Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          3yhCJBRcxjU5VexYr1p83dsYnrGKmD4tk7b8K6Jtkqk=
Subject key identifier:   17:25:DA:03:0E:D5:31:F7:14:5B:73:A7:A5:1A:EC:54:00:D2:3A:14
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       019D3865526BE35BF3516388E222EB1153A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0D08
Signing time:             Sun 29 Mar 2026 07:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:57 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: TuMYdXuXNjYYRhDyobOWEnQH6XswoLfT6ZlxpslW3aM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:52:6b:e3:5b:f3:51:63:88:e2:22:eb:11:53:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Mar 29 07:00:57 2026 GMT
            Not After : Mar 30 07:00:57 2026 GMT
        Subject: CN=1725da030ed531f7145b73a7a51aec5400d23a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a3:6d:bd:6b:f3:64:0a:d3:98:5c:3a:ee:25:
                    de:4b:b9:5f:7f:62:28:c2:a8:1f:0f:89:4d:2d:ac:
                    f9:fa:59:1c:84:05:f3:79:66:ec:82:1c:af:32:4e:
                    3d:21:d2:7b:b6:63:10:7b:22:b4:cb:af:00:04:04:
                    7a:0e:f0:b8:92:de:79:36:59:54:e4:96:9f:0d:41:
                    14:bd:51:fa:6a:c6:11:f8:6f:e5:2c:cb:6f:b2:a8:
                    29:36:ae:a4:a0:98:15:df:b0:49:8e:e4:17:48:e3:
                    12:7c:6b:72:bf:19:1f:df:66:a0:fd:5b:40:08:a4:
                    ff:78:ff:49:91:be:a9:03:c7:5b:2a:2c:25:46:72:
                    15:5c:7a:8e:82:22:51:c2:2b:63:c4:c2:22:ad:2f:
                    7a:5d:89:5f:df:dc:dd:b5:8d:e4:76:20:39:88:23:
                    25:c1:82:7d:c0:8c:7e:22:28:7f:53:3b:77:37:00:
                    d3:05:81:b3:22:9f:bc:c2:8a:f6:db:68:54:20:e0:
                    5c:a4:78:92:7b:1f:8d:53:e8:81:94:57:0f:2c:60:
                    1d:0f:3f:51:7c:5f:d1:3c:97:0d:14:1d:3d:e6:3f:
                    ef:05:5f:ab:f6:f6:e7:4e:55:15:75:0c:b4:f8:fb:
                    47:b8:ea:22:df:e9:b5:a3:da:c3:7b:2d:a3:f3:ed:
                    b7:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:25:DA:03:0E:D5:31:F7:14:5B:73:A7:A5:1A:EC:54:00:D2:3A:14
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:85:2c:e4:ee:9b:51:f1:6c:09:2e:13:2e:42:b8:d9:b6:c0:
         a3:99:81:da:e6:38:82:af:c8:a9:c1:85:1c:8e:ce:cb:0f:6b:
         e7:cb:f3:e1:50:6b:ba:21:3e:19:e1:bc:3c:ae:47:49:4d:4a:
         f8:fb:8b:01:27:2c:3e:cd:7b:98:e8:f9:bc:6f:53:5d:1f:40:
         63:51:59:65:38:c4:fd:f5:57:ca:06:07:88:ab:35:d6:30:ae:
         1a:5b:b5:82:f0:33:4b:2b:4d:98:f4:cc:3d:1f:f5:2e:98:4f:
         2b:68:30:04:85:14:4d:d5:2a:35:b0:76:61:79:47:2c:73:a6:
         bb:c7:f5:77:a8:9e:2e:e0:30:66:2d:ac:e5:08:ac:1e:1e:b7:
         c3:0b:92:65:d6:57:52:fd:b8:16:b1:79:68:04:8c:89:50:14:
         ba:0c:9c:8a:58:49:4b:85:ab:24:0c:14:ae:77:e3:19:e2:3a:
         94:b9:0c:7e:d9:61:e4:0e:ef:48:25:ba:c2:8e:93:89:d4:3c:
         5e:7b:99:b8:af:cd:e7:0a:c5:9a:ec:96:48:7f:0e:b4:57:b2:
         91:28:d9:f6:eb:90:bc:29:f0:bf:58:79:44:8a:a4:91:c6:b7:
         e8:40:64:29:75:66:6c:6c:31:1b:fe:a0:52:da:45:c9:c0:75:
         9c:90:62:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVJr41vzUWOI4iLrEVOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjYwMzI5MDcwMDU3WhcNMjYwMzMwMDcwMDU3WjAzMTEwLwYDVQQD
EygxNzI1ZGEwMzBlZDUzMWY3MTQ1YjczYTdhNTFhZWM1NDAwZDIzYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKNtvWvzZArTmFw67iXeS7lff2Io
wqgfD4lNLaz5+lkchAXzeWbsghyvMk49IdJ7tmMQeyK0y68ABAR6DvC4kt55NllU
5JafDUEUvVH6asYR+G/lLMtvsqgpNq6koJgV37BJjuQXSOMSfGtyvxkf32ag/VtA
CKT/eP9Jkb6pA8dbKiwlRnIVXHqOgiJRwitjxMIirS96XYlf39zdtY3kdiA5iCMl
wYJ9wIx+Iih/Uzt3NwDTBYGzIp+8wor222hUIOBcpHiSex+NU+iBlFcPLGAdDz9R
fF/RPJcNFB095j/vBV+r9vbnTlUVdQy0+PtHuOoi3+m1o9rDey2j8+23fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcl2gMO1TH3FFtzp6Ua7FQA0joUMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARoUs5O6b
UfFsCS4TLkK42bbAo5mB2uY4gq/IqcGFHI7Oyw9r58vz4VBruiE+GeG8PK5HSU1K
+PuLAScsPs17mOj5vG9TXR9AY1FZZTjE/fVXygYHiKs11jCuGlu1gvAzSytNmPTM
PR/1LphPK2gwBIUUTdUqNbB2YXlHLHOmu8f1d6ieLuAwZi2s5QisHh63wwuSZdZX
Uv24FrF5aASMiVAUugycilhJS4WrJAwUrnfjGeI6lLkMftlh5A7vSCW6wo6TidQ8
XnuZuK/N5wrFmuyWSH8OtFeykSjZ9uuQvCnwv1h5RIqkkca36EBkKXVmbGwxG/6g
UtpFycB1nJBi0g==
-----END CERTIFICATE-----