Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/e4741b-f5b5-418f-8e96-154e599fd35f/1/lowsVdyOuZe_WRIdTC_9VESiLi0.mft
File:                     lowsVdyOuZe_WRIdTC_9VESiLi0.mft (raw, json)
Hash identifier:          y19jWsPR6WeqFVV7jY+dOotu0yyIgS/0gzyAT5/uVOY=
Subject key identifier:   51:51:35:42:26:8B:31:83:55:90:DE:06:51:2D:9B:68:27:CD:E3:C9
Authority key identifier: 96:8C:2C:55:DC:8E:B9:97:BF:59:12:1D:4C:2F:FD:54:44:A2:2E:2D
Certificate issuer:       /CN=968c2c55dc8eb997bf59121d4c2ffd5444a22e2d
Certificate serial:       019D2772E3F91233E802F3AFD21EB8ADC0B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lowsVdyOuZe_WRIdTC_9VESiLi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/e4741b-f5b5-418f-8e96-154e599fd35f/1/lowsVdyOuZe_WRIdTC_9VESiLi0.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 00:02:14 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:14 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:14 +0000
Files and hashes:         1: lowsVdyOuZe_WRIdTC_9VESiLi0.crl (hash: /pj2I135yuLVqMzl59Bwy5ogWLq+HcOshoLHdeKmCyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/e4741b-f5b5-418f-8e96-154e599fd35f/1/lowsVdyOuZe_WRIdTC_9VESiLi0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/e4741b-f5b5-418f-8e96-154e599fd35f/1/lowsVdyOuZe_WRIdTC_9VESiLi0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lowsVdyOuZe_WRIdTC_9VESiLi0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:e3:f9:12:33:e8:02:f3:af:d2:1e:b8:ad:c0:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=968c2c55dc8eb997bf59121d4c2ffd5444a22e2d
        Validity
            Not Before: Mar 26 00:02:14 2026 GMT
            Not After : Mar 27 00:02:14 2026 GMT
        Subject: CN=51513542268b31835590de06512d9b6827cde3c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e7:e2:fc:30:74:93:5d:07:53:dd:10:90:cc:
                    97:fd:13:50:9d:de:50:e3:28:4d:b6:e8:04:54:39:
                    bb:ba:02:0b:c2:11:e8:61:d8:9a:00:d4:da:b8:55:
                    5a:58:e3:2d:02:03:fd:89:b4:75:7b:c0:4c:a0:ee:
                    86:e0:03:31:3c:71:00:d3:f5:3d:f0:f2:d7:b9:89:
                    fe:57:f2:47:0a:5e:b5:cf:12:9b:60:6d:f3:18:86:
                    ce:7f:c7:77:77:27:42:94:f5:b7:f3:23:36:8f:99:
                    40:79:b7:9d:06:a4:81:49:0a:11:9f:e3:0e:80:69:
                    98:35:f3:ad:f1:8e:6c:ea:2f:98:78:91:4a:5e:42:
                    6f:9e:aa:c2:c1:e3:75:92:cc:9d:3f:62:f9:d8:e3:
                    c7:68:c4:ef:07:0a:43:26:61:c6:88:96:9c:43:3c:
                    91:f7:65:3c:50:37:99:8d:cc:32:7e:58:39:e1:01:
                    29:9f:11:db:43:df:67:ee:2c:64:82:58:2a:3f:d8:
                    b6:c4:55:fa:3e:48:cd:c6:20:31:59:3a:98:40:d1:
                    f9:1f:ed:89:1f:65:5f:f0:da:85:ab:13:8a:52:7a:
                    43:c0:c0:da:5c:48:c7:32:ee:60:d2:51:e2:48:c2:
                    8b:a6:32:98:99:65:f2:06:95:b7:1b:c9:cb:6e:e9:
                    e5:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:51:35:42:26:8B:31:83:55:90:DE:06:51:2D:9B:68:27:CD:E3:C9
