Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
File:                     lkyqlAOgjTc7kLcQpW0-roE5T_A.mft (raw, json)
Hash identifier:          /fXoKFqCBo7rCr/fBmCKMwIJROlsIef/G1VI8C26LEI=
Subject key identifier:   DA:83:CA:82:CA:67:0A:57:B0:F8:C9:29:76:7E:ED:72:34:4E:94:FB
Authority key identifier: 96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0
Certificate issuer:       /CN=964caa9403a08d373b90b710a56d3eae81394ff0
Certificate serial:       019D2772EEB2E70AB95C7D61A55DB6309A41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
Manifest number:          1813
Signing time:             Thu 26 Mar 2026 00:02:16 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:16 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:16 +0000
Files and hashes:         1: lkyqlAOgjTc7kLcQpW0-roE5T_A.crl (hash: gr9WgVcLhS66PslopG1sJy2S6beOwH0rHDe0+XiZoKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:ee:b2:e7:0a:b9:5c:7d:61:a5:5d:b6:30:9a:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964caa9403a08d373b90b710a56d3eae81394ff0
        Validity
            Not Before: Mar 26 00:02:16 2026 GMT
            Not After : Mar 27 00:02:16 2026 GMT
        Subject: CN=da83ca82ca670a57b0f8c929767eed72344e94fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b4:04:32:8c:f9:34:01:63:1d:2c:e8:6e:da:
                    c1:e1:92:ec:36:fe:a7:83:57:d8:42:81:7e:f6:bb:
                    ab:71:27:b8:34:44:94:13:13:cf:b3:9c:b3:49:b2:
                    00:0b:af:02:59:8d:be:67:b1:91:bd:37:b5:92:28:
                    30:5a:e0:76:62:00:0b:85:66:ad:95:41:df:29:21:
                    5b:fd:9c:16:eb:3a:3a:c7:4a:76:df:ac:9a:22:2e:
                    18:d4:27:82:6e:cd:01:ba:f7:d0:a0:92:a9:52:23:
                    f4:c8:36:21:b4:fd:bd:68:4c:19:3d:dd:c5:5d:8b:
                    2f:bd:7f:81:66:f8:cf:e4:a7:66:3d:e8:1d:86:87:
                    1a:de:4e:bb:a7:93:a6:ca:16:29:5f:30:cb:76:c9:
                    10:69:2a:7a:ce:4c:94:62:17:28:dd:46:68:48:a0:
                    ae:7a:5b:dc:c3:9c:e7:9c:9d:8f:38:da:78:59:ad:
                    e5:ee:a0:8a:e2:9c:0b:ab:e2:ae:d9:d9:2e:b2:f1:
                    03:fc:9b:54:98:bd:3e:fa:dc:3b:ee:98:ca:8f:36:
                    56:67:da:a9:75:47:ba:ed:ce:6e:1d:c6:e2:b7:cf:
                    6e:85:1e:4b:8e:91:8b:6f:61:85:3d:e9:04:49:9a:
                    91:05:b8:14:4c:92:4e:0f:d7:22:d0:41:d1:57:92:
                    40:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:83:CA:82:CA:67:0A:57:B0:F8:C9:29:76:7E:ED:72:34:4E:94:FB
            X509v3 Authority Key Identifier:
