Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          to3zeWqXTfkBH87qX8pvqO8EMZCS+WAnSSpQsg66qC4=
Subject key identifier:   20:31:BF:8C:FE:63:20:5D:D8:62:D7:C4:53:0B:18:97:27:8F:63:5E
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       019D28F2FEA87FFEE0ED6C2EA3538ABB4E45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 07:01:46 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:46 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:46 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: Q+mv/N0DM42UhGFLrFf6rdhLdpfmqDmNMhLboyMlCMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:fe:a8:7f:fe:e0:ed:6c:2e:a3:53:8a:bb:4e:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Mar 26 07:01:46 2026 GMT
            Not After : Mar 27 07:01:46 2026 GMT
        Subject: CN=2031bf8cfe63205dd862d7c4530b1897278f635e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:77:f4:f3:2a:f8:42:cc:a9:15:2a:a0:ca:b2:
                    0f:76:3e:47:26:a4:7f:e7:4b:ff:46:ef:c4:69:d2:
                    c7:ab:02:75:78:8f:95:28:75:5f:7b:25:bc:19:68:
                    5a:5d:ea:43:5a:91:11:7d:31:b2:b7:87:cc:50:5c:
                    a5:5d:58:98:b7:86:f1:3a:15:6d:48:32:63:3e:76:
                    a2:70:e8:5b:36:9d:28:0b:81:34:b1:3a:a4:fd:f5:
                    26:7f:30:3c:21:cc:d2:e8:76:aa:d6:3c:a2:ac:21:
                    2c:22:b2:b9:cc:fd:b1:f9:e6:4e:df:18:41:f2:91:
                    0a:fc:51:bd:e1:50:fb:81:6f:93:8a:19:9b:03:f5:
                    6d:81:24:49:f8:d8:bd:58:fa:61:ba:5b:3e:e9:6c:
                    7c:9d:81:10:d8:48:85:df:fc:6a:dc:1d:1e:16:d8:
                    f6:52:ad:c8:50:14:d7:df:8e:31:09:87:76:0f:88:
                    5a:8c:63:90:c9:3d:dd:f0:03:cc:9e:85:e4:31:dd:
                    b1:18:b2:31:0d:00:2d:7c:6b:52:8a:5b:af:36:fb:
                    71:61:c2:6e:48:83:f8:04:f0:e1:6c:f6:7d:c8:77:
                    16:a6:39:4f:4d:5e:30:97:95:0d:a4:c4:48:b0:96:
                    1b:67:73:84:9b:ba:72:1a:f5:f7:f8:b1:99:07:fe:
                    58:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:31:BF:8C:FE:63:20:5D:D8:62:D7:C4:53:0B:18:97:27:8F:63:5E
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:04:e4:b4:9a:a2:95:5c:05:6e:10:1c:81:c6:77:ec:c2:3d:
         cf:9c:75:c0:db:27:3b:14:30:70:3f:77:d4:a4:fc:47:37:41:
         bb:f6:c5:9a:d6:f8:6e:f7:bb:5d:ca:03:0a:fe:ea:c0:72:43:
         db:aa:1c:e7:96:0c:9a:14:ec:7c:62:e5:27:09:6e:6e:d3:24:
         63:80:57:bb:aa:9c:c1:fc:e1:66:d1:7c:56:d6:57:d1:2e:ab:
         10:54:a7:54:3c:bf:5c:d6:0a:cf:ef:92:b5:50:66:b8:b1:26:
         ab:a1:ed:47:ae:97:7d:e2:34:cc:21:e7:09:5e:13:e6:4e:59:
         48:74:b4:6b:26:2c:0e:6c:07:86:ea:09:7c:09:bf:c5:54:f6:
         1e:f4:3f:d2:a2:06:47:b0:11:4a:ac:a8:4d:21:ef:bf:1d:92:
         38:6d:e9:32:7d:aa:a5:e2:c2:5b:14:cf:d3:49:1e:3d:8d:90:
         24:60:31:e1:62:ce:6b:17:69:4e:61:7e:29:06:11:26:b4:e5:
         51:19:cf:97:29:2f:76:11:61:c4:21:0f:44:ac:ee:a6:aa:4a:
         92:2d:80:52:5b:86:67:d2:22:77:69:02:9d:1e:42:38:49:fc:
         3a:bf:97:57:f2:ea:25:92:f2:13:22:e9:54:57:29:27:22:7a:
         d0:32:da:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8v6of/7g7Wwuo1OKu05FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjYwMzI2MDcwMTQ2WhcNMjYwMzI3MDcwMTQ2WjAzMTEwLwYDVQQD
EygyMDMxYmY4Y2ZlNjMyMDVkZDg2MmQ3YzQ1MzBiMTg5NzI3OGY2MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnf08yr4QsypFSqgyrIPdj5HJqR/
50v/Ru/EadLHqwJ1eI+VKHVfeyW8GWhaXepDWpERfTGyt4fMUFylXViYt4bxOhVt
SDJjPnaicOhbNp0oC4E0sTqk/fUmfzA8IczS6Haq1jyirCEsIrK5zP2x+eZO3xhB
8pEK/FG94VD7gW+TihmbA/VtgSRJ+Ni9WPphuls+6Wx8nYEQ2EiF3/xq3B0eFtj2
Uq3IUBTX344xCYd2D4hajGOQyT3d8APMnoXkMd2xGLIxDQAtfGtSiluvNvtxYcJu
SIP4BPDhbPZ9yHcWpjlPTV4wl5UNpMRIsJYbZ3OEm7pyGvX3+LGZB/5YlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAxv4z+YyBd2GLXxFMLGJcnj2NeMB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwTktJqi
lVwFbhAcgcZ37MI9z5x1wNsnOxQwcD931KT8RzdBu/bFmtb4bve7XcoDCv7qwHJD
26oc55YMmhTsfGLlJwlubtMkY4BXu6qcwfzhZtF8VtZX0S6rEFSnVDy/XNYKz++S
tVBmuLEmq6HtR66XfeI0zCHnCV4T5k5ZSHS0ayYsDmwHhuoJfAm/xVT2HvQ/0qIG
R7ARSqyoTSHvvx2SOG3pMn2qpeLCWxTP00kePY2QJGAx4WLOaxdpTmF+KQYRJrTl
URnPlykvdhFhxCEPRKzupqpKki2AUluGZ9Iid2kCnR5COEn8Or+XV/LqJZLyEyLp
VFcpJyJ60DLaQQ==
-----END CERTIFICATE-----