Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
File:                     L97GcLeAw7-UAe8cEVodh_6PfHo.mft (raw, json)
Hash identifier:          Jn0JN1MCMDxuCewsFPP60pmDdjuUjqc7kIA+nljAcUw=
Subject key identifier:   15:D5:E0:85:CE:40:31:E9:03:B5:4C:AB:01:82:8A:F3:5A:78:DA:7F
Authority key identifier: 2F:DE:C6:70:B7:80:C3:BF:94:01:EF:1C:11:5A:1D:87:FE:8F:7C:7A
Certificate issuer:       /CN=2fdec670b780c3bf9401ef1c115a1d87fe8f7c7a
Certificate serial:       019D296122865DA3DF8EB789460862F0E6FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
Manifest number:          0F67
Signing time:             Thu 26 Mar 2026 09:02:04 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:04 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:04 +0000
Files and hashes:         1: L97GcLeAw7-UAe8cEVodh_6PfHo.crl (hash: /EHs5J8UBdiWBGfQdZd1IJT/CMawdbE+SnwBF6vWwHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:22:86:5d:a3:df:8e:b7:89:46:08:62:f0:e6:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fdec670b780c3bf9401ef1c115a1d87fe8f7c7a
        Validity
            Not Before: Mar 26 09:02:04 2026 GMT
            Not After : Mar 27 09:02:04 2026 GMT
        Subject: CN=15d5e085ce4031e903b54cab01828af35a78da7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:29:a6:c4:e3:c7:0e:4a:ed:c2:d5:6c:87:36:
                    8e:91:ce:e8:80:5f:5a:d4:2b:12:ce:2a:bf:d9:83:
                    4f:e7:b3:42:46:3a:59:94:fa:cf:1a:68:ad:c7:bb:
                    ca:c0:a2:22:22:c0:be:4a:e1:15:e9:06:f0:ee:b9:
                    cb:6f:9b:61:09:ca:81:8d:e7:2a:ae:28:67:5c:21:
                    b8:9a:92:6c:da:74:b0:76:b0:dc:5b:f1:72:e1:6c:
                    a4:76:e0:ed:ec:a4:cd:95:63:32:28:b9:a0:84:b2:
                    e1:33:be:b4:12:bc:f5:30:25:23:00:7a:73:c9:3a:
                    69:bb:0f:68:47:a2:5e:62:6f:09:de:12:ba:2e:3b:
                    ac:fe:59:46:32:33:47:eb:07:e4:4f:a1:56:f0:ad:
                    2a:bf:c6:1f:1a:6e:d7:8d:5f:59:01:ec:e7:a3:27:
                    29:4c:a2:31:5e:0d:e9:03:97:33:98:b1:87:e4:f7:
                    e1:a0:8b:b2:31:ff:26:3d:e5:9b:27:8c:07:e2:e0:
                    2e:6d:d3:ab:93:f9:36:d4:e6:6f:11:37:3c:02:f0:
                    90:ab:5b:fc:e5:49:32:b3:14:35:64:0a:62:25:13:
                    d5:5f:96:7d:51:7d:06:f0:c8:49:7a:24:fd:f4:85:
                    10:82:74:54:a6:4d:08:37:ab:3c:ba:fa:ae:e1:0c:
                    80:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:D5:E0:85:CE:40:31:E9:03:B5:4C:AB:01:82:8A:F3:5A:78:DA:7F
            X509v3 Authority Key Identifier:
