Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
File:                     lcGSBnFsXHnTW_FZJNszI6TsGMg.mft (raw, json)
Hash identifier:          Nog2DEHTtN+oLDQMGe7wu+boOM+sMZRO/APzSAhSmQU=
Subject key identifier:   19:21:7A:84:3B:0B:86:AE:11:B4:2C:B4:FF:B9:17:0D:98:23:C5:35
Authority key identifier: 95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8
Certificate issuer:       /CN=95c19206716c5c79d35bf15924db3323a4ec18c8
Certificate serial:       019D3AF7F946E006C0F5F18DC64D64059A3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
Manifest number:          1460
Signing time:             Sun 29 Mar 2026 19:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 19:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 19:00:22 +0000
Files and hashes:         1: lcGSBnFsXHnTW_FZJNszI6TsGMg.crl (hash: I1NnADBJwtOSpWRj3jXn9C056M0vyV996p8QXSyzjng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f7:f9:46:e0:06:c0:f5:f1:8d:c6:4d:64:05:9a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95c19206716c5c79d35bf15924db3323a4ec18c8
        Validity
            Not Before: Mar 29 19:00:22 2026 GMT
            Not After : Mar 30 19:00:22 2026 GMT
        Subject: CN=19217a843b0b86ae11b42cb4ffb9170d9823c535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e2:40:c8:86:e7:30:5b:94:c8:7e:6a:35:1c:
                    75:15:a9:76:b0:a0:9e:df:d0:1b:c1:b3:4b:a1:82:
                    48:68:07:34:10:fd:3a:84:e4:ec:45:16:36:b4:ee:
                    63:59:e0:ca:b8:e6:b4:a0:93:87:4c:f5:d9:7f:e9:
                    3b:c5:f8:16:87:4d:49:ce:86:65:67:b3:06:2f:d4:
                    dc:ec:ea:68:ee:3e:fd:a2:21:fc:dd:14:1e:db:a5:
                    60:e9:f2:72:f9:df:08:7b:75:ca:db:8e:8f:68:8b:
                    4b:d8:0d:66:2b:c1:2d:fb:c4:e8:14:95:d8:52:21:
                    f8:d9:0e:b2:a2:df:ae:fb:b3:c3:18:f2:e2:ee:ef:
                    56:bb:5e:87:6c:d0:89:b8:35:c5:2b:d4:ff:bd:a1:
                    4e:d6:30:6c:75:a8:bd:90:fa:89:2c:9f:a6:74:08:
                    63:77:56:a5:24:72:02:04:3c:e7:15:c4:c6:e0:05:
                    fd:5e:f3:03:4d:5b:8e:12:4b:03:23:f5:b5:a1:00:
                    2d:43:63:e8:da:24:c1:84:cc:59:e0:7f:60:c4:48:
                    02:a9:d6:f5:c5:4e:23:b1:ba:a2:98:90:6b:43:7a:
                    0c:1b:85:c2:b3:57:f9:d0:1b:6e:a4:07:87:4e:ff:
                    68:2e:da:20:eb:b8:36:33:3d:dd:1c:55:f5:3a:8a:
                    1b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:21:7A:84:3B:0B:86:AE:11:B4:2C:B4:FF:B9:17:0D:98:23:C5:35
            X509v3 Authority Key Identifier:
                keyid:95:C1:92:06:71:6C:5C:79:D3:5B:F1:59:24:DB:33:23:A4:EC:18:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lcGSBnFsXHnTW_FZJNszI6TsGMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3feed9-ce5f-4a22-99b9-a4a9cc471599/1/lcGSBnFsXHnTW_FZJNszI6TsGMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:70:0f:71:94:4b:98:af:f4:75:45:62:0a:45:80:12:83:69:
         6a:20:ac:56:7c:0e:09:3f:78:14:88:dc:08:14:60:86:43:e0:
         ef:66:ce:27:b3:e8:07:16:37:1f:71:c8:98:54:82:b0:37:6e:
         33:20:62:74:41:21:89:38:1e:f1:3f:c2:a3:06:d7:6f:4a:58:
         03:98:f9:b5:66:e4:ce:83:10:9e:2a:7e:00:75:31:ec:e8:37:
         24:74:f6:58:f3:4b:d9:bc:72:6f:a2:9e:89:76:f9:2c:58:8c:
         61:88:ef:97:18:97:04:5e:36:1a:c7:32:79:af:84:cf:c2:b1:
         39:12:1b:a3:12:a4:ec:dd:5c:14:1b:3b:97:5c:f2:87:41:04:
         11:09:aa:9b:7b:8d:9b:38:82:76:41:96:ff:62:88:7a:a2:80:
         6b:9a:2b:e1:7b:8b:bc:55:f8:63:6c:db:e4:4d:eb:b5:3c:70:
         9e:3c:c5:c8:7a:79:c4:31:7b:6d:0a:12:c5:21:cb:ea:2f:f3:
         36:02:fd:79:8c:93:15:57:7f:69:09:28:cf:bf:a6:5c:2f:41:
         31:8a:33:36:80:99:14:4d:24:03:9f:19:76:cf:74:0a:40:b2:
         88:9f:15:03:54:66:16:3d:67:3b:6c:1b:75:3c:f2:69:4c:70:
         e5:8f:a4:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ069/lG4AbA9fGNxk1kBZo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YzE5MjA2NzE2YzVjNzlkMzViZjE1OTI0ZGIzMzIzYTRl
YzE4YzgwHhcNMjYwMzI5MTkwMDIyWhcNMjYwMzMwMTkwMDIyWjAzMTEwLwYDVQQD
EygxOTIxN2E4NDNiMGI4NmFlMTFiNDJjYjRmZmI5MTcwZDk4MjNjNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOJAyIbnMFuUyH5qNRx1Fal2sKCe
39AbwbNLoYJIaAc0EP06hOTsRRY2tO5jWeDKuOa0oJOHTPXZf+k7xfgWh01JzoZl
Z7MGL9Tc7Opo7j79oiH83RQe26Vg6fJy+d8Ie3XK246PaItL2A1mK8Et+8ToFJXY
UiH42Q6yot+u+7PDGPLi7u9Wu16HbNCJuDXFK9T/vaFO1jBsdai9kPqJLJ+mdAhj
d1alJHICBDznFcTG4AX9XvMDTVuOEksDI/W1oQAtQ2Po2iTBhMxZ4H9gxEgCqdb1
xU4jsbqimJBrQ3oMG4XCs1f50BtupAeHTv9oLtog67g2Mz3dHFX1OoobrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkheoQ7C4auEbQstP+5Fw2YI8U1MB8GA1UdIwQY
MBaAFJXBkgZxbFx501vxWSTbMyOk7BjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5Yjkt
YTRhOWNjNDcxNTk5LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zZmVlZDktY2U1Zi00YTIyLTk5YjktYTRhOWNjNDcxNTk5
LzEvbGNHU0JuRnNYSG5UV19GWkpOc3pJNlRzR01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHAPcZRL
mK/0dUViCkWAEoNpaiCsVnwOCT94FIjcCBRghkPg72bOJ7PoBxY3H3HImFSCsDdu
MyBidEEhiTge8T/CowbXb0pYA5j5tWbkzoMQnip+AHUx7Og3JHT2WPNL2bxyb6Ke
iXb5LFiMYYjvlxiXBF42Gscyea+Ez8KxORIboxKk7N1cFBs7l1zyh0EEEQmqm3uN
mziCdkGW/2KIeqKAa5or4XuLvFX4Y2zb5E3rtTxwnjzFyHp5xDF7bQoSxSHL6i/z
NgL9eYyTFVd/aQkoz7+mXC9BMYozNoCZFE0kA58Zds90CkCyiJ8VA1RmFj1nO2wb
dTzyaUxw5Y+kdQ==
-----END CERTIFICATE-----