Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
File:                     lKTi_J7qzc9bD1CrkyhM07CUIXE.mft (raw, json)
Hash identifier:          AAX2DsbCX11MMaa2yYaGDF3bhbeYQAmoEjSmewEnbvE=
Subject key identifier:   79:A3:E6:3D:8E:11:B5:25:67:EA:B7:D2:E3:AC:7A:90:C3:97:99:43
Authority key identifier: 94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71
Certificate issuer:       /CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
Certificate serial:       019D28F2DA5A1E3D457B4E4F16D621F2E019
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
Manifest number:          1046
Signing time:             Thu 26 Mar 2026 07:01:37 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:37 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:37 +0000
Files and hashes:         1: lKTi_J7qzc9bD1CrkyhM07CUIXE.crl (hash: Z9QuXnOpNEz6M8lMiklGFg5BKkHlbirwi1IkWCRZK/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:da:5a:1e:3d:45:7b:4e:4f:16:d6:21:f2:e0:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94a4e2fc9eeacdcf5b0f50ab93284cd3b0942171
        Validity
            Not Before: Mar 26 07:01:37 2026 GMT
            Not After : Mar 27 07:01:37 2026 GMT
        Subject: CN=79a3e63d8e11b52567eab7d2e3ac7a90c3979943
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:19:3e:0e:66:de:5d:2d:c3:35:35:c7:7e:5d:
                    db:d9:f5:85:78:ee:45:84:c5:ea:fd:b8:17:f8:eb:
                    4a:54:cb:69:de:bb:3f:8b:80:3d:c7:be:d9:75:31:
                    f4:8f:0d:ea:c3:79:27:5d:31:dc:65:49:74:3b:83:
                    ee:94:4d:0f:f9:3d:5e:b4:5f:a2:a6:f1:db:40:09:
                    bf:86:0a:19:43:f5:9d:f8:70:f2:1a:c9:5a:12:7c:
                    d1:82:d3:36:e7:09:28:63:bd:43:21:c4:f0:f1:90:
                    c5:63:69:77:03:d9:e6:e0:c5:77:be:86:16:22:d9:
                    55:66:1e:2e:c3:60:5d:4e:14:ad:0e:3d:24:f8:96:
                    81:09:dc:44:ba:71:62:bb:32:92:c1:c0:58:b5:da:
                    cb:1c:e3:2f:99:f0:40:03:56:16:09:15:8f:6d:15:
                    3e:8c:d0:02:d4:92:14:c0:a8:4f:e7:0d:0d:86:24:
                    89:b0:17:b3:70:2e:5b:77:67:c5:d3:c5:1d:74:d9:
                    0b:4f:bb:bb:11:0b:77:79:f0:78:36:ef:60:a1:f6:
                    4f:8f:fc:8d:52:ed:76:ca:97:99:07:a3:36:a0:d6:
                    5e:a6:21:d6:4a:77:7c:66:2a:11:6f:45:d4:47:83:
                    64:05:6a:4e:58:14:1c:29:55:5d:0b:09:7d:3d:8d:
                    16:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:A3:E6:3D:8E:11:B5:25:67:EA:B7:D2:E3:AC:7A:90:C3:97:99:43
            X509v3 Authority Key Identifier:
