Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
File:                     dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft (raw, json)
Hash identifier:          OUFg/hD9EHCA/CqZyxm3W2MNTwIrnEOXayLW5v5v8Mo=
Subject key identifier:   92:FF:84:B3:BC:80:FA:3B:2C:3D:0F:4B:0D:AE:D0:FE:A8:B9:38:E6
Authority key identifier: 74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96
Certificate issuer:       /CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
Certificate serial:       019D25BAB0466350713FCFA1B3B048B7A2F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
Manifest number:          1357
Signing time:             Wed 25 Mar 2026 16:01:24 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:24 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:24 +0000
Files and hashes:         1: dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl (hash: s0SKmmpTCkfvYpKZpfUUF/ixXEfPiwLGUSIj9Eb6478=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:b0:46:63:50:71:3f:cf:a1:b3:b0:48:b7:a2:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b31268f2ff7e8ceadf1de95f97f0b1d2b15f96
        Validity
            Not Before: Mar 25 16:01:24 2026 GMT
            Not After : Mar 26 16:01:24 2026 GMT
        Subject: CN=92ff84b3bc80fa3b2c3d0f4b0daed0fea8b938e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:25:32:d2:0c:0f:12:ff:3c:42:6d:ae:04:f6:
                    3a:33:dd:09:97:26:be:57:9b:a8:38:46:86:b8:8b:
                    73:a4:75:7c:c0:a8:7a:fd:cb:79:37:e0:a6:70:c2:
                    39:88:1e:cb:b8:0c:00:ca:b5:9f:bc:cd:5f:e5:fa:
                    5a:de:bd:45:53:57:88:f1:45:f4:64:8f:8d:05:85:
                    92:08:af:46:73:60:a6:72:a8:07:6a:54:77:4c:6b:
                    84:09:bc:d0:47:23:6f:ed:8d:21:a5:37:8a:a0:65:
                    99:45:bd:50:83:fa:26:95:27:80:78:ca:34:31:7e:
                    7a:40:15:f8:84:35:a8:51:6e:2c:e5:d7:ab:0c:7b:
                    8f:5c:0f:c8:83:87:e8:7c:6a:70:cf:35:46:ae:40:
                    a6:cd:c0:9d:47:05:bb:83:7b:9d:50:bf:16:eb:f8:
                    ad:59:ca:58:a0:e8:9c:1d:76:35:10:d5:7c:97:0b:
                    98:01:79:a4:17:3a:97:e4:64:70:92:fb:2b:87:e7:
                    de:9d:09:0c:55:1e:08:57:5d:0f:16:4e:e0:1c:e7:
                    15:34:d3:8d:77:b0:49:64:de:f6:a9:cf:93:34:96:
                    11:81:2c:74:59:bb:af:fe:af:50:09:15:82:9e:82:
                    2c:6d:60:28:b6:6a:aa:e4:97:3d:4b:cc:21:e4:75:
                    0e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:FF:84:B3:BC:80:FA:3B:2C:3D:0F:4B:0D:AE:D0:FE:A8:B9:38:E6
            X509v3 Authority Key Identifier:
                keyid:74:B3:12:68:F2:FF:7E:8C:EA:DF:1D:E9:5F:97:F0:B1:D2:B1:5F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLMSaPL_fozq3x3pX5fwsdKxX5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9d9112-f57e-49c7-a93b-d8549edf7cef/1/dLMSaPL_fozq3x3pX5fwsdKxX5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:3a:65:63:69:22:58:1e:a4:3b:69:99:1e:c0:36:e0:dc:32:
         69:7c:4b:3c:80:2c:e8:e8:28:84:43:d1:3c:99:f9:2a:9d:4b:
         ab:00:a7:b1:58:aa:5a:b1:74:b4:83:89:a6:09:28:1e:ed:21:
         c1:94:66:10:c7:99:58:09:b1:3d:0c:2c:2e:91:c1:8d:26:fa:
         71:b9:d9:0f:a6:68:3a:e5:4a:01:be:4b:21:e1:1a:38:ee:4c:
         92:6a:73:d1:1b:a5:3a:55:55:89:00:b7:dd:b3:94:74:db:0a:
         d3:3a:60:e2:70:7e:08:27:33:e3:d7:2c:a3:78:69:07:c9:59:
         5b:ef:8e:79:9b:2b:54:e7:1b:a4:b8:82:c5:ee:e3:24:36:e5:
         bd:d1:d2:1c:fb:ab:4a:11:7b:d6:c1:11:dd:38:9c:3c:f6:53:
         2c:aa:8b:f8:22:31:12:76:22:c8:93:55:0c:3c:f9:52:97:29:
         31:2c:e4:21:f3:8c:82:e6:3d:8d:fb:65:18:d5:5c:28:48:c2:
         49:39:83:10:90:50:aa:4c:93:b3:74:df:bb:4a:11:8f:0a:ee:
         e0:1f:0c:c2:21:53:cc:22:19:f5:a7:19:53:99:b5:b5:25:7f:
         3e:2e:48:65:72:eb:6d:13:5c:34:fa:b0:34:4e:7e:37:bf:e6:
         b5:0f:ee:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lurBGY1BxP8+hs7BIt6LzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjMxMjY4ZjJmZjdlOGNlYWRmMWRlOTVmOTdmMGIxZDJi
MTVmOTYwHhcNMjYwMzI1MTYwMTI0WhcNMjYwMzI2MTYwMTI0WjAzMTEwLwYDVQQD
Eyg5MmZmODRiM2JjODBmYTNiMmMzZDBmNGIwZGFlZDBmZWE4YjkzOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSUy0gwPEv88Qm2uBPY6M90Jlya+
V5uoOEaGuItzpHV8wKh6/ct5N+CmcMI5iB7LuAwAyrWfvM1f5fpa3r1FU1eI8UX0
ZI+NBYWSCK9Gc2CmcqgHalR3TGuECbzQRyNv7Y0hpTeKoGWZRb1Qg/omlSeAeMo0
MX56QBX4hDWoUW4s5derDHuPXA/Ig4fofGpwzzVGrkCmzcCdRwW7g3udUL8W6/it
WcpYoOicHXY1ENV8lwuYAXmkFzqX5GRwkvsrh+fenQkMVR4IV10PFk7gHOcVNNON
d7BJZN72qc+TNJYRgSx0Wbuv/q9QCRWCnoIsbWAotmqq5Jc9S8wh5HUOJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJL/hLO8gPo7LD0PSw2u0P6ouTjmMB8GA1UdIwQY
MBaAFHSzEmjy/36M6t8d6V+X8LHSsV+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2It
ZDg1NDllZGY3Y2VmLzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZDkxMTItZjU3ZS00OWM3LWE5M2ItZDg1NDllZGY3Y2Vm
LzEvZExNU2FQTF9mb3pxM3gzcFg1ZndzZEt4WDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzplY2ki
WB6kO2mZHsA24NwyaXxLPIAs6OgohEPRPJn5Kp1LqwCnsViqWrF0tIOJpgkoHu0h
wZRmEMeZWAmxPQwsLpHBjSb6cbnZD6ZoOuVKAb5LIeEaOO5Mkmpz0RulOlVViQC3
3bOUdNsK0zpg4nB+CCcz49cso3hpB8lZW++OeZsrVOcbpLiCxe7jJDblvdHSHPur
ShF71sER3TicPPZTLKqL+CIxEnYiyJNVDDz5UpcpMSzkIfOMguY9jftlGNVcKEjC
STmDEJBQqkyTs3Tfu0oRjwru4B8MwiFTzCIZ9acZU5m1tSV/Pi5IZXLrbRNcNPqw
NE5+N7/mtQ/ugA==
-----END CERTIFICATE-----