Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
File:                     LF3rfkKW4vu0wB_AZKH2gYlreXk.mft (raw, json)
Hash identifier:          1SlfvwJnJCgcNP8hG7PZKREbnBXMf7gi/Z5xhnODmeo=
Subject key identifier:   31:FE:F5:EC:DB:B9:16:02:37:20:22:35:8C:39:CD:20:A2:E4:86:41
Authority key identifier: 2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79
Certificate issuer:       /CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
Certificate serial:       019D2A045E54CB93B1C7F0DD11B6A41E68A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
Manifest number:          085F
Signing time:             Thu 26 Mar 2026 12:00:22 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:22 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:22 +0000
Files and hashes:         1: LF3rfkKW4vu0wB_AZKH2gYlreXk.crl (hash: Blpn4vI+v8nBLGFbiQQ20lno6fxKdFxdVooPkXSk6Y0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 12:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:5e:54:cb:93:b1:c7:f0:dd:11:b6:a4:1e:68:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c5deb7e4296e2fbb4c01fc064a1f681896b7979
        Validity
            Not Before: Mar 26 12:00:22 2026 GMT
            Not After : Mar 27 12:00:22 2026 GMT
        Subject: CN=31fef5ecdbb91602372022358c39cd20a2e48641
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:81:a6:15:32:83:39:94:9a:7d:c5:30:07:a8:
                    dd:fe:ed:fb:05:05:5f:f2:50:ec:96:25:49:c0:26:
                    a3:b5:52:16:08:dd:83:2e:67:da:0d:b7:4c:bf:31:
                    50:9d:c6:19:6d:8d:f4:f5:43:a4:9c:43:37:ec:c4:
                    a4:3c:58:c5:ca:92:0f:7c:2d:25:93:74:c7:2f:fa:
                    82:19:89:ff:ea:b4:56:91:e5:4a:54:c6:93:35:d9:
                    24:3a:fb:a5:11:65:cb:a2:44:4a:95:42:41:ae:c6:
                    6f:16:a1:7f:ba:c1:2c:85:1e:37:3a:c7:e6:e8:57:
                    41:7b:7a:83:ef:7f:2e:d4:0f:3c:93:20:48:5f:b9:
                    bb:10:33:f3:c6:8c:64:94:3d:a5:b4:f7:d7:5b:b2:
                    ef:c4:47:54:aa:de:95:3b:30:02:c9:50:11:b4:b0:
                    36:a6:6e:23:98:58:ca:37:6f:f6:5e:8d:f6:5a:4e:
                    91:08:47:8e:f2:c4:77:ab:35:1e:70:df:08:35:c6:
                    91:b8:14:50:28:00:55:a8:51:d6:35:f7:ec:2d:dc:
                    2b:63:54:81:32:de:27:b2:54:4a:65:6d:78:c2:03:
                    1b:d1:55:31:3f:37:7c:d3:41:5c:86:59:5e:b1:6e:
                    43:82:38:b6:64:b6:1e:6d:88:6a:1e:0e:60:26:7c:
                    86:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:FE:F5:EC:DB:B9:16:02:37:20:22:35:8C:39:CD:20:A2:E4:86:41
            X509v3 Authority Key Identifier:
