Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          hsu9fXe27RJFqJ6RQGyLdcgKveV8eTJcCIw9x45fQU4=
Subject key identifier:   0D:9B:32:6E:45:5C:2C:21:61:D9:8E:1E:BF:84:21:D7:16:36:A1:D9
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       019D38D2FB313E07A3BC65AEF56CBF961BE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0493
Signing time:             Sun 29 Mar 2026 09:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:44 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: H9FiPrqWpouAzQ61SEvKyIsmI25qLV3vBq9oPsq1Zz4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:fb:31:3e:07:a3:bc:65:ae:f5:6c:bf:96:1b:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Mar 29 09:00:44 2026 GMT
            Not After : Mar 30 09:00:44 2026 GMT
        Subject: CN=0d9b326e455c2c2161d98e1ebf8421d71636a1d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:26:dd:c6:35:21:65:96:10:5c:9e:8f:2e:f6:
                    a6:2f:5d:80:19:27:51:f0:27:b8:47:d5:b1:a9:e9:
                    42:a6:9e:7d:67:62:12:64:66:be:a8:66:e5:e7:e0:
                    a6:17:a9:04:21:51:52:52:43:56:ae:99:c4:8e:69:
                    75:a7:fa:ae:46:e1:ae:7d:6f:81:45:d5:62:f6:0e:
                    dd:66:14:98:b5:38:4b:87:a1:8c:3c:92:7d:df:02:
                    7c:d7:fc:ee:70:ef:73:f1:85:0a:1e:e2:95:4e:41:
                    1a:10:1e:d4:04:08:42:97:31:9b:18:05:c8:23:43:
                    47:c7:d9:d1:7e:4b:25:dc:43:cb:f5:ac:70:57:56:
                    0a:2f:94:c4:a9:ad:2a:01:9a:fb:c0:6f:a0:c8:21:
                    9c:06:c8:a8:33:d8:cf:7c:19:a9:05:dd:6f:98:ba:
                    d3:85:36:90:08:24:13:4e:20:ca:c7:6b:74:83:04:
                    23:fe:72:69:ca:75:5e:af:ef:a8:a0:2b:21:ee:9c:
                    05:3f:8f:ce:a9:fe:f8:7d:7b:ef:5a:0f:7b:53:b7:
                    08:42:36:96:0a:26:b7:95:b1:f2:e5:0d:49:5a:0e:
                    18:d7:df:47:f9:37:3f:50:ec:bf:1d:da:f8:e4:f7:
                    02:f8:64:4b:57:b6:1d:75:94:f1:d9:b8:1a:aa:0b:
                    07:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9B:32:6E:45:5C:2C:21:61:D9:8E:1E:BF:84:21:D7:16:36:A1:D9
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:c2:c4:ae:f4:4a:88:25:c2:df:90:2e:9b:91:81:05:9a:72:
         a2:11:87:5e:29:3a:bf:9a:48:0d:a9:2c:e5:de:cc:80:25:83:
         80:6d:46:a5:df:d4:eb:86:04:5b:86:ee:7a:9a:17:4b:f2:09:
         03:ea:51:9f:05:a0:31:f0:b9:bf:20:38:f8:70:73:01:01:99:
         dd:16:18:fd:11:d6:95:67:b9:a8:47:f3:2b:8a:1a:3e:f3:d3:
         38:4e:1a:65:0a:ea:56:52:72:57:e9:4f:31:0e:13:be:5b:ef:
         5d:01:6a:e6:78:fc:29:b3:86:58:8f:a0:bb:8f:a3:b3:f2:6f:
         f2:77:ed:7c:9b:be:bd:57:9e:2a:64:f1:66:a8:8f:18:c6:be:
         37:10:b2:b4:40:5f:4c:f2:98:c6:b0:23:f7:a5:9f:36:5e:b5:
         9d:72:93:86:26:ea:55:0d:ca:91:b3:88:4a:0f:e5:bf:2d:a4:
         85:0c:93:3f:b8:aa:c5:20:5b:dc:65:95:f6:9c:a4:74:c1:2e:
         33:07:37:f5:50:8b:47:45:31:42:83:46:50:78:cf:b9:ec:b4:
         36:48:8d:9c:f8:ab:50:82:ec:c2:88:49:7d:dc:2c:d8:5b:72:
         23:0e:a0:21:63:05:88:96:de:2e:3a:5d:45:41:ac:10:93:69:
         b6:47:66:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vsxPgejvGWu9Wy/lhvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjYwMzI5MDkwMDQ0WhcNMjYwMzMwMDkwMDQ0WjAzMTEwLwYDVQQD
EygwZDliMzI2ZTQ1NWMyYzIxNjFkOThlMWViZjg0MjFkNzE2MzZhMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlibdxjUhZZYQXJ6PLvamL12AGSdR
8Ce4R9WxqelCpp59Z2ISZGa+qGbl5+CmF6kEIVFSUkNWrpnEjml1p/quRuGufW+B
RdVi9g7dZhSYtThLh6GMPJJ93wJ81/zucO9z8YUKHuKVTkEaEB7UBAhClzGbGAXI
I0NHx9nRfksl3EPL9axwV1YKL5TEqa0qAZr7wG+gyCGcBsioM9jPfBmpBd1vmLrT
hTaQCCQTTiDKx2t0gwQj/nJpynVer++ooCsh7pwFP4/Oqf74fXvvWg97U7cIQjaW
Cia3lbHy5Q1JWg4Y199H+Tc/UOy/Hdr45PcC+GRLV7YddZTx2bgaqgsH5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2bMm5FXCwhYdmOHr+EIdcWNqHZMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcLErvRK
iCXC35Aum5GBBZpyohGHXik6v5pIDaks5d7MgCWDgG1Gpd/U64YEW4buepoXS/IJ
A+pRnwWgMfC5vyA4+HBzAQGZ3RYY/RHWlWe5qEfzK4oaPvPTOE4aZQrqVlJyV+lP
MQ4TvlvvXQFq5nj8KbOGWI+gu4+js/Jv8nftfJu+vVeeKmTxZqiPGMa+NxCytEBf
TPKYxrAj96WfNl61nXKThibqVQ3KkbOISg/lvy2khQyTP7iqxSBb3GWV9pykdMEu
Mwc39VCLR0UxQoNGUHjPuey0NkiNnPirUILswohJfdws2FtyIw6gIWMFiJbeLjpd
RUGsEJNptkdmUQ==
-----END CERTIFICATE-----