                keyid:96:4C:AA:94:03:A0:8D:37:3B:90:B7:10:A5:6D:3E:AE:81:39:4F:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkyqlAOgjTc7kLcQpW0-roE5T_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6b0dc9-c1b9-4fae-acd9-6bff1c0e68ae/1/lkyqlAOgjTc7kLcQpW0-roE5T_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:56:76:c1:4b:bf:02:7c:ff:ba:dd:d8:40:39:e8:6d:02:f9:
         f6:f6:8b:b6:37:40:43:5c:fc:c4:37:6b:36:bc:99:5b:67:de:
         59:67:45:24:f5:02:ac:fb:17:1f:62:5a:4f:84:d6:57:e0:80:
         87:39:b2:4a:af:48:36:f9:f7:b3:19:0d:93:15:5f:3c:cc:22:
         33:82:15:e9:b2:68:6a:2e:9f:c2:91:c1:0b:b2:3c:59:24:0b:
         5c:c2:c7:b1:b3:bf:49:79:0c:cf:2d:87:83:42:e0:96:32:bc:
         9a:ec:5e:4f:2d:6a:8d:ee:59:05:5a:3c:03:87:ac:23:61:65:
         eb:51:c7:4d:11:23:92:ef:6d:85:be:7c:df:75:a1:f5:8b:f5:
         ea:84:81:fb:24:7b:b8:3d:cb:30:ad:17:b0:9a:c8:b1:bb:a2:
         00:2b:1d:38:70:b3:d2:41:38:59:2b:bc:c7:d3:a4:35:d1:a9:
         15:09:4a:27:5f:72:e6:45:e5:90:b9:43:77:05:5c:f2:94:5a:
         12:e0:3e:6d:6e:86:f2:d4:10:db:07:08:5c:2a:2b:db:4f:b1:
         18:ab:d2:51:d5:a8:f7:1e:92:fe:89:88:f5:c3:d0:f0:70:a2:
         97:1a:47:3a:55:bb:8c:82:da:c1:71:b5:d6:81:b7:06:ab:36:
         ad:4a:e9:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncu6y5wq5XH1hpV22MJpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGNhYTk0MDNhMDhkMzczYjkwYjcxMGE1NmQzZWFlODEz
OTRmZjAwHhcNMjYwMzI2MDAwMjE2WhcNMjYwMzI3MDAwMjE2WjAzMTEwLwYDVQQD
EyhkYTgzY2E4MmNhNjcwYTU3YjBmOGM5Mjk3NjdlZWQ3MjM0NGU5NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37QEMoz5NAFjHSzobtrB4ZLsNv6n
g1fYQoF+9rurcSe4NESUExPPs5yzSbIAC68CWY2+Z7GRvTe1kigwWuB2YgALhWat
lUHfKSFb/ZwW6zo6x0p236yaIi4Y1CeCbs0BuvfQoJKpUiP0yDYhtP29aEwZPd3F
XYsvvX+BZvjP5KdmPegdhoca3k67p5OmyhYpXzDLdskQaSp6zkyUYhco3UZoSKCu
elvcw5znnJ2PONp4Wa3l7qCK4pwLq+Ku2dkusvED/JtUmL0++tw77pjKjzZWZ9qp
dUe67c5uHcbit89uhR5LjpGLb2GFPekESZqRBbgUTJJOD9ci0EHRV5JAzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqDyoLKZwpXsPjJKXZ+7XI0TpT7MB8GA1UdIwQY
MBaAFJZMqpQDoI03O5C3EKVtPq6BOU/wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDkt
NmJmZjFjMGU2OGFlLzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82YjBkYzktYzFiOS00ZmFlLWFjZDktNmJmZjFjMGU2OGFl
LzEvbGt5cWxBT2dqVGM3a0xjUXBXMC1yb0U1VF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1Z2wUu/
Anz/ut3YQDnobQL59vaLtjdAQ1z8xDdrNryZW2feWWdFJPUCrPsXH2JaT4TWV+CA
hzmySq9INvn3sxkNkxVfPMwiM4IV6bJoai6fwpHBC7I8WSQLXMLHsbO/SXkMzy2H
g0LgljK8muxeTy1qje5ZBVo8A4esI2Fl61HHTREjku9thb5833Wh9Yv16oSB+yR7
uD3LMK0XsJrIsbuiACsdOHCz0kE4WSu8x9OkNdGpFQlKJ19y5kXlkLlDdwVc8pRa
EuA+bW6G8tQQ2wcIXCor20+xGKvSUdWo9x6S/omI9cPQ8HCilxpHOlW7jILawXG1
1oG3Bqs2rUrp2g==
-----END CERTIFICATE-----