Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
File:                     LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft (raw, json)
Hash identifier:          9Lw5soYeqs5vY/A+WPBK807UrGEvhTtoCGCaSek3+SY=
Subject key identifier:   91:75:DA:0C:EB:BD:6E:30:C0:9F:5C:B1:A8:45:7D:31:EE:FC:1C:F0
Authority key identifier: 2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D
Certificate issuer:       /CN=2d909367dbddd1e4866bd89eaf727598a47b583d
Certificate serial:       019D38658315274FCE9CE80A7F2AEDECAC2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:09 +0000
Files and hashes:         1: LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl (hash: c3rIjLTbnoRwmJz18iWDJ4lJSpUL7M8KDejMp4JEPUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:83:15:27:4f:ce:9c:e8:0a:7f:2a:ed:ec:ac:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d909367dbddd1e4866bd89eaf727598a47b583d
        Validity
            Not Before: Mar 29 07:01:09 2026 GMT
            Not After : Mar 30 07:01:09 2026 GMT
        Subject: CN=9175da0cebbd6e30c09f5cb1a8457d31eefc1cf0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c6:06:19:df:cf:93:17:fe:fa:ad:d0:3a:31:
                    1a:87:15:43:d7:03:47:ce:6e:26:f8:a9:50:41:59:
                    52:cb:73:92:7b:e7:6a:d7:01:4e:10:f1:5e:16:c6:
                    0b:ad:78:1b:c3:57:d8:40:3c:bc:91:e0:f3:66:91:
                    bb:fc:ac:f1:45:27:50:93:10:d3:9e:25:45:e7:38:
                    86:7a:80:9c:00:8f:43:fc:63:f2:5d:b8:9d:2b:bb:
                    cd:ee:96:15:f0:5a:1e:5b:b2:ee:23:46:95:a0:eb:
                    8c:5b:9a:ac:53:53:da:c5:34:6e:c2:02:35:27:bf:
                    25:3b:e2:77:c1:f9:d6:24:fd:df:de:aa:40:da:37:
                    ba:87:b9:a3:4e:b3:34:97:83:57:1d:a2:f8:7a:34:
                    54:81:66:24:8a:70:45:6b:35:c2:14:fe:cc:0a:e8:
                    c7:71:7e:a8:95:73:9e:65:f2:ca:d0:00:a1:8f:42:
                    67:7f:eb:6f:64:c9:c4:41:95:bd:d9:47:ab:5c:d4:
                    2f:70:86:0d:9b:bf:a4:00:3e:d9:89:00:47:c3:16:
                    0b:76:2b:1f:7d:f2:8d:e5:7e:e9:e9:ef:b8:2c:05:
                    a7:99:ef:75:13:71:0c:c0:ae:2c:45:45:b1:28:e7:
                    dc:48:5b:67:17:04:74:40:c1:88:4f:c2:2b:5a:a3:
                    94:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:75:DA:0C:EB:BD:6E:30:C0:9F:5C:B1:A8:45:7D:31:EE:FC:1C:F0
            X509v3 Authority Key Identifier:
                keyid:2D:90:93:67:DB:DD:D1:E4:86:6B:D8:9E:AF:72:75:98:A4:7B:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZCTZ9vd0eSGa9ier3J1mKR7WD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4c941d-992d-4eef-88f5-f0f8008dfc4c/1/LZCTZ9vd0eSGa9ier3J1mKR7WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:25:9d:6c:4e:26:66:66:9b:90:db:92:2e:bb:f5:6c:fd:17:
         e8:55:9c:3b:cb:b7:aa:59:0f:8b:06:a9:c1:30:0b:6a:fa:80:
         f0:35:2f:4a:1b:ee:5c:41:b8:3b:b8:be:26:4a:8c:22:77:63:
         b7:a2:46:2e:b8:e4:7a:1d:33:23:b6:ad:1b:f5:a7:ec:52:c6:
         04:32:46:c6:e8:ee:f3:f2:ad:97:13:fd:bf:c1:b2:4a:a1:47:
         58:fb:b7:1e:54:e7:4d:2a:dc:7e:ac:a6:44:d1:af:64:ea:d7:
         92:22:72:20:93:8c:09:99:68:8c:62:45:a2:bb:2e:ab:b1:1a:
         05:63:b5:a5:62:8c:31:bf:43:41:d9:a4:94:d5:05:5c:98:ac:
         5f:2b:06:65:e0:70:30:72:be:f0:10:3f:df:52:77:3d:bb:02:
         0d:cf:c5:2f:62:a2:a8:8b:b9:01:99:24:86:0c:d2:26:c5:09:
         e9:c7:c0:ab:4d:f8:1f:7e:76:71:19:9a:38:1b:9e:6d:3e:7a:
         94:6d:1e:46:d6:7b:b6:90:6b:1b:b3:d0:de:ba:15:f6:dc:a2:
         b3:2a:0f:59:c9:35:23:d1:11:36:63:54:5e:3f:a6:b0:91:6a:
         4b:2b:fa:0c:d1:de:ec:ba:8f:4e:c8:6c:0c:ae:f2:8d:46:bc:
         59:10:ba:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYMVJ0/OnOgKfyrt7KwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTA5MzY3ZGJkZGQxZTQ4NjZiZDg5ZWFmNzI3NTk4YTQ3
YjU4M2QwHhcNMjYwMzI5MDcwMTA5WhcNMjYwMzMwMDcwMTA5WjAzMTEwLwYDVQQD
Eyg5MTc1ZGEwY2ViYmQ2ZTMwYzA5ZjVjYjFhODQ1N2QzMWVlZmMxY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksYGGd/Pkxf++q3QOjEahxVD1wNH
zm4m+KlQQVlSy3OSe+dq1wFOEPFeFsYLrXgbw1fYQDy8keDzZpG7/KzxRSdQkxDT
niVF5ziGeoCcAI9D/GPyXbidK7vN7pYV8FoeW7LuI0aVoOuMW5qsU1PaxTRuwgI1
J78lO+J3wfnWJP3f3qpA2je6h7mjTrM0l4NXHaL4ejRUgWYkinBFazXCFP7MCujH
cX6olXOeZfLK0AChj0Jnf+tvZMnEQZW92UerXNQvcIYNm7+kAD7ZiQBHwxYLdisf
ffKN5X7p6e+4LAWnme91E3EMwK4sRUWxKOfcSFtnFwR0QMGIT8IrWqOU5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJF12gzrvW4wwJ9csahFfTHu/BzwMB8GA1UdIwQY
MBaAFC2Qk2fb3dHkhmvYnq9ydZike1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUt
ZjBmODAwOGRmYzRjLzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80Yzk0MWQtOTkyZC00ZWVmLTg4ZjUtZjBmODAwOGRmYzRj
LzEvTFpDVFo5dmQwZVNHYTlpZXIzSjFtS1I3V0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArSWdbE4m
ZmabkNuSLrv1bP0X6FWcO8u3qlkPiwapwTALavqA8DUvShvuXEG4O7i+JkqMIndj
t6JGLrjkeh0zI7atG/Wn7FLGBDJGxuju8/KtlxP9v8GySqFHWPu3HlTnTSrcfqym
RNGvZOrXkiJyIJOMCZlojGJForsuq7EaBWO1pWKMMb9DQdmklNUFXJisXysGZeBw
MHK+8BA/31J3PbsCDc/FL2KiqIu5AZkkhgzSJsUJ6cfAq034H352cRmaOBuebT56
lG0eRtZ7tpBrG7PQ3roV9tyisyoPWck1I9ERNmNUXj+msJFqSyv6DNHe7LqPTshs
DK7yjUa8WRC64Q==
-----END CERTIFICATE-----