subject key identifier:   4B:10:94:61:50:54:6E:03:BC:27:79:26:25:62:AC:59:E4:7E:62:9D
Authority key identifier: 2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78
Certificate issuer:       /CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
Certificate serial:       019D38665CADD19EC4EB274BF437EEDBC2EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
Manifest number:          181E
Signing time:             Sun 29 Mar 2026 07:02:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:05 +0000
Files and hashes:         1: LkWQWSMqS7ky9j-w37ZUk-ucgng.crl (hash: ySNtnBLzljyhy8gYkB99xbxHnTWRfTb0rOBMBqIWwyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:5c:ad:d1:9e:c4:eb:27:4b:f4:37:ee:db:c2:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
        Validity
            Not Before: Mar 29 07:02:05 2026 GMT
            Not After : Mar 30 07:02:05 2026 GMT
        Subject: CN=4b10946150546e03bc2779262562ac59e47e629d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:68:8e:63:13:f3:2c:fa:05:ef:3e:d4:fe:97:
                    f8:a6:65:d0:5a:5b:eb:10:b4:30:48:22:17:05:6a:
                    2e:74:f5:dd:d2:97:e3:07:4b:23:19:fd:c3:70:40:
                    fc:5c:db:ab:78:60:85:51:db:7b:90:d0:ea:c5:9e:
                    d5:84:17:8e:5f:33:46:81:a2:99:e3:30:40:ac:58:
                    76:63:f3:e1:86:48:21:19:4d:e3:da:b2:65:2e:5d:
                    b4:ba:fa:5c:bd:43:49:43:fb:7a:ee:d6:05:d1:83:
                    82:48:ad:d6:28:45:e7:04:46:3d:8e:9b:5b:52:1c:
                    17:94:96:18:65:53:98:73:ef:e4:3d:54:6c:d9:48:
                    1b:86:df:c1:cf:00:a2:54:3f:50:2c:61:9f:51:6c:
                    90:f7:24:5b:d9:88:0a:18:65:e7:b1:20:08:e1:9b:
                    32:cd:0d:18:2a:12:29:3a:2d:c3:19:9e:49:9d:e1:
                    3c:6a:b3:b5:56:d3:91:97:1a:8e:6c:e3:fb:a6:40:
                    9b:0e:11:9a:06:a1:76:b5:ad:e0:ed:7a:33:0b:84:
                    92:da:7c:6e:bf:31:e0:ae:58:19:f9:65:3d:bd:b6:
                    bd:b8:52:1d:8e:94:7b:a4:a8:9a:57:69:2d:6b:9b:
                    35:81:39:03:77:be:84:4e:fd:8f:b7:52:8d:65:ed:
                    09:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:10:94:61:50:54:6E:03:BC:27:79:26:25:62:AC:59:E4:7E:62:9D
            X509v3 Authority Key Identifier:
                keyid:2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:2d:7e:4a:2c:77:10:c8:67:1f:0d:2f:50:17:ff:cf:6e:b9:
         fd:3f:bd:59:20:bc:96:d6:5f:7b:22:da:b6:75:18:54:66:7f:
         ff:33:5e:bc:3b:83:72:09:00:a5:a0:d9:31:f0:dc:cc:97:66:
         94:34:f7:8c:67:3d:f0:79:e4:73:31:1e:e4:ff:d2:05:4d:87:
         b7:79:03:39:48:c5:8f:ae:9d:63:07:75:6c:aa:89:2d:50:53:
         5b:d5:55:60:2f:e4:f4:1d:45:02:2b:28:34:ad:0d:e8:38:4a:
         92:6e:f3:8f:9d:a4:bd:18:72:03:be:cd:9d:78:b1:3d:21:3f:
         73:25:f7:b0:cb:89:7e:fb:b2:49:58:ae:23:56:06:f7:dd:41:
         cc:f4:56:2e:cb:8b:b4:8a:e7:ce:25:c5:b5:6a:03:ef:74:b0:
         67:d8:e6:6f:c0:c7:51:e2:dd:ec:98:91:51:8f:2b:47:c7:78:
         4a:67:91:4d:2f:a6:24:fa:27:c3:f8:58:cb:35:59:24:5b:f5:
         06:aa:f5:73:0b:48:c7:9a:da:e8:88:1b:af:d1:43:85:62:d0:
         78:70:0d:4f:98:e3:f6:01:3b:ef:4b:8a:35:2b:22:76:a8:b9:
         72:15:3a:7b:67:d9:70:63:ac:f2:55:bf:74:8f:b0:68:b1:11:
         28:b7:19:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zlyt0Z7E6ydL9Dfu28LqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDU5MDU5MjMyYTRiYjkzMmY2M2ZiMGRmYjY1NDkzZWI5
YzgyNzgwHhcNMjYwMzI5MDcwMjA1WhcNMjYwMzMwMDcwMjA1WjAzMTEwLwYDVQQD
Eyg0YjEwOTQ2MTUwNTQ2ZTAzYmMyNzc5MjYyNTYyYWM1OWU0N2U2MjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmiOYxPzLPoF7z7U/pf4pmXQWlvr
ELQwSCIXBWoudPXd0pfjB0sjGf3DcED8XNureGCFUdt7kNDqxZ7VhBeOXzNGgaKZ
4zBArFh2Y/PhhkghGU3j2rJlLl20uvpcvUNJQ/t67tYF0YOCSK3WKEXnBEY9jptb
UhwXlJYYZVOYc+/kPVRs2Ugbht/BzwCiVD9QLGGfUWyQ9yRb2YgKGGXnsSAI4Zsy
zQ0YKhIpOi3DGZ5JneE8arO1VtORlxqObOP7pkCbDhGaBqF2ta3g7XozC4SS2nxu
vzHgrlgZ+WU9vba9uFIdjpR7pKiaV2kta5s1gTkDd76ETv2Pt1KNZe0JCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsQlGFQVG4DvCd5JiVirFnkfmKdMB8GA1UdIwQY
MBaAFC5FkFkjKku5MvY/sN+2VJPrnIJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQt
NDg1ZWRhMzQ5OThmLzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQtNDg1ZWRhMzQ5OThm
LzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqy1+Six3
EMhnHw0vUBf/z265/T+9WSC8ltZfeyLatnUYVGZ//zNevDuDcgkApaDZMfDczJdm
lDT3jGc98HnkczEe5P/SBU2Ht3kDOUjFj66dYwd1bKqJLVBTW9VVYC/k9B1FAiso
NK0N6DhKkm7zj52kvRhyA77NnXixPSE/cyX3sMuJfvuySViuI1YG991BzPRWLsuL
tIrnziXFtWoD73SwZ9jmb8DHUeLd7JiRUY8rR8d4SmeRTS+mJPonw/hYyzVZJFv1
Bqr1cwtIx5ra6Igbr9FDhWLQeHANT5jj9gE770uKNSsidqi5chU6e2fZcGOs8lW/
dI+waLERKLcZgQ==
-----END CERTIFICATE-----