Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
File:                     ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json)
Hash identifier:          v+VWsH8hQV2s+z0lGPMFFi1f+JyBWnoIj9/MXVdLK4s=
Subject key identifier:   02:48:5F:95:68:DE:0F:81:FD:D7:03:02:4A:E2:45:AB:EE:E3:E7:FF
Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A
Certificate issuer:       /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
Certificate serial:       019D38661FE4C3A8483DC6328C406DDDE1B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
Manifest number:          14FF
Signing time:             Sun 29 Mar 2026 07:01:50 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:50 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:50 +0000
Files and hashes:         1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: mz4/gQZzr1eDr3Y33BNfawNfFuynZvk/Z/iYedZCWCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:1f:e4:c3:a8:48:3d:c6:32:8c:40:6d:dd:e1:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
        Validity
            Not Before: Mar 29 07:01:50 2026 GMT
            Not After : Mar 30 07:01:50 2026 GMT
        Subject: CN=02485f9568de0f81fdd703024ae245abeee3e7ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:d3:51:fd:26:32:2e:b5:29:dc:d5:cf:77:67:
                    c8:57:72:bb:75:39:8d:af:28:fc:1b:bf:a2:0b:a4:
                    ed:d4:1b:68:7d:4c:d6:a8:bb:ac:40:b3:2a:04:ee:
                    f7:66:f3:8e:87:9c:a7:b7:8a:25:5f:6f:49:6e:fe:
                    ae:14:ff:0c:cc:bc:69:d6:30:93:d7:26:f6:4d:61:
                    cf:83:da:95:e1:aa:a1:22:e8:c4:ae:96:9b:11:96:
                    8e:72:e7:e6:e2:ae:66:61:6f:4a:ed:47:e1:b3:2a:
                    ad:fc:01:e6:91:0a:7e:71:08:0c:a9:c9:22:65:cc:
                    5a:c8:4b:6c:ba:45:1e:1a:9e:a0:72:48:6b:65:b1:
                    91:98:73:b6:06:bc:8d:a2:06:1a:2d:0e:b5:f6:7e:
                    0e:b2:c1:e7:b1:5b:a7:34:8b:08:be:a0:39:41:84:
                    00:86:3f:9d:90:e0:70:e0:9a:69:07:0e:cd:b8:7d:
                    b0:4d:3b:3c:15:a4:33:a4:52:4d:3a:e5:22:49:48:
                    69:13:15:e5:f8:0c:92:f5:21:95:6e:93:01:e9:23:
                    e0:c5:cc:c9:1a:94:e6:5f:70:8e:d1:57:7c:37:ed:
                    92:5f:04:14:04:ec:ef:14:c3:fa:9b:11:1a:e9:20:
                    b9:bb:4a:55:75:23:c0:44:e9:df:fe:bd:32:eb:3d:
                    bc:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:48:5F:95:68:DE:0F:81:FD:D7:03:02:4A:E2:45:AB:EE:E3:E7:FF
            X509v3 Authority Key Identifier:
                keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:9e:0e:f4:d4:56:b2:57:a9:8a:41:da:ef:b8:6a:ce:c0:62:
         14:24:89:2a:19:ff:26:0b:f4:6a:c2:84:10:2b:b3:b6:20:7d:
         84:d2:88:91:ab:af:27:c5:7f:c0:d7:49:18:d9:d8:6a:23:e5:
         e3:59:10:d2:35:e0:85:03:18:ec:d2:66:20:12:9d:13:31:00:
         88:95:e1:dc:66:34:92:1a:b9:d7:14:2d:87:4e:9b:f2:46:c3:
         c5:25:33:ef:31:c9:8f:4a:e0:2f:09:e0:17:26:78:dc:51:1b:
         d8:3d:d8:ff:85:58:47:58:27:82:3e:a8:c8:c6:a6:11:ea:44:
         77:80:7e:8f:f3:8c:a2:fe:94:ff:c3:33:95:40:56:fd:b9:b8:
         e2:23:0d:fe:16:5b:be:93:b3:d3:d3:9f:6a:15:7f:e9:a6:15:
         6d:70:2d:a7:1b:25:db:1f:c9:2d:05:1d:c9:21:d3:90:b6:15:
         60:27:b0:ca:90:62:c4:0a:9f:4f:e9:cf:42:c8:0b:c9:8b:b4:
         34:94:82:f2:74:b7:7c:cf:29:7e:f3:1f:b7:76:45:fc:98:b1:
         63:5c:80:31:2f:e8:82:a2:53:a9:3c:e8:e7:08:ed:b9:e5:7f:
         7a:ea:c9:c5:de:18:b8:ed:ef:d1:c9:6c:25:ab:33:2a:4b:14:
         47:1d:4a:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zh/kw6hIPcYyjEBt3eG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi
NzgzOWEwHhcNMjYwMzI5MDcwMTUwWhcNMjYwMzMwMDcwMTUwWjAzMTEwLwYDVQQD
EygwMjQ4NWY5NTY4ZGUwZjgxZmRkNzAzMDI0YWUyNDVhYmVlZTNlN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/NNR/SYyLrUp3NXPd2fIV3K7dTmN
ryj8G7+iC6Tt1BtofUzWqLusQLMqBO73ZvOOh5ynt4olX29Jbv6uFP8MzLxp1jCT
1yb2TWHPg9qV4aqhIujErpabEZaOcufm4q5mYW9K7Ufhsyqt/AHmkQp+cQgMqcki
ZcxayEtsukUeGp6gckhrZbGRmHO2BryNogYaLQ619n4OssHnsVunNIsIvqA5QYQA
hj+dkOBw4JppBw7NuH2wTTs8FaQzpFJNOuUiSUhpExXl+AyS9SGVbpMB6SPgxczJ
GpTmX3CO0Vd8N+2SXwQUBOzvFMP6mxEa6SC5u0pVdSPAROnf/r0y6z28hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJIX5Vo3g+B/dcDAkriRavu4+f/MB8GA1UdIwQY
MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt
OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy
LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZ4O9NRW
slepikHa77hqzsBiFCSJKhn/Jgv0asKEECuztiB9hNKIkauvJ8V/wNdJGNnYaiPl
41kQ0jXghQMY7NJmIBKdEzEAiJXh3GY0khq51xQth06b8kbDxSUz7zHJj0rgLwng
FyZ43FEb2D3Y/4VYR1gngj6oyMamEepEd4B+j/OMov6U/8MzlUBW/bm44iMN/hZb
vpOz09OfahV/6aYVbXAtpxsl2x/JLQUdySHTkLYVYCewypBixAqfT+nPQsgLyYu0
NJSC8nS3fM8pfvMft3ZF/JixY1yAMS/ogqJTqTzo5wjtueV/eurJxd4YuO3v0cls
JaszKksURx1Knw==
-----END CERTIFICATE-----