                keyid:94:A4:E2:FC:9E:EA:CD:CF:5B:0F:50:AB:93:28:4C:D3:B0:94:21:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKTi_J7qzc9bD1CrkyhM07CUIXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3ff7a7-27cb-4072-b33b-0248d6afd63f/1/lKTi_J7qzc9bD1CrkyhM07CUIXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:96:c0:5a:f2:c9:36:6a:3c:99:c7:13:ee:ee:83:ea:79:41:
         ab:0a:0f:3b:ec:a8:60:dd:e5:94:5f:38:51:9e:9b:d2:3d:14:
         02:9f:20:c3:b7:ad:73:52:a7:1b:93:1c:f7:32:74:62:04:73:
         e4:c9:9d:6d:9c:e5:cb:19:24:38:39:8e:e0:02:10:40:1e:c3:
         68:97:0d:b5:88:74:23:9b:7f:16:63:ff:22:52:04:71:45:5f:
         fe:62:e0:3a:06:e5:c1:c2:b0:0c:79:fa:8e:12:15:d4:43:f7:
         36:cb:a1:50:97:62:f4:8e:96:1b:66:1a:45:36:7b:dc:a0:30:
         8a:f1:4d:4a:43:6a:3e:b7:82:eb:9f:0c:5f:0b:b0:cc:38:82:
         f0:b4:36:b0:3c:28:59:04:71:19:73:3d:64:9f:a6:46:cb:84:
         bd:d2:c5:d0:d6:89:43:e2:0b:bd:96:bb:07:57:83:65:49:97:
         ce:70:81:9c:2b:9d:68:10:b8:80:66:d4:47:2f:16:e3:e0:27:
         c4:f3:f5:9a:52:31:9b:19:3e:ed:2f:5e:2e:3e:9c:da:18:f4:
         fd:81:a4:0c:76:59:0a:b8:38:e4:eb:71:ce:43:fc:0c:9a:2c:
         2f:f7:67:c3:30:28:0d:7e:23:a3:81:37:7a:ed:7d:f8:01:d7:
         c1:e9:94:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8tpaHj1Fe05PFtYh8uAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTRlMmZjOWVlYWNkY2Y1YjBmNTBhYjkzMjg0Y2QzYjA5
NDIxNzEwHhcNMjYwMzI2MDcwMTM3WhcNMjYwMzI3MDcwMTM3WjAzMTEwLwYDVQQD
Eyg3OWEzZTYzZDhlMTFiNTI1NjdlYWI3ZDJlM2FjN2E5MGMzOTc5OTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRk+DmbeXS3DNTXHfl3b2fWFeO5F
hMXq/bgX+OtKVMtp3rs/i4A9x77ZdTH0jw3qw3knXTHcZUl0O4PulE0P+T1etF+i
pvHbQAm/hgoZQ/Wd+HDyGslaEnzRgtM25wkoY71DIcTw8ZDFY2l3A9nm4MV3voYW
ItlVZh4uw2BdThStDj0k+JaBCdxEunFiuzKSwcBYtdrLHOMvmfBAA1YWCRWPbRU+
jNAC1JIUwKhP5w0NhiSJsBezcC5bd2fF08UddNkLT7u7EQt3efB4Nu9gofZPj/yN
Uu12ypeZB6M2oNZepiHWSnd8ZioRb0XUR4NkBWpOWBQcKVVdCwl9PY0WiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmj5j2OEbUlZ+q30uOsepDDl5lDMB8GA1UdIwQY
MBaAFJSk4vye6s3PWw9Qq5MoTNOwlCFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2It
MDI0OGQ2YWZkNjNmLzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZmY3YTctMjdjYi00MDcyLWIzM2ItMDI0OGQ2YWZkNjNm
LzEvbEtUaV9KN3F6YzliRDFDcmt5aE0wN0NVSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbZbAWvLJ
Nmo8mccT7u6D6nlBqwoPO+yoYN3llF84UZ6b0j0UAp8gw7etc1KnG5Mc9zJ0YgRz
5MmdbZzlyxkkODmO4AIQQB7DaJcNtYh0I5t/FmP/IlIEcUVf/mLgOgblwcKwDHn6
jhIV1EP3NsuhUJdi9I6WG2YaRTZ73KAwivFNSkNqPreC658MXwuwzDiC8LQ2sDwo
WQRxGXM9ZJ+mRsuEvdLF0NaJQ+ILvZa7B1eDZUmXznCBnCudaBC4gGbURy8W4+An
xPP1mlIxmxk+7S9eLj6c2hj0/YGkDHZZCrg45OtxzkP8DJosL/dnwzAoDX4jo4E3
eu19+AHXwemUiQ==
-----END CERTIFICATE-----