Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
File:                     lmsFxmHHalvMSNqDju22lz8VO4Y.mft (raw, json)
Hash identifier:          Jh0xIFQwh/AfKvYdqwFyrP6maNXoYlhXrwg7R7+7qjc=
Subject key identifier:   AA:18:C9:19:53:56:1C:26:46:01:BF:8F:00:A5:1D:06:C3:B3:94:5F
Authority key identifier: 96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
Certificate issuer:       /CN=966b05c661c76a5bcc48da838eedb6973f153b86
Certificate serial:       019D38662B4D58A4ECF9C229F2F9A77B3F64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
Manifest number:          1895
Signing time:             Sun 29 Mar 2026 07:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:52 +0000
Files and hashes:         1: lmsFxmHHalvMSNqDju22lz8VO4Y.crl (hash: OTInf8mnbvdjEND4hr5rUJiWOOGH/P9MRU0gWiBuQw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2b:4d:58:a4:ec:f9:c2:29:f2:f9:a7:7b:3f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=966b05c661c76a5bcc48da838eedb6973f153b86
        Validity
            Not Before: Mar 29 07:01:52 2026 GMT
            Not After : Mar 30 07:01:52 2026 GMT
        Subject: CN=aa18c91953561c264601bf8f00a51d06c3b3945f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f4:da:73:3d:04:84:98:9f:42:35:b8:b0:84:
                    98:3e:81:80:5b:e5:4b:5e:61:73:08:ca:b0:39:5e:
                    ff:32:e5:54:15:5e:e9:c1:09:e9:bb:e9:e7:47:eb:
                    f5:e0:2f:bf:7b:a0:40:5d:e7:b5:cc:34:ca:30:f4:
                    50:49:05:d3:4b:75:20:91:65:e0:60:1f:02:57:b9:
                    20:22:63:3f:58:a4:70:57:02:17:2e:bb:99:dc:22:
                    45:de:0c:39:86:62:01:f7:91:f0:21:8f:4b:01:1a:
                    b3:81:00:0a:1e:62:ba:71:a7:45:b1:de:a8:82:bc:
                    31:b4:5e:5e:ee:90:0d:93:c0:39:13:65:c2:ab:45:
                    0a:de:e1:4c:34:2f:b7:1e:28:fd:11:d6:0e:ee:e5:
                    b0:2f:1c:d0:62:d5:bf:2d:2a:94:da:c7:26:8a:52:
                    87:d0:64:b8:cb:0f:c0:69:94:2c:04:86:be:7b:db:
                    37:bd:cf:fc:09:10:64:39:a8:46:36:a5:c7:d5:2f:
                    64:dc:a3:29:fa:5e:cb:b3:41:82:44:a2:c9:2a:cd:
                    c8:ef:b5:2a:02:44:49:ce:73:5b:82:29:19:8d:f2:
                    15:46:a1:cf:a6:03:f0:83:6c:ff:d6:5d:35:ec:b2:
                    3f:20:e5:65:6e:e7:8c:cc:b7:b5:13:32:6e:52:ea:
                    d6:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:18:C9:19:53:56:1C:26:46:01:BF:8F:00:A5:1D:06:C3:B3:94:5F
            X509v3 Authority Key Identifier:
                keyid:96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:39:07:a7:58:2f:d1:78:e0:a5:84:22:38:48:07:da:f0:47:
         82:8c:ee:b8:4f:5a:5d:a4:83:2f:44:53:14:9e:00:eb:8a:3d:
         90:9c:55:4c:98:e6:9c:71:bd:6c:05:0f:e9:dc:49:6b:2a:f6:
         e5:6c:a4:07:f0:e1:80:c5:bb:fc:99:fa:63:d5:c4:4c:e2:0e:
         a3:7b:a1:7e:ba:31:2e:e2:3e:90:86:b4:78:14:4b:04:0d:4a:
         81:75:43:af:55:7e:9d:60:31:d2:d5:a1:40:6a:99:36:68:e6:
         07:30:cd:6f:4a:be:1e:ba:0c:dc:47:a5:4e:d8:36:88:2d:de:
         b9:b4:88:dc:bb:dd:be:f6:b0:a4:3c:05:0e:17:80:f9:53:ea:
         05:0a:1c:2a:cf:6e:ff:d7:19:6c:57:73:7b:40:9a:6b:1e:c7:
         2d:40:25:e7:5e:62:07:be:4d:ac:79:4c:78:e2:40:a7:e1:5c:
         d1:49:74:6c:a8:f4:0b:0d:9b:1b:a8:c3:0b:58:bb:26:db:9e:
         2c:6a:78:a4:08:de:b3:80:4a:11:8d:29:b3:4b:7e:18:06:f7:
         5d:1a:20:a0:f9:76:8e:57:00:82:4f:db:e1:7f:b2:dd:4c:b5:
         35:6b:02:ce:ec:5f:69:7b:6b:a8:8a:61:a4:14:3a:e4:a0:f1:
         15:31:a9:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZitNWKTs+cIp8vmnez9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmIwNWM2NjFjNzZhNWJjYzQ4ZGE4MzhlZWRiNjk3M2Yx
NTNiODYwHhcNMjYwMzI5MDcwMTUyWhcNMjYwMzMwMDcwMTUyWjAzMTEwLwYDVQQD
EyhhYTE4YzkxOTUzNTYxYzI2NDYwMWJmOGYwMGE1MWQwNmMzYjM5NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fTacz0EhJifQjW4sISYPoGAW+VL
XmFzCMqwOV7/MuVUFV7pwQnpu+nnR+v14C+/e6BAXee1zDTKMPRQSQXTS3UgkWXg
YB8CV7kgImM/WKRwVwIXLruZ3CJF3gw5hmIB95HwIY9LARqzgQAKHmK6cadFsd6o
grwxtF5e7pANk8A5E2XCq0UK3uFMNC+3Hij9EdYO7uWwLxzQYtW/LSqU2scmilKH
0GS4yw/AaZQsBIa+e9s3vc/8CRBkOahGNqXH1S9k3KMp+l7Ls0GCRKLJKs3I77Uq
AkRJznNbgikZjfIVRqHPpgPwg2z/1l017LI/IOVlbueMzLe1EzJuUurWfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoYyRlTVhwmRgG/jwClHQbDs5RfMB8GA1UdIwQY
MBaAFJZrBcZhx2pbzEjag47ttpc/FTuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMt
ZTNjMmYzMmNmM2I3LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMtZTNjMmYzMmNmM2I3
LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgjkHp1gv
0XjgpYQiOEgH2vBHgozuuE9aXaSDL0RTFJ4A64o9kJxVTJjmnHG9bAUP6dxJayr2
5WykB/DhgMW7/Jn6Y9XETOIOo3uhfroxLuI+kIa0eBRLBA1KgXVDr1V+nWAx0tWh
QGqZNmjmBzDNb0q+HroM3EelTtg2iC3eubSI3LvdvvawpDwFDheA+VPqBQocKs9u
/9cZbFdze0Caax7HLUAl515iB75NrHlMeOJAp+Fc0Ul0bKj0Cw2bG6jDC1i7Jtue
LGp4pAjes4BKEY0ps0t+GAb3XRogoPl2jlcAgk/b4X+y3Uy1NWsCzuxfaXtrqIph
pBQ65KDxFTGpNw==
-----END CERTIFICATE-----