Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
File:                     L1OI95ZqevrAc2x57WA7K3iGVsQ.mft (raw, json)
Hash identifier:          Sed8bxftvZUyMgwafTX7FPP9ad0YDx+p6j3s5nM6/IM=
Subject key identifier:   6A:05:2D:C0:FA:D0:76:57:CE:34:96:6E:6C:F2:39:D3:E7:5E:82:1C
Authority key identifier: 2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4
Certificate issuer:       /CN=2f5388f7966a7afac0736c79ed603b2b788656c4
Certificate serial:       019D25BA75F4037F1625887EFE536BCA379F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
Manifest number:          02FC
Signing time:             Wed 25 Mar 2026 16:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:09 +0000
Files and hashes:         1: L1OI95ZqevrAc2x57WA7K3iGVsQ.crl (hash: KZksdbbmjTIApQUpaBCpCwYM6cH7/gBtVW+QgWeWrJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:75:f4:03:7f:16:25:88:7e:fe:53:6b:ca:37:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f5388f7966a7afac0736c79ed603b2b788656c4
        Validity
            Not Before: Mar 25 16:01:09 2026 GMT
            Not After : Mar 26 16:01:09 2026 GMT
        Subject: CN=6a052dc0fad07657ce34966e6cf239d3e75e821c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3d:6c:0f:43:e0:22:57:54:4c:ac:af:d9:5a:
                    cf:53:63:e6:30:40:91:d2:53:e6:65:26:a0:49:ce:
                    0d:e9:07:35:14:4b:de:be:93:5a:80:0f:61:97:fd:
                    95:c6:aa:64:83:73:02:c6:33:5f:f7:14:e3:86:11:
                    a0:39:5c:c9:27:62:59:16:95:c8:0b:d0:48:0c:dc:
                    76:4f:fb:06:79:9c:57:14:e7:94:ef:82:51:3f:5e:
                    f7:13:d3:1d:30:fe:c2:89:fc:3f:25:9c:88:62:00:
                    d5:4f:af:e3:ad:a2:ca:7e:ab:f8:83:dc:64:5e:f1:
                    01:56:8c:ba:44:6d:6b:fd:8f:95:59:70:5d:98:d5:
                    a8:b6:09:26:b1:a9:82:ad:2a:60:63:d8:eb:1c:27:
                    22:27:59:e6:5d:28:a6:ea:1d:31:05:9c:b5:b8:ed:
                    b0:3f:b2:57:80:64:f6:91:75:b1:04:51:11:2e:67:
                    b1:3a:63:07:07:f7:49:07:e3:f3:50:40:da:a3:ba:
                    8b:16:be:24:f7:e3:4d:c4:63:d6:73:9d:6e:00:06:
                    c0:bd:9e:fd:c1:28:1b:cf:da:e2:d6:92:20:54:9e:
                    79:d5:72:5c:76:f4:f4:d7:04:37:d6:ec:9e:8e:c2:
                    4a:57:d0:27:97:35:56:38:9e:5f:f5:a0:39:06:04:
                    6c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:05:2D:C0:FA:D0:76:57:CE:34:96:6E:6C:F2:39:D3:E7:5E:82:1C
            X509v3 Authority Key Identifier:
                keyid:2F:53:88:F7:96:6A:7A:FA:C0:73:6C:79:ED:60:3B:2B:78:86:56:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1OI95ZqevrAc2x57WA7K3iGVsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/225f46-c456-4f65-a3db-4190b18460a7/1/L1OI95ZqevrAc2x57WA7K3iGVsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:23:9d:e8:75:18:84:11:86:6f:b2:d3:7d:36:ac:74:15:af:
         49:f9:1d:2a:95:23:e2:b6:5b:c9:4b:35:25:d5:8d:36:c5:a8:
         6d:0e:fc:2a:66:c0:c8:6c:be:1f:b5:60:2b:70:60:e3:8c:90:
         ad:37:e7:8a:4f:97:b4:c1:af:25:24:fb:cd:95:2d:b4:04:96:
         52:c5:d1:ae:9d:2f:ba:95:5c:79:8b:c9:76:36:8f:51:93:0b:
         43:78:9c:92:2f:84:17:ea:49:65:2a:09:c6:9d:99:9a:05:62:
         85:72:b0:87:4e:08:62:87:e7:6f:31:93:e9:7d:5c:58:58:09:
         3b:60:fa:69:25:9f:30:33:9d:cd:7b:68:27:bb:87:04:2b:39:
         c2:5d:a6:75:99:63:c4:32:52:29:ff:ac:fd:61:ee:a4:12:04:
         6c:ab:f7:e4:a2:e4:1e:79:de:a7:ea:79:30:1b:2b:b6:8a:b8:
         dd:c0:cb:39:e4:31:75:05:1c:aa:02:88:0b:fb:f1:4a:11:5e:
         0b:77:30:82:c0:54:44:a7:86:22:ca:f6:13:f7:52:00:17:9b:
         8e:d5:47:33:c9:e3:1f:34:1a:dd:a7:cf:de:a8:4a:66:8b:a9:
         d5:5c:28:ac:b8:c7:3a:72:c5:23:95:0f:a7:e2:cb:1f:5f:52:
         63:1e:3f:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lunX0A38WJYh+/lNryjefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTM4OGY3OTY2YTdhZmFjMDczNmM3OWVkNjAzYjJiNzg4
NjU2YzQwHhcNMjYwMzI1MTYwMTA5WhcNMjYwMzI2MTYwMTA5WjAzMTEwLwYDVQQD
Eyg2YTA1MmRjMGZhZDA3NjU3Y2UzNDk2NmU2Y2YyMzlkM2U3NWU4MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD1sD0PgIldUTKyv2VrPU2PmMECR
0lPmZSagSc4N6Qc1FEvevpNagA9hl/2Vxqpkg3MCxjNf9xTjhhGgOVzJJ2JZFpXI
C9BIDNx2T/sGeZxXFOeU74JRP173E9MdMP7Cifw/JZyIYgDVT6/jraLKfqv4g9xk
XvEBVoy6RG1r/Y+VWXBdmNWotgkmsamCrSpgY9jrHCciJ1nmXSim6h0xBZy1uO2w
P7JXgGT2kXWxBFERLmexOmMHB/dJB+PzUEDao7qLFr4k9+NNxGPWc51uAAbAvZ79
wSgbz9ri1pIgVJ551XJcdvT01wQ31uyejsJKV9AnlzVWOJ5f9aA5BgRstwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGoFLcD60HZXzjSWbmzyOdPnXoIcMB8GA1UdIwQY
MBaAFC9TiPeWanr6wHNsee1gOyt4hlbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGIt
NDE5MGIxODQ2MGE3LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yMjVmNDYtYzQ1Ni00ZjY1LWEzZGItNDE5MGIxODQ2MGE3
LzEvTDFPSTk1WnFldnJBYzJ4NTdXQTdLM2lHVnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaiOd6HUY
hBGGb7LTfTasdBWvSfkdKpUj4rZbyUs1JdWNNsWobQ78KmbAyGy+H7VgK3Bg44yQ
rTfnik+XtMGvJST7zZUttASWUsXRrp0vupVceYvJdjaPUZMLQ3icki+EF+pJZSoJ
xp2ZmgVihXKwh04IYofnbzGT6X1cWFgJO2D6aSWfMDOdzXtoJ7uHBCs5wl2mdZlj
xDJSKf+s/WHupBIEbKv35KLkHnnep+p5MBsrtoq43cDLOeQxdQUcqgKIC/vxShFe
C3cwgsBURKeGIsr2E/dSABebjtVHM8njHzQa3afP3qhKZoup1VworLjHOnLFI5UP
p+LLH19SYx4/HA==
-----END CERTIFICATE-----