Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
File:                     LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft (raw, json)
Hash identifier:          iRlAsD0S+GWAlU3ambq8QGPSci33yxxylY7PxdrfkMQ=
Subject key identifier:   1B:B2:25:32:D6:6B:5B:AB:E1:18:1B:93:23:F2:3C:39:1C:4F:4E:7C
Authority key identifier: 2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92
Certificate issuer:       /CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
Certificate serial:       019D3A1CDB8071F253CC0E1BD962FBB2514D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
Manifest number:          05A4
Signing time:             Sun 29 Mar 2026 15:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 15:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 15:01:02 +0000
Files and hashes:         1: LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl (hash: +wgjspLpuxmYjKte/6E6vsWgOvS+DCHh45sy4U1P8eA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:db:80:71:f2:53:cc:0e:1b:d9:62:fb:b2:51:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
        Validity
            Not Before: Mar 29 15:01:02 2026 GMT
            Not After : Mar 30 15:01:02 2026 GMT
        Subject: CN=1bb22532d66b5babe1181b9323f23c391c4f4e7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e0:4f:cf:43:b5:ac:75:75:32:e4:7d:f3:a0:
                    47:b5:2d:0c:3c:12:60:4c:df:26:ff:67:1b:67:35:
                    b1:66:d9:1b:af:7a:a3:bc:44:a2:f6:64:43:52:a7:
                    f3:8a:8a:32:8f:d4:49:20:d7:0d:2e:db:2f:fa:85:
                    73:61:98:af:c6:6b:7e:72:9b:12:e6:92:02:ee:0a:
                    6a:9f:9a:3c:08:6b:07:56:55:d1:31:10:15:60:11:
                    47:09:10:cd:d0:6d:de:05:5d:44:9f:d9:e0:1b:3b:
                    c6:6e:bd:f7:f8:67:b1:3a:b3:d1:ef:21:9d:99:53:
                    a7:46:e1:33:4e:a4:a4:30:f3:ab:2b:34:b9:1d:ca:
                    21:fb:a3:4d:c4:e2:21:0d:ac:eb:b7:16:8f:7d:97:
                    c9:fa:ce:ed:68:3a:f9:c4:ee:61:05:74:3c:50:82:
                    30:b1:8c:a5:3d:1e:fd:99:3f:85:e9:da:d2:75:fc:
                    7f:d3:94:f3:83:c0:c4:61:5c:fe:ab:d9:d5:43:68:
                    e0:fe:13:dd:32:1b:4d:40:3f:e4:42:ee:77:58:89:
                    96:fb:2b:cd:03:ab:97:ed:b6:9a:db:60:4d:c4:52:
                    0b:6e:0f:1d:fb:a7:99:e5:fe:81:8e:d1:42:2f:2a:
                    67:9c:fd:07:4c:4e:04:7d:43:2f:7b:d1:46:87:30:
                    c0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B2:25:32:D6:6B:5B:AB:E1:18:1B:93:23:F2:3C:39:1C:4F:4E:7C
            X509v3 Authority Key Identifier:
                keyid:2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:67:c1:20:d7:e1:cf:c9:72:23:64:61:f0:70:34:3b:73:80:
         ba:59:ac:ef:7f:a3:89:e5:8e:aa:e0:e0:ae:69:bb:aa:63:af:
         08:6f:b2:f0:8d:99:62:c4:d7:55:fc:50:d5:7e:79:bd:25:11:
         88:35:7a:e6:7b:b5:db:b9:ac:33:c7:39:3a:70:6d:d8:23:96:
         cc:82:68:3f:95:c3:f1:03:5c:53:a0:0f:27:e9:82:f0:3e:be:
         11:4e:2d:ea:36:dc:87:0e:a0:f4:ad:08:b5:c4:3e:08:ac:02:
         04:64:bc:1b:19:46:d9:f0:df:38:9c:46:c7:38:16:25:30:c7:
         75:e7:1f:7a:a6:02:7d:b5:df:dc:3c:eb:fb:a2:33:2a:38:ae:
         4e:2f:e1:5e:1b:9d:43:2f:34:29:9f:31:da:43:de:0d:54:5d:
         62:c1:e5:35:0a:95:f4:4b:ce:a4:9a:1c:1f:92:64:9e:20:24:
         90:51:01:f3:49:81:e3:85:5d:1f:81:4b:c3:fe:14:c8:b6:31:
         0b:28:39:61:29:2d:63:33:59:a1:60:0e:3c:e5:f8:94:fc:f5:
         4f:2d:41:4c:20:67:e3:a3:0e:21:76:94:e9:a5:e5:c2:63:75:
         c9:40:3b:87:fa:44:2d:e6:c8:f9:ae:c1:6a:3f:ed:ad:56:32:
         dd:c4:2b:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HNuAcfJTzA4b2WL7slFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTViNzNhN2MyZDEzMWVjMTRlYmQ5MDcxNzE4YjU0YzNm
YmE2OTIwHhcNMjYwMzI5MTUwMTAyWhcNMjYwMzMwMTUwMTAyWjAzMTEwLwYDVQQD
EygxYmIyMjUzMmQ2NmI1YmFiZTExODFiOTMyM2YyM2MzOTFjNGY0ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+BPz0O1rHV1MuR986BHtS0MPBJg
TN8m/2cbZzWxZtkbr3qjvESi9mRDUqfziooyj9RJINcNLtsv+oVzYZivxmt+cpsS
5pIC7gpqn5o8CGsHVlXRMRAVYBFHCRDN0G3eBV1En9ngGzvGbr33+GexOrPR7yGd
mVOnRuEzTqSkMPOrKzS5Hcoh+6NNxOIhDazrtxaPfZfJ+s7taDr5xO5hBXQ8UIIw
sYylPR79mT+F6drSdfx/05Tzg8DEYVz+q9nVQ2jg/hPdMhtNQD/kQu53WImW+yvN
A6uX7baa22BNxFILbg8d+6eZ5f6BjtFCLypnnP0HTE4EfUMve9FGhzDAeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuyJTLWa1ur4RgbkyPyPDkcT058MB8GA1UdIwQY
MBaAFC8Vtzp8LRMewU69kHFxi1TD+6aSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgt
MGViNDVlZjYyZDhkLzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgtMGViNDVlZjYyZDhk
LzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGfBINfh
z8lyI2Rh8HA0O3OAulms73+jieWOquDgrmm7qmOvCG+y8I2ZYsTXVfxQ1X55vSUR
iDV65nu127msM8c5OnBt2COWzIJoP5XD8QNcU6APJ+mC8D6+EU4t6jbchw6g9K0I
tcQ+CKwCBGS8GxlG2fDfOJxGxzgWJTDHdecfeqYCfbXf3Dzr+6IzKjiuTi/hXhud
Qy80KZ8x2kPeDVRdYsHlNQqV9EvOpJocH5JkniAkkFEB80mB44VdH4FLw/4UyLYx
Cyg5YSktYzNZoWAOPOX4lPz1Ty1BTCBn46MOIXaU6aXlwmN1yUA7h/pELebI+a7B
aj/trVYy3cQrCQ==
-----END CERTIFICATE-----