Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          u+chHR5tsaQIG3/t/rBUaM5x1M3o4/F5/upSJgy+R7I=
Subject key identifier:   D0:32:6F:9F:5D:B6:CC:A9:33:D4:7B:6A:E1:C7:7C:50:63:24:B6:62
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       019D38656533D939C8FC43058452092931B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:02 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: 14wC4rCkePKqXMunKjbd0veJqPy9a9cete7Qa+pLOB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:65:33:d9:39:c8:fc:43:05:84:52:09:29:31:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Mar 29 07:01:02 2026 GMT
            Not After : Mar 30 07:01:02 2026 GMT
        Subject: CN=d0326f9f5db6cca933d47b6ae1c77c506324b662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:9e:a8:e9:d5:6a:b6:3f:a1:2c:67:02:da:5d:
                    dd:33:82:98:42:4f:df:89:64:77:bd:13:fa:1e:4b:
                    0e:19:92:5a:e9:f1:db:fb:d9:50:78:65:a8:26:b1:
                    b4:1e:43:db:87:26:8d:5a:4b:72:b9:a4:9d:88:4c:
                    de:b1:8e:e2:80:c9:57:87:1c:9b:69:d7:77:b2:90:
                    ff:f0:05:9a:04:c7:43:07:ad:9b:e5:c7:97:1b:f1:
                    93:8f:c2:9a:c2:26:ca:5c:eb:09:9a:0d:fa:08:22:
                    f9:06:61:74:29:f9:b2:f3:37:f5:17:e0:e7:e5:b2:
                    0d:b4:dc:27:b9:a1:76:3d:46:95:a1:05:22:da:82:
                    97:51:82:c5:f0:71:d1:2a:8d:2b:90:b9:e7:c5:c9:
                    e6:40:0c:70:a8:98:8f:6c:35:67:01:6e:5a:78:5d:
                    63:74:77:44:c6:85:5c:be:4b:34:10:d1:13:33:1a:
                    2b:e5:22:30:5c:79:06:df:b7:91:86:6a:ff:87:fa:
                    97:9d:de:b8:5e:00:cc:20:db:06:b3:a7:a3:94:27:
                    b7:77:2d:36:5c:e6:da:44:ad:74:45:e4:8d:cf:8b:
                    52:f1:10:4f:30:62:94:44:a5:52:11:9b:a2:8f:71:
                    78:56:a2:46:0c:8d:07:b3:bd:5d:1d:83:d6:07:0b:
                    f4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:32:6F:9F:5D:B6:CC:A9:33:D4:7B:6A:E1:C7:7C:50:63:24:B6:62
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:7b:b6:3f:6a:37:3a:46:f2:d0:6c:b6:01:c9:1f:75:b8:2d:
         b9:6d:80:38:20:78:33:b4:3f:17:a5:4d:47:4e:bd:0a:2c:ee:
         17:bb:78:12:81:ff:97:24:fc:e8:f2:9a:5e:78:e2:d4:84:d8:
         23:c7:8a:ad:e0:8b:6b:3c:ce:ab:e1:5c:31:1a:cc:a3:71:83:
         6a:8e:1c:79:64:53:0c:79:54:48:20:d7:14:6b:a5:10:a7:df:
         56:c5:c5:41:d2:25:f6:de:76:51:1f:aa:f6:24:6e:bf:96:df:
         3f:56:81:14:60:f6:91:25:26:af:0c:8c:6d:f2:4d:9c:af:3a:
         84:09:59:7e:be:fa:be:c5:a9:c5:65:83:be:e4:dd:51:ea:1a:
         d4:e0:e8:a7:63:cf:a6:ba:45:b7:89:7d:18:95:c1:d5:a6:e2:
         e6:f4:83:a3:1c:98:f5:5d:a8:ef:e9:6b:20:be:52:25:41:52:
         36:cb:ee:f5:b7:86:e0:b4:52:35:06:e8:b8:67:fd:45:39:8f:
         39:e9:2b:7e:7b:4d:c1:70:b0:ef:9c:59:13:08:45:8e:03:da:
         88:0d:8b:8e:b7:3a:9b:8e:5b:78:3a:1b:c9:d6:cf:8d:47:a5:
         c5:08:0d:6a:2c:0f:aa:a8:97:91:e1:09:39:ab:e4:cb:3d:3e:
         c3:4a:11:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWUz2TnI/EMFhFIJKTGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjYwMzI5MDcwMTAyWhcNMjYwMzMwMDcwMTAyWjAzMTEwLwYDVQQD
EyhkMDMyNmY5ZjVkYjZjY2E5MzNkNDdiNmFlMWM3N2M1MDYzMjRiNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p6o6dVqtj+hLGcC2l3dM4KYQk/f
iWR3vRP6HksOGZJa6fHb+9lQeGWoJrG0HkPbhyaNWktyuaSdiEzesY7igMlXhxyb
add3spD/8AWaBMdDB62b5ceXG/GTj8KawibKXOsJmg36CCL5BmF0Kfmy8zf1F+Dn
5bINtNwnuaF2PUaVoQUi2oKXUYLF8HHRKo0rkLnnxcnmQAxwqJiPbDVnAW5aeF1j
dHdExoVcvks0ENETMxor5SIwXHkG37eRhmr/h/qXnd64XgDMINsGs6ejlCe3dy02
XObaRK10ReSNz4tS8RBPMGKURKVSEZuij3F4VqJGDI0Hs71dHYPWBwv0FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAyb59dtsypM9R7auHHfFBjJLZiMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnu2P2o3
Okby0Gy2AckfdbgtuW2AOCB4M7Q/F6VNR069CizuF7t4EoH/lyT86PKaXnji1ITY
I8eKreCLazzOq+FcMRrMo3GDao4ceWRTDHlUSCDXFGulEKffVsXFQdIl9t52UR+q
9iRuv5bfP1aBFGD2kSUmrwyMbfJNnK86hAlZfr76vsWpxWWDvuTdUeoa1ODop2PP
prpFt4l9GJXB1abi5vSDoxyY9V2o7+lrIL5SJUFSNsvu9beG4LRSNQbouGf9RTmP
OekrfntNwXCw75xZEwhFjgPaiA2Ljrc6m45beDobydbPjUelxQgNaiwPqqiXkeEJ
Oavkyz0+w0oRyw==
-----END CERTIFICATE-----