Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
File:                     lPhZ34Ux35GpQAj0tJIKQSPrDws.mft (raw, json)
Hash identifier:          9D+fyb6RT7YPc40wu4+FnLstJpjMHBiONXhIeubM1ho=
Subject key identifier:   55:B2:5A:56:00:FB:A6:CB:B4:C5:49:E5:8A:AA:A3:CE:DA:57:28:DE
Authority key identifier: 94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B
Certificate issuer:       /CN=94f859df8531df91a94008f4b4920a4123eb0f0b
Certificate serial:       019D2704556993066BE6E5C4154DC1FBF269
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
Manifest number:          170D
Signing time:             Wed 25 Mar 2026 22:01:28 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:28 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:28 +0000
Files and hashes:         1: lPhZ34Ux35GpQAj0tJIKQSPrDws.crl (hash: yqMjb/H+ZAjAzGBhR2OeVJNkrKjdpbXRxetCL2cGIt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:55:69:93:06:6b:e6:e5:c4:15:4d:c1:fb:f2:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f859df8531df91a94008f4b4920a4123eb0f0b
        Validity
            Not Before: Mar 25 22:01:28 2026 GMT
            Not After : Mar 26 22:01:28 2026 GMT
        Subject: CN=55b25a5600fba6cbb4c549e58aaaa3ceda5728de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c8:e8:68:da:bb:78:0c:31:31:eb:c7:f3:2d:
                    a6:4e:9f:8d:9c:3d:40:69:d1:f7:e7:ab:b6:ca:c1:
                    db:b7:d9:cc:cb:41:cd:66:3b:60:6e:5f:c0:bc:67:
                    a3:b1:ab:e3:e8:95:94:69:27:18:f9:85:12:61:21:
                    35:95:c3:59:d8:48:2a:af:e9:01:6a:b5:dc:38:a2:
                    56:a0:16:48:30:a5:6b:9b:bc:1a:af:16:2b:93:2b:
                    75:37:a7:35:a9:cc:6e:34:ad:4b:bb:2d:34:41:1b:
                    dc:b2:e9:97:31:23:d6:9f:57:11:11:c4:b5:eb:14:
                    5c:09:64:e3:f0:3b:8b:c9:11:e2:b1:02:5a:9a:ee:
                    9b:71:53:fa:bb:f4:18:aa:11:cd:1c:83:4f:7a:50:
                    1e:60:fd:c3:73:8b:f3:9c:c1:5e:46:01:0e:17:8d:
                    6c:4d:e6:e4:cd:ba:10:47:b3:94:97:ef:a5:65:94:
                    62:2e:ed:6f:51:9b:38:83:73:88:a6:e9:51:6c:d0:
                    99:36:e5:66:13:b6:d7:bc:8e:1f:a6:5a:48:55:32:
                    1f:f1:6a:cc:35:df:d6:df:13:a2:e0:74:f8:78:cb:
                    53:6d:03:4c:91:be:ec:a0:c9:07:18:ea:4c:98:86:
                    eb:ab:36:4a:86:c9:33:2c:47:d9:29:fd:a1:65:52:
                    6f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:B2:5A:56:00:FB:A6:CB:B4:C5:49:E5:8A:AA:A3:CE:DA:57:28:DE
            X509v3 Authority Key Identifier:
                keyid:94:F8:59:DF:85:31:DF:91:A9:40:08:F4:B4:92:0A:41:23:EB:0F:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPhZ34Ux35GpQAj0tJIKQSPrDws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dc9224-3cd7-437d-a1dc-e8c39cf66b3f/1/lPhZ34Ux35GpQAj0tJIKQSPrDws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:c9:8d:66:b2:f5:3f:10:cc:f4:9b:54:48:3b:8b:90:30:92:
         36:ab:79:6e:a3:b7:0b:c8:ec:a6:72:96:98:69:78:ae:6d:a8:
         f6:67:d9:56:fd:0e:72:b4:e4:7d:d2:fb:3e:c1:f2:e1:9f:14:
         20:b0:46:0b:ee:86:57:f6:4c:25:86:83:dd:fa:ac:1c:7c:6f:
         f9:47:57:ba:9c:13:df:47:28:53:3f:b0:50:0b:9c:36:ea:03:
         f5:9f:bd:ee:d6:f5:ed:50:12:25:19:70:e2:45:14:97:19:68:
         2e:bd:a2:ec:4d:c7:e9:6b:a9:3a:c6:39:b9:3f:95:50:d0:9d:
         88:7d:68:d8:ee:66:06:21:d3:b5:64:f2:98:fa:f7:27:b5:96:
         fb:82:fb:41:47:9e:7f:c8:b0:bd:4d:81:ec:ed:aa:c1:be:48:
         10:60:c9:fd:aa:90:17:77:fd:8d:6d:c3:07:b6:bb:69:20:f5:
         9b:77:fc:5a:59:4b:9d:ec:2b:53:25:6c:89:93:45:63:c0:e8:
         28:1d:35:e0:4c:ed:15:61:63:76:5b:27:b6:f9:c5:e5:88:b5:
         d7:45:40:3e:2a:d3:a1:03:0f:ab:53:25:17:09:23:6d:62:80:
         64:4f:f6:1f:76:d6:ba:49:ee:7f:a3:00:a2:47:e7:54:b1:98:
         58:c5:b1:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBFVpkwZr5uXEFU3B+/JpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Zjg1OWRmODUzMWRmOTFhOTQwMDhmNGI0OTIwYTQxMjNl
YjBmMGIwHhcNMjYwMzI1MjIwMTI4WhcNMjYwMzI2MjIwMTI4WjAzMTEwLwYDVQQD
Eyg1NWIyNWE1NjAwZmJhNmNiYjRjNTQ5ZTU4YWFhYTNjZWRhNTcyOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MjoaNq7eAwxMevH8y2mTp+NnD1A
adH356u2ysHbt9nMy0HNZjtgbl/AvGejsavj6JWUaScY+YUSYSE1lcNZ2Egqr+kB
arXcOKJWoBZIMKVrm7warxYrkyt1N6c1qcxuNK1Luy00QRvcsumXMSPWn1cREcS1
6xRcCWTj8DuLyRHisQJamu6bcVP6u/QYqhHNHINPelAeYP3Dc4vznMFeRgEOF41s
TebkzboQR7OUl++lZZRiLu1vUZs4g3OIpulRbNCZNuVmE7bXvI4fplpIVTIf8WrM
Nd/W3xOi4HT4eMtTbQNMkb7soMkHGOpMmIbrqzZKhskzLEfZKf2hZVJvBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWyWlYA+6bLtMVJ5Yqqo87aVyjeMB8GA1UdIwQY
MBaAFJT4Wd+FMd+RqUAI9LSSCkEj6w8LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMt
ZThjMzljZjY2YjNmLzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kYzkyMjQtM2NkNy00MzdkLWExZGMtZThjMzljZjY2YjNm
LzEvbFBoWjM0VXgzNUdwUUFqMHRKSUtRU1ByRHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp8mNZrL1
PxDM9JtUSDuLkDCSNqt5bqO3C8jspnKWmGl4rm2o9mfZVv0OcrTkfdL7PsHy4Z8U
ILBGC+6GV/ZMJYaD3fqsHHxv+UdXupwT30coUz+wUAucNuoD9Z+97tb17VASJRlw
4kUUlxloLr2i7E3H6WupOsY5uT+VUNCdiH1o2O5mBiHTtWTymPr3J7WW+4L7QUee
f8iwvU2B7O2qwb5IEGDJ/aqQF3f9jW3DB7a7aSD1m3f8WllLnewrUyVsiZNFY8Do
KB014EztFWFjdlsntvnF5Yi110VAPirToQMPq1MlFwkjbWKAZE/2H3bWuknuf6MA
okfnVLGYWMWxWQ==
-----END CERTIFICATE-----