Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          3QXukPNIbplRefs47v82sUWroJJJoWToN1RbTkvlZp4=
Subject key identifier:   B2:50:1A:A0:92:EE:C3:D1:22:61:B4:77:EB:81:93:87:95:61:D6:51
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       019D34BEFCFC7A5C64A5E62AFA1C5E1512F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          181C
Signing time:             Sat 28 Mar 2026 14:00:24 +0000
Manifest this update:     Sat 28 Mar 2026 14:00:24 +0000
Manifest next update:     Sun 29 Mar 2026 14:00:24 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: oQYHp5U0bWvwl5bDpC5q+9Z2QNoJL3k9v58zRMG9s74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:34:be:fc:fc:7a:5c:64:a5:e6:2a:fa:1c:5e:15:12:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: Mar 28 14:00:24 2026 GMT
            Not After : Mar 29 14:00:24 2026 GMT
        Subject: CN=b2501aa092eec3d12261b477eb8193879561d651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:95:e1:aa:83:f6:01:d0:2f:5a:c5:29:6c:39:
                    aa:4e:d3:e2:91:3a:6d:3c:31:24:84:ff:b0:b6:a3:
                    3f:33:b6:c9:60:8f:51:b6:d4:70:03:b4:04:ec:3f:
                    ff:ee:f3:1e:28:c5:17:61:a6:b7:61:6a:9a:4d:ea:
                    b9:38:e3:77:63:0b:65:bb:8b:70:ca:9f:e4:1c:08:
                    38:77:1d:83:04:0a:f4:74:01:38:22:ae:14:82:37:
                    3a:ee:27:78:7b:83:e5:0b:94:71:8d:d6:42:1c:2e:
                    a9:17:59:66:f0:52:ae:37:6a:73:ed:ff:a9:86:a6:
                    90:52:20:af:42:9a:89:8d:02:a3:e4:32:7b:47:b0:
                    1b:a0:e3:8e:56:66:99:7b:13:02:6f:9f:39:b2:3b:
                    92:21:21:43:88:45:ad:f5:c4:88:aa:0f:b8:aa:3d:
                    a1:41:6f:0f:34:d6:f0:82:bd:06:80:43:23:c4:bd:
                    44:2c:d7:c8:d2:4a:d9:f0:5a:2c:9f:cc:d6:28:ff:
                    47:ab:ca:3d:f9:d0:d5:27:c9:97:96:0c:27:d1:9f:
                    d3:7f:13:c5:92:af:5b:e3:8e:4f:db:a3:84:a4:d7:
                    25:ad:c8:23:22:68:e5:67:66:99:f5:9a:70:ae:d6:
                    d7:90:15:c1:75:25:6e:45:39:20:f9:10:72:9e:6d:
                    86:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:50:1A:A0:92:EE:C3:D1:22:61:B4:77:EB:81:93:87:95:61:D6:51
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:21:02:1d:99:ab:fa:6b:f7:f8:1e:38:df:36:2a:98:05:23:
         39:91:94:1b:d8:30:9f:0c:4d:91:fa:df:c3:07:46:aa:3c:41:
         a4:74:8c:80:18:5a:a8:42:6e:07:e8:c0:35:a9:2c:2a:fe:6b:
         c9:ad:d7:b0:56:83:04:20:32:a0:9a:78:70:6b:89:bf:79:a1:
         55:cd:c5:b7:69:65:82:7d:53:65:8a:a4:c4:11:f2:47:ef:fe:
         df:5f:20:47:31:5c:e2:4e:ed:03:fc:a6:46:76:34:33:ff:5b:
         11:19:d8:f6:bc:dc:37:53:1f:fa:77:66:d8:37:be:2b:24:3d:
         5d:04:0f:c9:64:d3:28:cc:ea:83:74:6d:d7:07:a2:21:8b:6c:
         67:54:c5:17:8c:10:52:4f:96:49:a9:75:fe:7e:a2:38:2b:ce:
         7e:34:53:fb:ae:83:24:cc:a2:f0:6a:e1:49:53:a8:bd:d0:63:
         e0:d9:71:98:cd:7b:4e:bc:ae:db:b0:15:82:ed:ab:12:71:c8:
         e3:19:d4:e1:b9:d9:16:03:32:f3:14:b2:6c:74:43:08:90:da:
         11:c5:85:6c:f6:3f:50:e5:fb:4e:0f:e1:93:64:28:e9:99:e9:
         84:79:74:99:f4:e7:d8:84:84:89:c3:18:39:26:60:56:c8:02:
         a6:11:da:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ00vvz8elxkpeYq+hxeFRLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjYwMzI4MTQwMDI0WhcNMjYwMzI5MTQwMDI0WjAzMTEwLwYDVQQD
EyhiMjUwMWFhMDkyZWVjM2QxMjI2MWI0NzdlYjgxOTM4Nzk1NjFkNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpXhqoP2AdAvWsUpbDmqTtPikTpt
PDEkhP+wtqM/M7bJYI9RttRwA7QE7D//7vMeKMUXYaa3YWqaTeq5OON3Ywtlu4tw
yp/kHAg4dx2DBAr0dAE4Iq4Ugjc67id4e4PlC5RxjdZCHC6pF1lm8FKuN2pz7f+p
hqaQUiCvQpqJjQKj5DJ7R7AboOOOVmaZexMCb585sjuSISFDiEWt9cSIqg+4qj2h
QW8PNNbwgr0GgEMjxL1ELNfI0krZ8Fosn8zWKP9Hq8o9+dDVJ8mXlgwn0Z/TfxPF
kq9b445P26OEpNclrcgjImjlZ2aZ9ZpwrtbXkBXBdSVuRTkg+RBynm2GxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJQGqCS7sPRImG0d+uBk4eVYdZRMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVCECHZmr
+mv3+B443zYqmAUjOZGUG9gwnwxNkfrfwwdGqjxBpHSMgBhaqEJuB+jANaksKv5r
ya3XsFaDBCAyoJp4cGuJv3mhVc3Ft2llgn1TZYqkxBHyR+/+318gRzFc4k7tA/ym
RnY0M/9bERnY9rzcN1Mf+ndm2De+KyQ9XQQPyWTTKMzqg3Rt1weiIYtsZ1TFF4wQ
Uk+WSal1/n6iOCvOfjRT+66DJMyi8GrhSVOovdBj4NlxmM17Tryu27AVgu2rEnHI
4xnU4bnZFgMy8xSybHRDCJDaEcWFbPY/UOX7Tg/hk2Qo6ZnphHl0mfTn2ISEicMY
OSZgVsgCphHaxw==
-----END CERTIFICATE-----