            X509v3 Authority Key Identifier:
                keyid:96:8C:2C:55:DC:8E:B9:97:BF:59:12:1D:4C:2F:FD:54:44:A2:2E:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lowsVdyOuZe_WRIdTC_9VESiLi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e4741b-f5b5-418f-8e96-154e599fd35f/1/lowsVdyOuZe_WRIdTC_9VESiLi0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e4741b-f5b5-418f-8e96-154e599fd35f/1/lowsVdyOuZe_WRIdTC_9VESiLi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:1c:74:d7:58:0e:ce:8f:0c:72:cb:ff:98:56:83:2c:26:98:
         a7:bd:a9:b5:27:98:b7:d3:e5:29:f3:2a:0f:61:9b:d4:05:b0:
         6c:1c:1b:12:ba:b6:5b:fe:9c:6a:7d:e3:b3:58:64:e8:c7:c0:
         4b:7e:09:0a:a6:c4:f3:b6:c4:84:1f:e2:4c:4b:bb:3c:94:e7:
         d3:aa:da:7d:5c:12:6a:b4:88:de:fb:81:76:de:66:4c:24:31:
         af:78:be:a4:20:69:38:97:fc:d4:74:50:02:ac:68:ac:bb:cb:
         98:ed:de:41:92:0d:8d:a1:d7:b9:f8:b5:fb:a1:ba:1e:8d:5f:
         79:92:e8:5f:88:1b:8d:02:42:91:69:97:37:22:21:8f:5e:87:
         bd:26:b5:7f:5d:85:ae:7a:75:f0:2e:5b:19:93:5c:b8:c9:3f:
         d7:09:28:0d:02:95:3a:a2:61:eb:21:65:a3:98:ea:04:32:31:
         ab:00:78:ad:47:90:68:d9:13:66:fd:97:02:58:7c:1d:6c:41:
         9c:68:bd:00:18:96:80:5f:5a:94:71:17:ba:31:37:28:63:cd:
         44:08:e9:58:87:49:42:4d:b3:0c:44:a8:d1:a4:ac:e9:b2:48:
         eb:d2:a1:3d:fb:4e:30:2c:a4:e8:aa:7d:44:2d:4b:f3:4b:4d:
         0d:06:f7:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncuP5EjPoAvOv0h64rcCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OGMyYzU1ZGM4ZWI5OTdiZjU5MTIxZDRjMmZmZDU0NDRh
MjJlMmQwHhcNMjYwMzI2MDAwMjE0WhcNMjYwMzI3MDAwMjE0WjAzMTEwLwYDVQQD
Eyg1MTUxMzU0MjI2OGIzMTgzNTU5MGRlMDY1MTJkOWI2ODI3Y2RlM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ufi/DB0k10HU90QkMyX/RNQnd5Q
4yhNtugEVDm7ugILwhHoYdiaANTauFVaWOMtAgP9ibR1e8BMoO6G4AMxPHEA0/U9
8PLXuYn+V/JHCl61zxKbYG3zGIbOf8d3dydClPW38yM2j5lAebedBqSBSQoRn+MO
gGmYNfOt8Y5s6i+YeJFKXkJvnqrCweN1ksydP2L52OPHaMTvBwpDJmHGiJacQzyR
92U8UDeZjcwyflg54QEpnxHbQ99n7ixkglgqP9i2xFX6PkjNxiAxWTqYQNH5H+2J
H2Vf8NqFqxOKUnpDwMDaXEjHMu5g0lHiSMKLpjKYmWXyBpW3G8nLbunlTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFFRNUImizGDVZDeBlEtm2gnzePJMB8GA1UdIwQY
MBaAFJaMLFXcjrmXv1kSHUwv/VREoi4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG93c1ZkeU91WmVfV1JJZFRDXzlWRVNpTGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lNDc0MWItZjViNS00MThmLThlOTYt
MTU0ZTU5OWZkMzVmLzEvbG93c1ZkeU91WmVfV1JJZFRDXzlWRVNpTGkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lNDc0MWItZjViNS00MThmLThlOTYtMTU0ZTU5OWZkMzVm
LzEvbG93c1ZkeU91WmVfV1JJZFRDXzlWRVNpTGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvRx011gO
zo8Mcsv/mFaDLCaYp72ptSeYt9PlKfMqD2Gb1AWwbBwbErq2W/6can3js1hk6MfA
S34JCqbE87bEhB/iTEu7PJTn06rafVwSarSI3vuBdt5mTCQxr3i+pCBpOJf81HRQ
AqxorLvLmO3eQZINjaHXufi1+6G6Ho1feZLoX4gbjQJCkWmXNyIhj16HvSa1f12F
rnp18C5bGZNcuMk/1wkoDQKVOqJh6yFlo5jqBDIxqwB4rUeQaNkTZv2XAlh8HWxB
nGi9ABiWgF9alHEXujE3KGPNRAjpWIdJQk2zDESo0aSs6bJI69KhPftOMCyk6Kp9
RC1L80tNDQb3Dg==
-----END CERTIFICATE-----