                keyid:2F:DE:C6:70:B7:80:C3:BF:94:01:EF:1C:11:5A:1D:87:FE:8F:7C:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L97GcLeAw7-UAe8cEVodh_6PfHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e19c5-0082-4844-b6bd-ab1d8e9844af/1/L97GcLeAw7-UAe8cEVodh_6PfHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:5c:c2:41:0a:d8:07:e5:b3:83:41:ba:80:6a:a2:d8:ca:ca:
         16:f9:ef:8c:4d:45:aa:53:39:6a:8f:5e:d1:4d:e3:22:3d:01:
         a8:3a:45:94:f9:f3:5b:0d:be:e8:4d:8c:f8:de:c3:aa:99:1f:
         b2:2f:87:c8:ef:76:5c:9a:25:dd:40:17:d3:2c:ed:42:5c:1d:
         7f:e6:36:6b:43:75:a6:ac:09:0a:a3:29:6c:92:17:ac:f4:b7:
         92:78:1c:1e:ec:a7:87:e8:eb:5c:51:ea:2d:f3:7a:ab:00:4a:
         76:e5:54:96:9a:73:9e:e0:34:e2:33:fc:2d:0b:8b:db:29:4d:
         57:18:19:a0:64:3b:cd:f2:6c:b9:00:69:0d:29:81:4c:ab:df:
         fd:3b:bc:f7:0f:58:e8:10:e6:be:53:35:3e:fc:75:3e:62:30:
         e3:5d:d1:3c:ad:62:04:52:66:ee:b4:6d:33:4e:b8:d6:c3:b6:
         53:94:6a:9b:9b:11:c2:6a:14:11:17:d6:0b:4d:6a:02:02:c0:
         02:01:ae:70:92:b4:37:06:3f:55:c0:a5:7d:3c:50:63:31:89:
         39:75:15:b9:29:90:6c:fd:de:ae:d9:64:48:f7:17:97:da:39:
         ce:46:9d:e9:97:af:dd:93:42:12:14:55:1c:ad:f2:03:40:e9:
         2b:31:4d:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYSKGXaPfjreJRghi8Ob6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZGVjNjcwYjc4MGMzYmY5NDAxZWYxYzExNWExZDg3ZmU4
ZjdjN2EwHhcNMjYwMzI2MDkwMjA0WhcNMjYwMzI3MDkwMjA0WjAzMTEwLwYDVQQD
EygxNWQ1ZTA4NWNlNDAzMWU5MDNiNTRjYWIwMTgyOGFmMzVhNzhkYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoimmxOPHDkrtwtVshzaOkc7ogF9a
1CsSziq/2YNP57NCRjpZlPrPGmitx7vKwKIiIsC+SuEV6Qbw7rnLb5thCcqBjecq
rihnXCG4mpJs2nSwdrDcW/Fy4WykduDt7KTNlWMyKLmghLLhM760Erz1MCUjAHpz
yTppuw9oR6JeYm8J3hK6Ljus/llGMjNH6wfkT6FW8K0qv8YfGm7XjV9ZAeznoycp
TKIxXg3pA5czmLGH5PfhoIuyMf8mPeWbJ4wH4uAubdOrk/k21OZvETc8AvCQq1v8
5UkysxQ1ZApiJRPVX5Z9UX0G8MhJeiT99IUQgnRUpk0IN6s8uvqu4QyA+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXV4IXOQDHpA7VMqwGCivNaeNp/MB8GA1UdIwQY
MBaAFC/exnC3gMO/lAHvHBFaHYf+j3x6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZTE5YzUtMDA4Mi00ODQ0LWI2YmQt
YWIxZDhlOTg0NGFmLzEvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZTE5YzUtMDA4Mi00ODQ0LWI2YmQtYWIxZDhlOTg0NGFm
LzEvTDk3R2NMZUF3Ny1VQWU4Y0VWb2RoXzZQZkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN1zCQQrY
B+Wzg0G6gGqi2MrKFvnvjE1FqlM5ao9e0U3jIj0BqDpFlPnzWw2+6E2M+N7Dqpkf
si+HyO92XJol3UAX0yztQlwdf+Y2a0N1pqwJCqMpbJIXrPS3kngcHuynh+jrXFHq
LfN6qwBKduVUlppznuA04jP8LQuL2ylNVxgZoGQ7zfJsuQBpDSmBTKvf/Tu89w9Y
6BDmvlM1Pvx1PmIw413RPK1iBFJm7rRtM0641sO2U5Rqm5sRwmoUERfWC01qAgLA
AgGucJK0NwY/VcClfTxQYzGJOXUVuSmQbP3ertlkSPcXl9o5zkad6Zev3ZNCEhRV
HK3yA0DpKzFNFw==
-----END CERTIFICATE-----