Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
File:                     lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft (raw, json)
Hash identifier:          2Qu7YzV2SAevmEpNRy8fe8GTghusp/rgQhQtT6yGAFM=
Subject key identifier:   8E:3E:6C:43:10:CB:9C:A3:F8:9B:C5:D3:1A:8A:4D:66:80:9B:1D:FB
Authority key identifier: 95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24
Certificate issuer:       /CN=956e316c983804c2501ecc5abea53a2a83b57324
Certificate serial:       019D28F26888F2E2ED28BF92072755EFD8C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
Manifest number:          1857
Signing time:             Thu 26 Mar 2026 07:01:08 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:08 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:08 +0000
Files and hashes:         1: lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl (hash: v7M86KwoITnUfCWYWm4Iha/pIYIFaowSOI9Y2hbM3tM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:68:88:f2:e2:ed:28:bf:92:07:27:55:ef:d8:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956e316c983804c2501ecc5abea53a2a83b57324
        Validity
            Not Before: Mar 26 07:01:08 2026 GMT
            Not After : Mar 27 07:01:08 2026 GMT
        Subject: CN=8e3e6c4310cb9ca3f89bc5d31a8a4d66809b1dfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:9c:f9:c3:0d:95:5f:98:16:12:0c:37:54:d6:
                    7f:3b:49:c4:7a:a7:ad:a9:f9:24:7f:8e:c5:c2:9d:
                    b6:bd:83:f2:1a:5d:f2:61:c4:14:8f:6d:9c:99:35:
                    ff:c3:05:fd:66:6b:55:c6:0f:aa:7f:73:71:ed:3c:
                    3f:d8:40:4f:49:bf:37:77:f7:22:87:5a:9b:b7:e2:
                    6b:f7:fe:61:08:2f:94:ec:3e:21:68:d4:e3:2a:d2:
                    5f:d0:25:81:3b:a1:01:bc:cc:39:54:20:1e:2d:62:
                    be:9e:c1:21:dd:f7:b1:1a:19:19:3f:86:d8:06:a6:
                    4e:6d:10:be:b1:20:38:47:7d:91:03:d6:38:9b:4c:
                    cf:ed:b7:33:e9:0c:ae:85:c8:3f:17:8a:f5:ed:34:
                    bd:92:2b:6f:0d:4f:21:92:53:95:75:4d:a6:22:d2:
                    f9:41:ba:ec:29:5a:9a:d5:53:15:84:77:5d:15:b0:
                    f6:94:7e:36:d4:32:c8:f8:7b:06:e1:c3:b2:b7:59:
                    88:76:e3:56:9f:9b:8d:b6:ba:28:99:67:8f:cd:80:
                    30:da:f2:ae:3f:5a:4e:76:6c:53:80:ef:7f:35:fc:
                    b1:49:f3:ca:09:9e:f0:10:30:27:97:b6:50:f0:f4:
                    49:78:5c:59:7b:95:da:99:9d:35:fb:87:d1:90:9d:
                    39:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3E:6C:43:10:CB:9C:A3:F8:9B:C5:D3:1A:8A:4D:66:80:9B:1D:FB
            X509v3 Authority Key Identifier:
                keyid:95:6E:31:6C:98:38:04:C2:50:1E:CC:5A:BE:A5:3A:2A:83:B5:73:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lW4xbJg4BMJQHsxavqU6KoO1cyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/02240f-e080-4be9-93c4-396fcda6490c/1/lW4xbJg4BMJQHsxavqU6KoO1cyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:74:1f:53:db:54:65:64:73:4c:25:ab:9d:d6:9c:79:93:0b:
         d0:c7:0a:f3:54:1d:7d:3c:26:73:8a:ac:f8:e3:03:60:42:16:
         1b:46:f8:a2:d4:48:6f:11:8b:dd:9a:fd:5f:b6:90:52:38:df:
         5d:4d:5c:7c:4b:88:59:57:00:9f:0f:dd:08:41:d9:7f:b6:c5:
         37:f5:ea:6a:72:58:01:96:ac:cd:0b:f8:bc:9e:5b:90:c3:2b:
         3f:b1:99:a8:9b:d9:db:03:83:85:34:f0:d7:77:ed:72:17:a8:
         0a:c6:9e:ce:0f:2a:e2:e5:54:bb:48:d4:4d:0d:69:f7:a2:52:
         5b:ae:f8:6c:ab:40:c9:56:b9:f9:88:6a:50:e7:b8:0f:70:64:
         0e:13:3e:42:85:fe:c7:8c:e6:2f:f5:7f:01:03:4f:ba:5f:70:
         86:06:7b:d3:36:67:aa:f7:cc:7b:6b:6f:f4:6f:8c:17:9d:e9:
         44:79:66:8c:0b:c5:7b:8e:32:22:6b:bc:04:33:fc:e1:aa:63:
         11:44:b4:51:79:95:ab:69:36:2f:fb:e1:cc:80:8c:0e:26:d5:
         04:c9:ab:54:ae:55:7f:32:4b:7e:1f:cd:48:72:7d:b4:24:91:
         3a:7f:70:6c:98:8a:9a:65:28:75:f3:fd:b9:a9:20:fe:95:d5:
         c5:fa:ef:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8miI8uLtKL+SBydV79jHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmUzMTZjOTgzODA0YzI1MDFlY2M1YWJlYTUzYTJhODNi
NTczMjQwHhcNMjYwMzI2MDcwMTA4WhcNMjYwMzI3MDcwMTA4WjAzMTEwLwYDVQQD
Eyg4ZTNlNmM0MzEwY2I5Y2EzZjg5YmM1ZDMxYThhNGQ2NjgwOWIxZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpz5ww2VX5gWEgw3VNZ/O0nEeqet
qfkkf47Fwp22vYPyGl3yYcQUj22cmTX/wwX9ZmtVxg+qf3Nx7Tw/2EBPSb83d/ci
h1qbt+Jr9/5hCC+U7D4haNTjKtJf0CWBO6EBvMw5VCAeLWK+nsEh3fexGhkZP4bY
BqZObRC+sSA4R32RA9Y4m0zP7bcz6Qyuhcg/F4r17TS9kitvDU8hklOVdU2mItL5
QbrsKVqa1VMVhHddFbD2lH421DLI+HsG4cOyt1mIduNWn5uNtroomWePzYAw2vKu
P1pOdmxTgO9/NfyxSfPKCZ7wEDAnl7ZQ8PRJeFxZe5XamZ01+4fRkJ05cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4+bEMQy5yj+JvF0xqKTWaAmx37MB8GA1UdIwQY
MBaAFJVuMWyYOATCUB7MWr6lOiqDtXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQt
Mzk2ZmNkYTY0OTBjLzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wMjI0MGYtZTA4MC00YmU5LTkzYzQtMzk2ZmNkYTY0OTBj
LzEvbFc0eGJKZzRCTUpRSHN4YXZxVTZLb08xY3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqHQfU9tU
ZWRzTCWrndaceZML0McK81QdfTwmc4qs+OMDYEIWG0b4otRIbxGL3Zr9X7aQUjjf
XU1cfEuIWVcAnw/dCEHZf7bFN/XqanJYAZaszQv4vJ5bkMMrP7GZqJvZ2wODhTTw
13ftcheoCsaezg8q4uVUu0jUTQ1p96JSW674bKtAyVa5+YhqUOe4D3BkDhM+QoX+
x4zmL/V/AQNPul9whgZ70zZnqvfMe2tv9G+MF53pRHlmjAvFe44yImu8BDP84apj
EUS0UXmVq2k2L/vhzICMDibVBMmrVK5VfzJLfh/NSHJ9tCSROn9wbJiKmmUodfP9
uakg/pXVxfrvFQ==
-----END CERTIFICATE-----