Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
File:                     LSdW5QjQEzSbJE4wfX8jliafJwg.mft (raw, json)
Hash identifier:          UBWnj18s5psamMambGRCJczB3OvbX9l0wttSlDXw7z4=
Subject key identifier:   F2:07:6C:92:B9:43:BA:BB:1E:50:6A:01:93:A7:F7:25:8B:9B:8B:E6
Authority key identifier: 2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08
Certificate issuer:       /CN=2d2756e508d013349b244e307d7f2396269f2708
Certificate serial:       019D3977AC76EC7827147763C7C5D53FB24D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
Manifest number:          1520
Signing time:             Sun 29 Mar 2026 12:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:37 +0000
Files and hashes:         1: LSdW5QjQEzSbJE4wfX8jliafJwg.crl (hash: upa/Dt3zcMxIHblYfqvY6Y3rO6cI+etAutV8i+5ou7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:ac:76:ec:78:27:14:77:63:c7:c5:d5:3f:b2:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d2756e508d013349b244e307d7f2396269f2708
        Validity
            Not Before: Mar 29 12:00:37 2026 GMT
            Not After : Mar 30 12:00:37 2026 GMT
        Subject: CN=f2076c92b943babb1e506a0193a7f7258b9b8be6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:eb:21:54:f7:e0:55:c8:a1:d9:e7:14:d8:42:
                    d6:2c:20:eb:64:47:6f:43:0b:33:ae:d6:fa:4d:8d:
                    c4:4f:34:77:6a:45:4f:68:34:b8:df:e7:36:26:a0:
                    87:a9:a7:21:e9:5e:fe:df:d2:87:5f:f4:73:86:e4:
                    18:a2:02:cb:64:b2:c4:04:1c:d9:5b:ff:5e:e6:e7:
                    66:f0:00:43:56:3a:da:e6:d8:d4:fb:da:0e:ad:25:
                    24:17:2a:2b:75:8b:07:76:39:f4:c1:f7:e7:fc:04:
                    c1:4e:f2:31:3d:4a:64:52:79:2f:fd:a5:bb:8f:3f:
                    be:e5:61:15:cb:cc:18:46:2e:8b:3a:fa:99:f7:f7:
                    06:dc:b1:64:04:0a:0e:21:21:0d:60:97:92:53:47:
                    ea:7a:34:0f:ca:92:92:3d:2b:90:e9:9a:43:4f:07:
                    2f:21:7e:c6:e8:1f:cd:8d:c7:29:dc:b1:38:6c:fe:
                    c2:14:f2:20:7e:6d:90:44:19:2e:ee:5c:d4:75:19:
                    e7:61:4d:1b:49:20:47:a3:4d:bd:ce:f5:f1:b7:09:
                    a6:1f:e7:a8:ca:7c:d2:62:d1:dc:4d:ba:47:d1:24:
                    9d:78:43:eb:3e:1d:d4:e0:1c:e2:f7:f2:8c:19:05:
                    ec:1f:7b:e5:96:8a:2c:34:3e:92:bd:b6:5c:96:ef:
                    71:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:07:6C:92:B9:43:BA:BB:1E:50:6A:01:93:A7:F7:25:8B:9B:8B:E6
            X509v3 Authority Key Identifier:
                keyid:2D:27:56:E5:08:D0:13:34:9B:24:4E:30:7D:7F:23:96:26:9F:27:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSdW5QjQEzSbJE4wfX8jliafJwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/76a471-08e0-49e6-9537-53b55fae023d/1/LSdW5QjQEzSbJE4wfX8jliafJwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:cb:1e:74:da:29:99:e7:f0:0a:07:77:1c:de:2a:11:32:ef:
         b5:82:74:4b:13:30:ca:1e:8b:9d:57:bb:75:d8:ea:e5:bb:b6:
         9a:05:d8:f0:73:27:4b:76:42:3d:e7:3a:f5:47:5a:ce:e3:34:
         2a:3f:1f:89:fc:f9:69:ca:c4:42:e0:3d:21:26:ac:da:ae:9c:
         ee:ee:4a:c6:ae:fa:8e:1a:64:df:3d:18:71:c2:87:ad:e2:62:
         c1:12:56:79:a9:b2:9e:22:64:1a:3c:be:26:95:b1:3a:8d:b0:
         52:45:72:32:4c:9b:8d:74:96:c8:d3:38:b3:50:b7:40:15:2a:
         d4:72:b9:7d:2b:3a:28:b3:ea:a1:0d:b0:e6:db:bb:f7:d7:b4:
         f0:d3:a2:87:80:a6:ee:e4:d2:99:63:01:21:ce:7e:ee:c4:14:
         2f:8a:73:ae:95:7d:38:63:97:76:c2:04:16:82:f6:a2:16:99:
         8e:78:81:3b:a3:5b:9c:56:e2:95:13:86:54:f3:7f:4d:52:d0:
         f6:48:12:9f:29:06:a0:03:4f:56:4c:4a:90:bf:08:7c:7e:62:
         aa:98:fe:0f:6c:a5:07:4d:fd:3d:66:ea:c5:5b:1b:2a:c7:1b:
         48:27:21:ff:ee:41:59:63:79:c2:b2:1b:1d:00:bd:e8:c7:0d:
         3f:75:35:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d6x27HgnFHdjx8XVP7JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjc1NmU1MDhkMDEzMzQ5YjI0NGUzMDdkN2YyMzk2MjY5
ZjI3MDgwHhcNMjYwMzI5MTIwMDM3WhcNMjYwMzMwMTIwMDM3WjAzMTEwLwYDVQQD
EyhmMjA3NmM5MmI5NDNiYWJiMWU1MDZhMDE5M2E3ZjcyNThiOWI4YmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoushVPfgVcih2ecU2ELWLCDrZEdv
Qwszrtb6TY3ETzR3akVPaDS43+c2JqCHqach6V7+39KHX/RzhuQYogLLZLLEBBzZ
W/9e5udm8ABDVjra5tjU+9oOrSUkFyordYsHdjn0wffn/ATBTvIxPUpkUnkv/aW7
jz++5WEVy8wYRi6LOvqZ9/cG3LFkBAoOISENYJeSU0fqejQPypKSPSuQ6ZpDTwcv
IX7G6B/Njccp3LE4bP7CFPIgfm2QRBku7lzUdRnnYU0bSSBHo029zvXxtwmmH+eo
ynzSYtHcTbpH0SSdeEPrPh3U4Bzi9/KMGQXsH3vlloosND6SvbZclu9x6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIHbJK5Q7q7HlBqAZOn9yWLm4vmMB8GA1UdIwQY
MBaAFC0nVuUI0BM0myROMH1/I5YmnycIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1Mzct
NTNiNTVmYWUwMjNkLzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NmE0NzEtMDhlMC00OWU2LTk1MzctNTNiNTVmYWUwMjNk
LzEvTFNkVzVRalFFelNiSkU0d2ZYOGpsaWFmSndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEMsedNop
mefwCgd3HN4qETLvtYJ0SxMwyh6LnVe7ddjq5bu2mgXY8HMnS3ZCPec69UdazuM0
Kj8fifz5acrEQuA9ISas2q6c7u5Kxq76jhpk3z0YccKHreJiwRJWeamyniJkGjy+
JpWxOo2wUkVyMkybjXSWyNM4s1C3QBUq1HK5fSs6KLPqoQ2w5tu799e08NOih4Cm
7uTSmWMBIc5+7sQUL4pzrpV9OGOXdsIEFoL2ohaZjniBO6NbnFbilROGVPN/TVLQ
9kgSnykGoANPVkxKkL8IfH5iqpj+D2ylB039PWbqxVsbKscbSCch/+5BWWN5wrIb
HQC96McNP3U1eA==
-----END CERTIFICATE-----