Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft
File:                     l4ag6hgbRs2isjOCKvEAPBuxz40.mft (raw, json)
Hash identifier:          PMmz3LuKFdC4XNN+TO8Uf2cgWzE0hAJlIN6/a71cl1M=
Subject key identifier:   69:04:D9:37:E3:5A:21:60:24:29:43:CB:5F:6B:9D:DA:61:47:CF:29
Authority key identifier: 97:86:A0:EA:18:1B:46:CD:A2:B2:33:82:2A:F1:00:3C:1B:B1:CF:8D
Certificate issuer:       /CN=9786a0ea181b46cda2b233822af1003c1bb1cf8d
Certificate serial:       019D29970BF83C7EE2573B5C4536EC3DDC77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft
Manifest number:          021E
Signing time:             Thu 26 Mar 2026 10:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:58 +0000
Files and hashes:         1: l4ag6hgbRs2isjOCKvEAPBuxz40.crl (hash: i1LuG24vI2J7dLFEtlNvfs6hr8DH0/O3dTmF+ZQRvLE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:0b:f8:3c:7e:e2:57:3b:5c:45:36:ec:3d:dc:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9786a0ea181b46cda2b233822af1003c1bb1cf8d
        Validity
            Not Before: Mar 26 10:00:58 2026 GMT
            Not After : Mar 27 10:00:58 2026 GMT
        Subject: CN=6904d937e35a2160242943cb5f6b9dda6147cf29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:35:50:68:f3:60:52:61:b0:5c:43:6f:78:05:
                    20:49:b9:82:e6:e7:c2:40:f8:d6:e6:3c:4b:b6:b8:
                    ae:24:d7:8d:33:37:f5:b1:57:7a:21:43:72:c5:64:
                    f0:c4:be:72:7b:da:de:6e:e1:e3:76:13:a8:b4:e2:
                    86:f2:b8:e4:28:ee:7f:6f:d1:0d:05:f1:bc:e2:0b:
                    7f:8e:92:c6:85:67:01:98:28:ca:99:b1:d4:e3:22:
                    2a:6b:fa:ff:d6:b3:f0:a7:7f:a0:57:f3:56:fd:1b:
                    1b:92:67:ec:a0:af:e0:da:92:28:1b:4f:8d:76:1d:
                    54:76:f8:35:ab:db:55:39:85:87:a4:8d:f3:8c:e5:
                    ac:4c:e4:05:6b:18:6e:be:84:69:01:55:71:e1:4f:
                    ad:58:2e:d0:61:3e:06:c6:7f:24:12:ac:bc:07:66:
                    41:42:92:ee:b8:31:6f:5d:8b:ed:f5:e2:14:4d:72:
                    af:a4:8e:34:75:11:f8:06:71:ac:8e:57:3a:46:68:
                    e1:bc:bb:37:f8:3c:59:52:38:21:52:f8:48:3b:7f:
                    fb:b5:b1:27:9a:b1:4e:71:15:d0:98:2c:41:38:aa:
                    9c:e7:30:e0:ce:39:98:89:c3:9d:ad:13:b1:26:e9:
                    56:f1:88:7a:0e:dd:21:2d:85:5f:ea:f6:d9:66:60:
                    dc:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:04:D9:37:E3:5A:21:60:24:29:43:CB:5F:6B:9D:DA:61:47:CF:29
            X509v3 Authority Key Identifier:
                keyid:97:86:A0:EA:18:1B:46:CD:A2:B2:33:82:2A:F1:00:3C:1B:B1:CF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:91:12:91:93:38:ea:dc:f9:d5:14:67:f6:fe:05:a3:cc:bd:
         8f:8d:b4:e4:ed:5d:d5:9b:af:75:24:ae:66:e3:77:35:6c:ed:
         5a:c1:c3:47:3d:f0:97:ff:34:20:37:a0:13:4c:62:5f:b8:b4:
         af:eb:9a:e3:f4:e2:61:a5:fd:71:38:ec:8c:6b:33:28:ad:5e:
         f5:00:56:bd:36:64:ee:e3:60:b2:ac:da:54:9a:c5:55:25:eb:
         8a:d0:68:6c:25:73:d4:6e:4f:00:fc:dd:ba:c8:d4:69:4a:b5:
         17:f2:89:a4:cd:46:94:62:60:50:cd:54:fb:f9:22:7a:f7:67:
         b5:9b:3a:25:82:58:57:6f:87:90:ca:5f:65:82:3f:f9:c8:f9:
         91:a7:e1:67:39:fb:e1:cf:93:6b:b9:cb:28:1a:0e:e8:e5:f2:
         5f:09:cd:1c:a0:0a:0a:60:ef:9b:17:80:30:8c:95:79:cf:6c:
         9f:4b:2e:d3:91:bb:db:f2:93:14:21:49:a3:a2:85:47:74:56:
         41:a2:2e:ea:45:a8:47:cf:22:e3:1b:2f:12:38:b4:96:c1:02:
         d5:ae:9d:46:42:04:2a:ac:e2:6c:6a:23:26:d7:54:79:7f:9d:
         e8:55:1e:bb:3a:d2:aa:51:fe:b2:f5:36:27:f4:82:35:1d:13:
         d5:23:77:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plwv4PH7iVztcRTbsPdx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODZhMGVhMTgxYjQ2Y2RhMmIyMzM4MjJhZjEwMDNjMWJi
MWNmOGQwHhcNMjYwMzI2MTAwMDU4WhcNMjYwMzI3MTAwMDU4WjAzMTEwLwYDVQQD
Eyg2OTA0ZDkzN2UzNWEyMTYwMjQyOTQzY2I1ZjZiOWRkYTYxNDdjZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTVQaPNgUmGwXENveAUgSbmC5ufC
QPjW5jxLtriuJNeNMzf1sVd6IUNyxWTwxL5ye9rebuHjdhOotOKG8rjkKO5/b9EN
BfG84gt/jpLGhWcBmCjKmbHU4yIqa/r/1rPwp3+gV/NW/RsbkmfsoK/g2pIoG0+N
dh1Udvg1q9tVOYWHpI3zjOWsTOQFaxhuvoRpAVVx4U+tWC7QYT4Gxn8kEqy8B2ZB
QpLuuDFvXYvt9eIUTXKvpI40dRH4BnGsjlc6RmjhvLs3+DxZUjghUvhIO3/7tbEn
mrFOcRXQmCxBOKqc5zDgzjmYicOdrROxJulW8Yh6Dt0hLYVf6vbZZmDcSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkE2TfjWiFgJClDy19rndphR88pMB8GA1UdIwQY
MBaAFJeGoOoYG0bNorIzgirxADwbsc+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yZTY1YzktYTA0ZS00Yjg3LWEzZmUt
NjUwMzY0ODcxMWJhLzEvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yZTY1YzktYTA0ZS00Yjg3LWEzZmUtNjUwMzY0ODcxMWJh
LzEvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5ESkZM4
6tz51RRn9v4Fo8y9j4205O1d1ZuvdSSuZuN3NWztWsHDRz3wl/80IDegE0xiX7i0
r+ua4/TiYaX9cTjsjGszKK1e9QBWvTZk7uNgsqzaVJrFVSXritBobCVz1G5PAPzd
usjUaUq1F/KJpM1GlGJgUM1U+/kievdntZs6JYJYV2+HkMpfZYI/+cj5kafhZzn7
4c+Ta7nLKBoO6OXyXwnNHKAKCmDvmxeAMIyVec9sn0su05G72/KTFCFJo6KFR3RW
QaIu6kWoR88i4xsvEji0lsEC1a6dRkIEKqzibGojJtdUeX+d6FUeuzrSqlH+svU2
J/SCNR0T1SN3HQ==
-----END CERTIFICATE-----