Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
File:                     lkptHqRrxAuqMavE9ByQZn7-Nu0.mft (raw, json)
Hash identifier:          yjptyHnK7aQiGiwuBUFldecLciUKYzmmFgk8I2Su+I4=
Subject key identifier:   88:7A:97:53:8F:0C:F7:8D:CB:3E:89:03:52:BA:82:E9:0E:D3:BA:13
Authority key identifier: 96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED
Certificate issuer:       /CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
Certificate serial:       019D27040442C012FEFEB095395A47FF6B72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
Manifest number:          0952
Signing time:             Wed 25 Mar 2026 22:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:07 +0000
Files and hashes:         1: lkptHqRrxAuqMavE9ByQZn7-Nu0.crl (hash: KNCwSAyXMxgPjH+OpVdZOHdERpBGDRjHY+xv2eVrUoU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:04:42:c0:12:fe:fe:b0:95:39:5a:47:ff:6b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
        Validity
            Not Before: Mar 25 22:01:07 2026 GMT
            Not After : Mar 26 22:01:07 2026 GMT
        Subject: CN=887a97538f0cf78dcb3e890352ba82e90ed3ba13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:48:2d:48:50:dc:19:44:29:3b:b9:ae:c6:1c:
                    2c:5d:fe:75:d7:e7:9b:03:94:f2:e9:89:cf:a3:ec:
                    23:d5:1b:b9:40:11:4c:b4:95:e7:31:a4:d1:af:e2:
                    19:26:af:67:b0:2b:80:10:f9:86:7e:85:b5:44:19:
                    6c:c9:92:94:e6:10:c8:b2:e6:47:2a:eb:df:5c:94:
                    dc:78:1f:a5:bc:95:43:86:f1:6a:24:ac:f0:98:4b:
                    b8:7a:2a:95:c6:da:3e:9e:84:fb:90:d4:10:65:78:
                    68:af:2a:2c:fa:ff:c4:d5:b9:56:22:aa:54:5b:c0:
                    e5:68:37:33:8e:2f:2d:ef:c0:8d:5b:84:7a:06:f8:
                    43:89:c6:bd:2c:85:fd:eb:04:7b:a7:4a:47:b3:63:
                    af:a1:fe:fe:de:3b:10:1e:e3:4e:fe:5b:03:22:d2:
                    bc:5a:60:21:82:98:52:ab:f1:7e:a1:76:cb:30:ab:
                    39:89:e0:95:2f:5b:61:be:65:43:de:4a:d6:49:75:
                    f1:64:db:d2:8f:dd:be:51:47:5c:d0:8e:5a:76:e6:
                    60:80:89:fb:bc:5f:a4:f6:3e:c5:4c:6d:c9:f9:7d:
                    a3:e1:fb:ab:b5:5e:a5:fa:2c:43:84:6d:01:08:64:
                    5c:13:d2:d3:26:dc:f9:a7:af:ca:82:67:71:4b:8e:
                    15:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7A:97:53:8F:0C:F7:8D:CB:3E:89:03:52:BA:82:E9:0E:D3:BA:13
            X509v3 Authority Key Identifier:
                keyid:96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:73:41:d2:b4:11:b0:44:49:4a:02:ec:db:5f:c9:23:ed:0d:
         5c:e6:32:91:54:93:7b:67:34:04:02:a1:f3:99:7e:9b:18:17:
         06:02:4f:ee:78:22:a7:7e:7f:5d:dd:c0:4f:f5:13:eb:4a:92:
         fd:53:36:e6:b4:ed:75:74:b4:d6:f2:c1:58:77:4b:5f:fc:66:
         1d:14:74:30:b1:e6:7a:a6:90:0d:74:b5:a9:25:2e:c2:07:69:
         4b:4a:fb:58:d7:01:bb:81:76:83:6b:e4:cc:a3:4e:6a:40:2b:
         7f:59:ac:c5:71:81:00:8e:5c:56:ee:eb:c9:2e:ea:dd:5c:37:
         0a:48:d2:65:13:be:a2:1f:a9:59:0d:dd:2a:de:ff:cd:7b:e6:
         8e:06:60:0a:13:c3:63:b9:a6:dc:d5:50:45:d5:af:c4:ee:6f:
         89:12:03:ad:d8:2d:a6:3d:da:07:3d:be:c5:09:4e:20:62:8f:
         f8:13:14:8c:50:66:be:a5:62:13:24:b0:93:3a:d1:3e:2a:43:
         81:36:5d:66:3f:4d:74:a8:5b:d1:91:ac:f8:d0:17:b7:4f:ef:
         06:03:ae:f4:e3:86:51:ae:2e:1b:3f:70:95:70:17:9f:f4:7d:
         47:14:48:4d:f9:9a:3e:75:ac:1f:ed:28:7d:33:6c:9c:97:18:
         a1:db:d6:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBARCwBL+/rCVOVpH/2tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGE2ZDFlYTQ2YmM0MGJhYTMxYWJjNGY0MWM5MDY2N2Vm
ZTM2ZWQwHhcNMjYwMzI1MjIwMTA3WhcNMjYwMzI2MjIwMTA3WjAzMTEwLwYDVQQD
Eyg4ODdhOTc1MzhmMGNmNzhkY2IzZTg5MDM1MmJhODJlOTBlZDNiYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUgtSFDcGUQpO7muxhwsXf511+eb
A5Ty6YnPo+wj1Ru5QBFMtJXnMaTRr+IZJq9nsCuAEPmGfoW1RBlsyZKU5hDIsuZH
KuvfXJTceB+lvJVDhvFqJKzwmEu4eiqVxto+noT7kNQQZXhoryos+v/E1blWIqpU
W8DlaDczji8t78CNW4R6BvhDica9LIX96wR7p0pHs2Ovof7+3jsQHuNO/lsDItK8
WmAhgphSq/F+oXbLMKs5ieCVL1thvmVD3krWSXXxZNvSj92+UUdc0I5aduZggIn7
vF+k9j7FTG3J+X2j4furtV6l+ixDhG0BCGRcE9LTJtz5p6/KgmdxS44VuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIh6l1OPDPeNyz6JA1K6gukO07oTMB8GA1UdIwQY
MBaAFJZKbR6ka8QLqjGrxPQckGZ+/jbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYt
YTA5NTFlZjdkZmNkLzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYtYTA5NTFlZjdkZmNk
LzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABnNB0rQR
sERJSgLs21/JI+0NXOYykVSTe2c0BAKh85l+mxgXBgJP7ngip35/Xd3AT/UT60qS
/VM25rTtdXS01vLBWHdLX/xmHRR0MLHmeqaQDXS1qSUuwgdpS0r7WNcBu4F2g2vk
zKNOakArf1msxXGBAI5cVu7ryS7q3Vw3CkjSZRO+oh+pWQ3dKt7/zXvmjgZgChPD
Y7mm3NVQRdWvxO5viRIDrdgtpj3aBz2+xQlOIGKP+BMUjFBmvqViEySwkzrRPipD
gTZdZj9NdKhb0ZGs+NAXt0/vBgOu9OOGUa4uGz9wlXAXn/R9RxRITfmaPnWsH+0o
fTNsnJcYodvWqQ==
-----END CERTIFICATE-----