Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
File:                     LKzIXJmo4dt9HFImfC3b08OeGLI.mft (raw, json)
Hash identifier:          j1hXVuCaPx83OU8DViGc/YOY3CHuX2Ia6PWZg+YKr1U=
Subject key identifier:   1B:52:55:9C:C4:9E:B9:D0:A5:C6:EB:E7:09:66:C7:9F:36:EB:1C:64
Authority key identifier: 2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2
Certificate issuer:       /CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
Certificate serial:       019D3865D1ACA32F25F84694599542F70E6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
Manifest number:          0FA6
Signing time:             Sun 29 Mar 2026 07:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:29 +0000
Files and hashes:         1: LKzIXJmo4dt9HFImfC3b08OeGLI.crl (hash: 3PV56e8yRffeTKjTwtfSdmpxsATVfX7j/4kwBQTLUmA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:d1:ac:a3:2f:25:f8:46:94:59:95:42:f7:0e:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cacc85c99a8e1db7d1c52267c2ddbd3c39e18b2
        Validity
            Not Before: Mar 29 07:01:29 2026 GMT
            Not After : Mar 30 07:01:29 2026 GMT
        Subject: CN=1b52559cc49eb9d0a5c6ebe70966c79f36eb1c64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d6:58:70:e8:70:ef:1a:70:71:9d:77:83:9b:
                    a4:23:e1:88:99:e8:e5:5d:b4:fd:af:fd:6f:aa:ea:
                    a5:ee:ba:5f:1a:f8:29:bd:61:c3:e3:80:32:59:4d:
                    66:f8:ae:01:ec:75:78:7e:7a:53:a3:cb:27:03:3d:
                    1e:c6:5e:5a:69:2a:15:4e:f9:12:7a:b0:a7:d9:b3:
                    08:c1:30:03:4e:7f:6f:46:56:ee:cd:16:48:95:83:
                    8f:c3:f4:a5:5d:bb:c9:9e:4f:01:36:43:a7:38:09:
                    56:45:03:d3:5d:c4:fe:fa:dc:b4:82:7a:ef:59:a5:
                    de:fd:22:8f:dd:28:71:08:d5:47:a0:0b:9e:94:95:
                    03:bb:85:ea:48:bf:81:7f:80:11:10:37:b6:fa:13:
                    f1:a0:4c:75:67:b2:e4:9f:98:54:55:e5:3a:ef:a8:
                    d9:96:1e:69:6e:3d:06:94:06:21:c1:1f:4b:c6:56:
                    26:a4:d3:70:87:66:a3:ed:61:b3:bf:2f:62:00:b8:
                    90:5a:3d:f1:0a:1d:bc:a9:95:09:47:2a:c9:cf:d9:
                    27:35:88:c9:85:d6:3b:35:c0:83:44:ac:28:5b:92:
                    80:8e:56:31:d3:a4:86:b8:26:fc:ce:5c:21:c6:61:
                    11:f0:f0:44:be:d1:4a:a5:23:3d:7c:94:2c:17:51:
                    c0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:52:55:9C:C4:9E:B9:D0:A5:C6:EB:E7:09:66:C7:9F:36:EB:1C:64
            X509v3 Authority Key Identifier:
                keyid:2C:AC:C8:5C:99:A8:E1:DB:7D:1C:52:26:7C:2D:DB:D3:C3:9E:18:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKzIXJmo4dt9HFImfC3b08OeGLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0add7c-a28c-4ae8-8885-01ce06d315cd/1/LKzIXJmo4dt9HFImfC3b08OeGLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:e2:46:12:fa:b1:71:9e:5d:ef:f5:69:27:8e:79:47:61:27:
         1e:d3:64:2a:65:a7:71:30:d0:08:82:38:85:33:df:7a:0a:6d:
         20:d7:3d:6f:ab:ef:2c:45:c7:71:cf:3d:9d:01:a9:36:49:bd:
         2f:2b:95:b2:e5:4f:c6:a3:4e:eb:68:cc:4a:b5:3a:c4:b8:74:
         3b:ca:96:02:fe:5c:fd:75:e5:11:13:0f:c0:e7:dd:04:12:98:
         6f:1f:2c:b0:38:f7:41:b6:d5:16:28:c4:ee:85:a3:9c:89:44:
         df:bd:82:45:dc:ff:0b:40:96:0a:2a:99:ac:bf:8b:b6:65:97:
         7b:4c:ce:60:05:df:a9:53:6f:b4:64:70:57:56:1a:de:84:d9:
         0f:09:1c:f9:46:9e:e2:c7:05:15:48:2a:28:24:f9:63:01:3f:
         df:de:9f:8e:82:59:42:31:15:2f:78:76:de:b7:92:80:f4:e1:
         94:5c:0d:5a:f7:0f:ad:4b:c1:0f:ba:6c:7c:89:9b:df:5a:7d:
         0b:49:3e:df:01:0e:c2:80:cb:4a:8f:f7:80:77:5a:75:9b:cc:
         bd:f2:ae:d6:34:dc:a7:84:68:0b:90:0b:28:43:bd:36:bf:4c:
         e5:ef:3f:00:a8:f2:97:fe:5c:07:43:af:73:cc:72:f7:0b:09:
         ee:83:50:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdGsoy8l+EaUWZVC9w5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWNjODVjOTlhOGUxZGI3ZDFjNTIyNjdjMmRkYmQzYzM5
ZTE4YjIwHhcNMjYwMzI5MDcwMTI5WhcNMjYwMzMwMDcwMTI5WjAzMTEwLwYDVQQD
EygxYjUyNTU5Y2M0OWViOWQwYTVjNmViZTcwOTY2Yzc5ZjM2ZWIxYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdZYcOhw7xpwcZ13g5ukI+GImejl
XbT9r/1vquql7rpfGvgpvWHD44AyWU1m+K4B7HV4fnpTo8snAz0exl5aaSoVTvkS
erCn2bMIwTADTn9vRlbuzRZIlYOPw/SlXbvJnk8BNkOnOAlWRQPTXcT++ty0gnrv
WaXe/SKP3ShxCNVHoAuelJUDu4XqSL+Bf4AREDe2+hPxoEx1Z7Lkn5hUVeU676jZ
lh5pbj0GlAYhwR9LxlYmpNNwh2aj7WGzvy9iALiQWj3xCh28qZUJRyrJz9knNYjJ
hdY7NcCDRKwoW5KAjlYx06SGuCb8zlwhxmER8PBEvtFKpSM9fJQsF1HADQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtSVZzEnrnQpcbr5wlmx5826xxkMB8GA1UdIwQY
MBaAFCysyFyZqOHbfRxSJnwt29PDnhiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUt
MDFjZTA2ZDMxNWNkLzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYWRkN2MtYTI4Yy00YWU4LTg4ODUtMDFjZTA2ZDMxNWNk
LzEvTEt6SVhKbW80ZHQ5SEZJbWZDM2IwOE9lR0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEeJGEvqx
cZ5d7/VpJ455R2EnHtNkKmWncTDQCII4hTPfegptINc9b6vvLEXHcc89nQGpNkm9
LyuVsuVPxqNO62jMSrU6xLh0O8qWAv5c/XXlERMPwOfdBBKYbx8ssDj3QbbVFijE
7oWjnIlE372CRdz/C0CWCiqZrL+LtmWXe0zOYAXfqVNvtGRwV1Ya3oTZDwkc+Uae
4scFFUgqKCT5YwE/396fjoJZQjEVL3h23reSgPThlFwNWvcPrUvBD7psfImb31p9
C0k+3wEOwoDLSo/3gHdadZvMvfKu1jTcp4RoC5ALKEO9Nr9M5e8/AKjyl/5cB0Ov
c8xy9wsJ7oNQ0g==
-----END CERTIFICATE-----