                keyid:2C:5D:EB:7E:42:96:E2:FB:B4:C0:1F:C0:64:A1:F6:81:89:6B:79:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LF3rfkKW4vu0wB_AZKH2gYlreXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/99323e-01f6-4959-9816-a86ac561ab56/1/LF3rfkKW4vu0wB_AZKH2gYlreXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ff:f9:30:fc:13:87:58:dc:78:af:98:74:64:9a:a4:56:f8:
         d5:df:7b:19:87:36:18:d4:11:85:f0:dc:44:ac:c2:c2:99:05:
         2e:89:7e:00:8e:f5:cb:44:81:b1:65:5a:b4:9b:98:b3:28:73:
         1e:e0:04:90:f5:b8:17:43:38:5f:18:f7:c4:6f:65:68:fc:eb:
         e0:1b:c1:d9:94:81:bd:65:c4:ce:bb:60:3a:4a:7c:8d:a8:94:
         de:1a:3c:50:13:b7:3a:df:ca:4e:25:1f:42:2f:30:d3:d5:14:
         9a:bc:1d:a0:61:02:75:31:42:88:83:42:1c:1f:56:f6:ec:37:
         e3:0a:24:df:16:5b:59:21:a7:b5:0e:8a:fc:89:3a:fc:7a:d0:
         77:59:76:35:9f:6c:3d:d4:20:14:28:4e:08:c9:87:e9:e4:0b:
         d0:15:55:c9:5d:e8:a2:80:34:41:57:b8:38:05:d6:96:c2:3d:
         ee:78:ef:57:81:bf:2d:d3:23:f9:f0:c0:bd:e6:d6:6a:a0:fb:
         7d:db:9b:0d:ed:01:4a:7a:94:47:5f:4e:5a:5d:3f:dd:c5:11:
         94:dd:b9:9b:c7:91:d5:d4:22:30:0a:7b:d6:2b:86:c7:94:b9:
         a4:1b:10:cc:a7:99:bf:31:4a:d7:68:62:f5:87:16:72:e7:5b:
         3b:8a:96:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBF5Uy5Oxx/DdEbakHmihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNWRlYjdlNDI5NmUyZmJiNGMwMWZjMDY0YTFmNjgxODk2
Yjc5NzkwHhcNMjYwMzI2MTIwMDIyWhcNMjYwMzI3MTIwMDIyWjAzMTEwLwYDVQQD
EygzMWZlZjVlY2RiYjkxNjAyMzcyMDIyMzU4YzM5Y2QyMGEyZTQ4NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4GmFTKDOZSafcUwB6jd/u37BQVf
8lDsliVJwCajtVIWCN2DLmfaDbdMvzFQncYZbY309UOknEM37MSkPFjFypIPfC0l
k3THL/qCGYn/6rRWkeVKVMaTNdkkOvulEWXLokRKlUJBrsZvFqF/usEshR43Osfm
6FdBe3qD738u1A88kyBIX7m7EDPzxoxklD2ltPfXW7LvxEdUqt6VOzACyVARtLA2
pm4jmFjKN2/2Xo32Wk6RCEeO8sR3qzUecN8INcaRuBRQKABVqFHWNffsLdwrY1SB
Mt4nslRKZW14wgMb0VUxPzd800FchllesW5Dgji2ZLYebYhqHg5gJnyGwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH+9ezbuRYCNyAiNYw5zSCi5IZBMB8GA1UdIwQY
MBaAFCxd635CluL7tMAfwGSh9oGJa3l5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYt
YTg2YWM1NjFhYjU2LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85OTMyM2UtMDFmNi00OTU5LTk4MTYtYTg2YWM1NjFhYjU2
LzEvTEYzcmZrS1c0dnUwd0JfQVpLSDJnWWxyZVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATP/5MPwT
h1jceK+YdGSapFb41d97GYc2GNQRhfDcRKzCwpkFLol+AI71y0SBsWVatJuYsyhz
HuAEkPW4F0M4Xxj3xG9laPzr4BvB2ZSBvWXEzrtgOkp8jaiU3ho8UBO3Ot/KTiUf
Qi8w09UUmrwdoGECdTFCiINCHB9W9uw34wok3xZbWSGntQ6K/Ik6/HrQd1l2NZ9s
PdQgFChOCMmH6eQL0BVVyV3oooA0QVe4OAXWlsI97njvV4G/LdMj+fDAvebWaqD7
fdubDe0BSnqUR19OWl0/3cURlN25m8eR1dQiMAp71iuGx5S5pBsQzKeZvzFK12hi
9YcWcudbO4qWBw==
-----END CERTIFICATE-----