Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          VJ/UM7tHOIClFnrtW/sOcQIYwBCIn+FYjnE4lnxs7Dg=
Subject key identifier:   4F:60:68:C1:5D:0C:F5:BB:9F:B0:AA:2E:BA:27:D9:E7:87:43:BA:23
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       019D270455CE852EFBC71F736C7573E927D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          08A5
Signing time:             Wed 25 Mar 2026 22:01:28 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:28 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:28 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: gIc+EODTzTKYHUg1yMji/mQ4FMrTKPkXFC6myygEuXY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:55:ce:85:2e:fb:c7:1f:73:6c:75:73:e9:27:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Mar 25 22:01:28 2026 GMT
            Not After : Mar 26 22:01:28 2026 GMT
        Subject: CN=4f6068c15d0cf5bb9fb0aa2eba27d9e78743ba23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:17:ed:db:f8:b6:0c:08:2c:ba:bb:a1:08:d7:
                    fa:3c:98:df:66:16:d6:42:c6:4b:a3:c3:0e:95:53:
                    24:ee:31:25:6f:90:0f:26:ca:20:7b:74:c4:16:52:
                    21:a6:56:3a:de:13:e0:18:49:b7:63:0f:ff:e1:af:
                    47:69:44:03:f7:97:e8:90:3b:05:a1:ff:70:09:65:
                    dd:91:6b:ab:2d:25:05:ce:11:ce:13:69:4e:a1:bf:
                    0f:54:2c:b7:f7:de:a4:e7:aa:52:bd:7e:01:8a:4a:
                    24:fc:9b:aa:f6:1c:19:d8:9a:27:91:a7:de:df:24:
                    aa:59:cb:10:59:2d:cf:a6:aa:42:3c:92:24:8a:bd:
                    de:f2:36:55:5b:64:d8:1f:0f:e5:00:62:0f:61:e0:
                    c0:0d:eb:88:64:53:91:36:eb:88:00:e6:22:11:87:
                    82:6d:de:bf:0b:0b:d2:ed:ed:74:9c:a0:b3:60:62:
                    67:f1:99:85:6a:b8:1d:0e:a5:a8:f8:5e:75:9c:e3:
                    bf:9c:d9:5b:fd:a1:f8:a2:87:6a:5e:b4:7b:fc:98:
                    da:b2:52:56:ca:0d:2f:4e:5e:07:41:d9:e0:7d:88:
                    5a:5b:ec:51:20:d4:d1:cc:a8:db:53:4b:61:85:11:
                    35:16:8a:75:d2:f3:c5:55:cf:a1:ed:d6:c6:b3:54:
                    89:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:60:68:C1:5D:0C:F5:BB:9F:B0:AA:2E:BA:27:D9:E7:87:43:BA:23
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:86:11:1d:b0:c7:6e:6f:3e:a6:73:76:d7:c2:f9:6c:d5:68:
         0e:fe:57:11:99:a4:59:b2:81:04:66:76:8c:b3:34:b5:26:40:
         aa:06:71:af:fc:37:fc:22:34:f7:25:d0:c4:e0:72:97:96:63:
         93:88:a8:74:40:44:5b:84:2b:70:0a:4d:a1:ef:af:82:df:85:
         bf:4b:f4:04:e0:11:6c:bb:d1:42:6b:b2:40:74:20:1e:16:20:
         5b:3e:6d:c3:04:6e:f2:8a:ba:07:3d:de:4f:74:38:0d:6d:4b:
         de:0c:ea:27:f8:f6:00:1a:34:da:96:91:d2:bf:e3:b3:e3:b3:
         5d:e1:2e:57:97:65:f0:75:86:00:04:6b:ce:4f:e0:58:24:72:
         12:aa:b9:c5:87:85:c5:83:78:ca:a4:a5:32:6f:51:25:fc:6f:
         cb:ce:fd:ea:cc:6e:bb:44:61:7f:53:74:b8:d3:1e:a4:27:59:
         6d:2f:20:7a:fb:cb:43:ae:30:e8:ba:68:86:32:c9:19:e6:e8:
         24:eb:26:42:ff:cf:fd:19:d0:b2:b2:ea:97:3d:b2:d3:8a:55:
         8f:a8:0b:83:1a:23:7a:47:29:04:9b:20:6a:2e:64:33:cd:db:
         98:5b:85:8e:59:d5:05:23:a0:c1:8f:30:dc:67:c8:f0:3b:b0:
         89:b9:85:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBFXOhS77xx9zbHVz6SfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjYwMzI1MjIwMTI4WhcNMjYwMzI2MjIwMTI4WjAzMTEwLwYDVQQD
Eyg0ZjYwNjhjMTVkMGNmNWJiOWZiMGFhMmViYTI3ZDllNzg3NDNiYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphft2/i2DAgsuruhCNf6PJjfZhbW
QsZLo8MOlVMk7jElb5APJsoge3TEFlIhplY63hPgGEm3Yw//4a9HaUQD95fokDsF
of9wCWXdkWurLSUFzhHOE2lOob8PVCy3996k56pSvX4Bikok/Juq9hwZ2Jonkafe
3ySqWcsQWS3PpqpCPJIkir3e8jZVW2TYHw/lAGIPYeDADeuIZFORNuuIAOYiEYeC
bd6/CwvS7e10nKCzYGJn8ZmFargdDqWo+F51nOO/nNlb/aH4oodqXrR7/JjaslJW
yg0vTl4HQdngfYhaW+xRINTRzKjbU0thhRE1Fop10vPFVc+h7dbGs1SJlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9gaMFdDPW7n7CqLron2eeHQ7ojMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVIYRHbDH
bm8+pnN218L5bNVoDv5XEZmkWbKBBGZ2jLM0tSZAqgZxr/w3/CI09yXQxOByl5Zj
k4iodEBEW4QrcApNoe+vgt+Fv0v0BOARbLvRQmuyQHQgHhYgWz5twwRu8oq6Bz3e
T3Q4DW1L3gzqJ/j2ABo02paR0r/js+OzXeEuV5dl8HWGAARrzk/gWCRyEqq5xYeF
xYN4yqSlMm9RJfxvy8796sxuu0Rhf1N0uNMepCdZbS8gevvLQ64w6LpohjLJGebo
JOsmQv/P/RnQsrLqlz2y04pVj6gLgxojekcpBJsgai5kM83bmFuFjlnVBSOgwY8w
3GfI8DuwibmF4A==
-----END CERTIFICATE-----