Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
File:                     la6L0zJJzx7V8NQ5gUfv0y0lQho.mft (raw, json)
Hash identifier:          Aw8mILNrL7zBEneVpV0k96aWekin0Pz2BcmCnL8b1ok=
Subject key identifier:   88:3C:00:98:04:F8:8C:30:AA:C8:00:AD:57:BB:C1:DD:A1:C7:27:BC
Authority key identifier: 95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A
Certificate issuer:       /CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
Certificate serial:       019D28F2DFCE3C643A685EBF38872968DA06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
Manifest number:          0FF6
Signing time:             Thu 26 Mar 2026 07:01:38 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:38 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:38 +0000
Files and hashes:         1: la6L0zJJzx7V8NQ5gUfv0y0lQho.crl (hash: XXl217lA00iLfVDr4cdyfxu1rZvGoW/VHZanKQuJ+yY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:df:ce:3c:64:3a:68:5e:bf:38:87:29:68:da:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95ae8bd33249cf1ed5f0d4398147efd32d25421a
        Validity
            Not Before: Mar 26 07:01:38 2026 GMT
            Not After : Mar 27 07:01:38 2026 GMT
        Subject: CN=883c009804f88c30aac800ad57bbc1dda1c727bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:33:bf:70:dc:e9:9c:3f:d0:8f:10:78:13:59:
                    01:a7:a4:24:df:a9:83:07:8a:68:50:72:64:d0:af:
                    8b:8c:9a:e2:86:c6:19:4b:8b:25:a6:84:a1:be:26:
                    5a:a2:13:1f:a4:b4:c3:f2:7f:1c:af:3b:0b:79:d7:
                    f5:03:59:a0:c9:61:cd:7c:bc:17:f3:45:ba:c4:b8:
                    8d:ba:7b:68:b3:42:26:f0:9e:59:06:ae:7f:9d:60:
                    47:3c:72:93:63:a6:44:95:cc:19:5c:a7:2a:f0:a1:
                    39:80:ae:51:6f:3e:74:14:85:4b:6a:5f:67:b4:77:
                    d2:eb:df:3a:32:59:c3:5c:57:00:19:e2:3d:1a:1e:
                    3d:58:b5:fe:21:fb:e0:f4:17:86:06:cf:a7:55:e1:
                    c4:fe:ff:55:12:77:8d:42:9d:7a:17:61:18:19:92:
                    5c:a0:16:ce:4b:4a:23:de:38:63:55:ff:5e:70:53:
                    87:82:ad:65:e3:b8:ca:89:66:f3:fc:77:e2:36:16:
                    ba:78:4e:ac:f7:c4:60:94:65:62:0e:4c:5a:f9:5b:
                    94:5a:b1:81:17:4a:da:a0:84:1a:e3:50:30:e5:ff:
                    17:67:10:9c:e8:10:bd:81:56:6b:a3:19:66:95:69:
                    96:16:3e:b3:ef:0c:08:3b:34:19:de:00:fa:a0:ff:
                    b3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:3C:00:98:04:F8:8C:30:AA:C8:00:AD:57:BB:C1:DD:A1:C7:27:BC
            X509v3 Authority Key Identifier:
                keyid:95:AE:8B:D3:32:49:CF:1E:D5:F0:D4:39:81:47:EF:D3:2D:25:42:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/la6L0zJJzx7V8NQ5gUfv0y0lQho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/e27d9b-931a-488b-ac35-8ffbd6c73bf5/1/la6L0zJJzx7V8NQ5gUfv0y0lQho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:52:d6:c4:28:8f:95:47:4d:68:e4:68:c2:c5:71:fd:60:7d:
         7f:e7:d4:31:4c:5b:0b:13:6c:ba:98:c3:9b:8f:b5:84:4a:19:
         19:8f:7f:86:1e:7f:2a:54:41:a4:26:e5:61:62:64:20:7e:7c:
         e7:8c:0b:33:9e:5e:e6:7a:5a:bf:fe:5f:c7:3c:52:4b:3a:6c:
         41:e4:8e:cd:89:d0:6f:56:eb:e9:2e:fb:3d:eb:eb:88:63:69:
         d9:44:cd:e9:6f:cc:ce:f0:61:8f:cf:ae:8f:44:6e:fd:54:ec:
         ed:d4:04:96:c9:2b:0c:1d:32:45:3d:64:cc:40:91:21:b3:c9:
         25:21:3e:11:cf:2f:0a:24:d5:c5:a9:10:8d:c4:b2:90:83:c6:
         15:82:f1:66:35:fd:de:9e:19:3e:9e:cc:78:03:0d:86:21:25:
         8d:77:91:94:31:80:ee:59:5f:17:b9:af:03:a5:68:ee:67:93:
         83:3f:e2:fe:6b:0a:e4:a2:71:38:86:4c:0e:0f:cd:87:20:c4:
         a9:c0:5a:ee:0c:7a:1b:59:d2:2e:c4:75:cd:36:cd:fe:81:20:
         fd:c8:bf:5b:d5:b2:f3:d0:16:8c:6a:fa:2b:af:b5:4d:5a:fc:
         04:88:2d:af:60:24:e8:0c:a5:3d:ef:76:96:39:95:e6:a8:6c:
         47:2d:87:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8t/OPGQ6aF6/OIcpaNoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YWU4YmQzMzI0OWNmMWVkNWYwZDQzOTgxNDdlZmQzMmQy
NTQyMWEwHhcNMjYwMzI2MDcwMTM4WhcNMjYwMzI3MDcwMTM4WjAzMTEwLwYDVQQD
Eyg4ODNjMDA5ODA0Zjg4YzMwYWFjODAwYWQ1N2JiYzFkZGExYzcyN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9zO/cNzpnD/QjxB4E1kBp6Qk36mD
B4poUHJk0K+LjJrihsYZS4slpoShviZaohMfpLTD8n8crzsLedf1A1mgyWHNfLwX
80W6xLiNuntos0Im8J5ZBq5/nWBHPHKTY6ZElcwZXKcq8KE5gK5Rbz50FIVLal9n
tHfS6986MlnDXFcAGeI9Gh49WLX+Ifvg9BeGBs+nVeHE/v9VEneNQp16F2EYGZJc
oBbOS0oj3jhjVf9ecFOHgq1l47jKiWbz/HfiNha6eE6s98RglGViDkxa+VuUWrGB
F0raoIQa41Aw5f8XZxCc6BC9gVZroxlmlWmWFj6z7wwIOzQZ3gD6oP+zJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIg8AJgE+IwwqsgArVe7wd2hxye8MB8GA1UdIwQY
MBaAFJWui9MySc8e1fDUOYFH79MtJUIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUt
OGZmYmQ2YzczYmY1LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lMjdkOWItOTMxYS00ODhiLWFjMzUtOGZmYmQ2YzczYmY1
LzEvbGE2TDB6Skp6eDdWOE5RNWdVZnYweTBsUWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVLWxCiP
lUdNaORowsVx/WB9f+fUMUxbCxNsupjDm4+1hEoZGY9/hh5/KlRBpCblYWJkIH58
54wLM55e5npav/5fxzxSSzpsQeSOzYnQb1br6S77PevriGNp2UTN6W/MzvBhj8+u
j0Ru/VTs7dQElskrDB0yRT1kzECRIbPJJSE+Ec8vCiTVxakQjcSykIPGFYLxZjX9
3p4ZPp7MeAMNhiEljXeRlDGA7llfF7mvA6Vo7meTgz/i/msK5KJxOIZMDg/NhyDE
qcBa7gx6G1nSLsR1zTbN/oEg/ci/W9Wy89AWjGr6K6+1TVr8BIgtr2Ak6AylPe92
ljmV5qhsRy2HkQ==
-----END CERTIFICATE-----