Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
File:                     lM53iNLj_vf8ANXOEz19bcAPhik.mft (raw, json)
Hash identifier:          bc2/87Xt/XeZIuc+Xbe2MT8T/zQWGyk9tS68IoYOieM=
Subject key identifier:   33:AB:16:C6:4C:B8:C7:6F:13:91:E0:76:9F:1B:8A:5B:B5:12:35:F2
Authority key identifier: 94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29
Certificate issuer:       /CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
Certificate serial:       019D2772561964C457E0AC6126E19EAC8DCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
Manifest number:          0FFC
Signing time:             Thu 26 Mar 2026 00:01:37 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:37 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:37 +0000
Files and hashes:         1: lM53iNLj_vf8ANXOEz19bcAPhik.crl (hash: ayh96XbPc/qOn20P7O0wanpQwU/d6C4VWdD/x3oCrIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:56:19:64:c4:57:e0:ac:61:26:e1:9e:ac:8d:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94ce7788d2e3fef7fc00d5ce133d7d6dc00f8629
        Validity
            Not Before: Mar 26 00:01:37 2026 GMT
            Not After : Mar 27 00:01:37 2026 GMT
        Subject: CN=33ab16c64cb8c76f1391e0769f1b8a5bb51235f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bc:c2:45:4d:eb:95:c6:66:77:f6:21:e1:5d:
                    10:75:99:62:bc:d0:77:18:97:24:ee:73:3f:98:07:
                    4a:b5:99:b8:85:0e:5b:fd:b3:06:34:b8:5f:f2:96:
                    92:50:14:db:a5:f0:1d:43:3e:f0:3f:97:ae:31:ad:
                    7c:e4:61:7e:eb:b8:0e:73:af:76:65:f6:00:60:95:
                    de:16:d7:bd:fd:d4:d3:ff:f0:93:3b:fa:6c:f8:32:
                    7a:f8:c1:31:5a:d6:5a:f3:6a:15:4a:c6:39:c5:2f:
                    35:9a:0b:ca:f9:11:34:ff:66:96:69:34:e0:ff:ae:
                    17:c6:8c:64:40:65:06:78:1a:a8:ea:f9:dc:4b:a4:
                    96:92:6f:6c:ee:e6:f9:93:3f:a8:40:c2:81:5f:3d:
                    4c:91:fb:04:59:8a:bc:1e:b0:e0:a4:66:b0:00:05:
                    38:eb:1e:56:77:91:76:7c:e0:da:64:74:5f:b1:3b:
                    56:bf:5a:df:aa:b8:ac:22:69:e5:ee:70:78:1a:ba:
                    fb:07:5c:4d:30:9f:cb:6c:eb:25:96:aa:66:cf:02:
                    e5:bb:11:b1:9e:97:bc:b9:65:ee:ee:8f:48:e6:49:
                    cd:78:c3:1a:47:1a:20:a9:fb:c1:8a:0a:68:47:76:
                    fb:34:9c:f9:a9:98:0b:57:af:53:c3:96:52:57:91:
                    24:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:AB:16:C6:4C:B8:C7:6F:13:91:E0:76:9F:1B:8A:5B:B5:12:35:F2
            X509v3 Authority Key Identifier:
                keyid:94:CE:77:88:D2:E3:FE:F7:FC:00:D5:CE:13:3D:7D:6D:C0:0F:86:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lM53iNLj_vf8ANXOEz19bcAPhik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/4ef629-12e2-4d99-9b4a-336623afe898/1/lM53iNLj_vf8ANXOEz19bcAPhik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:eb:12:57:cf:ad:f3:71:dd:ac:72:25:50:50:e2:4b:8b:1e:
         98:bb:b4:d5:21:84:a6:ce:c7:33:a4:fc:1e:62:ab:c1:13:08:
         9f:64:20:d3:15:93:ee:87:5a:53:be:77:f3:d1:18:f6:7f:fe:
         11:6c:97:e7:26:2e:4a:14:ee:8b:dd:79:9d:de:56:06:14:e2:
         72:06:6c:c7:2d:c2:bc:f0:b2:fb:2d:c3:43:40:fa:a8:42:be:
         2f:7e:14:9e:35:69:8d:4f:4b:0d:29:46:3b:85:33:94:67:3b:
         01:ae:29:3a:7e:10:8b:a3:88:e3:e2:d4:d3:e6:88:72:cc:64:
         93:54:21:10:82:1b:84:22:06:df:73:5f:5e:79:b4:03:8f:11:
         5d:b9:9c:db:83:4e:3c:57:37:c8:f7:f0:77:78:60:70:46:5e:
         ad:60:a4:b4:3b:ff:ee:91:ca:a1:b6:84:7e:39:bc:ba:4f:56:
         40:e8:17:e3:c0:b0:3d:81:51:98:71:2c:6b:a9:cf:14:8d:1f:
         ab:a4:f9:31:d1:bd:10:6d:5e:fc:3b:33:a5:ec:87:42:36:2b:
         96:18:6b:51:5a:32:5c:b4:09:37:a2:c3:53:ad:96:2c:fc:e4:
         5b:fd:e0:f3:2a:a2:56:77:50:f4:43:4b:6a:bb:9c:17:d8:73:
         41:e4:36:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nclYZZMRX4KxhJuGerI3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Y2U3Nzg4ZDJlM2ZlZjdmYzAwZDVjZTEzM2Q3ZDZkYzAw
Zjg2MjkwHhcNMjYwMzI2MDAwMTM3WhcNMjYwMzI3MDAwMTM3WjAzMTEwLwYDVQQD
EygzM2FiMTZjNjRjYjhjNzZmMTM5MWUwNzY5ZjFiOGE1YmI1MTIzNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7zCRU3rlcZmd/Yh4V0QdZlivNB3
GJck7nM/mAdKtZm4hQ5b/bMGNLhf8paSUBTbpfAdQz7wP5euMa185GF+67gOc692
ZfYAYJXeFte9/dTT//CTO/ps+DJ6+MExWtZa82oVSsY5xS81mgvK+RE0/2aWaTTg
/64XxoxkQGUGeBqo6vncS6SWkm9s7ub5kz+oQMKBXz1MkfsEWYq8HrDgpGawAAU4
6x5Wd5F2fODaZHRfsTtWv1rfqrisImnl7nB4Grr7B1xNMJ/LbOsllqpmzwLluxGx
npe8uWXu7o9I5knNeMMaRxogqfvBigpoR3b7NJz5qZgLV69Tw5ZSV5EkoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOrFsZMuMdvE5Hgdp8bilu1EjXyMB8GA1UdIwQY
MBaAFJTOd4jS4/73/ADVzhM9fW3AD4YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEt
MzM2NjIzYWZlODk4LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni80ZWY2MjktMTJlMi00ZDk5LTliNGEtMzM2NjIzYWZlODk4
LzEvbE01M2lOTGpfdmY4QU5YT0V6MTliY0FQaGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnesSV8+t
83HdrHIlUFDiS4semLu01SGEps7HM6T8HmKrwRMIn2Qg0xWT7odaU75389EY9n/+
EWyX5yYuShTui915nd5WBhTicgZsxy3CvPCy+y3DQ0D6qEK+L34UnjVpjU9LDSlG
O4UzlGc7Aa4pOn4Qi6OI4+LU0+aIcsxkk1QhEIIbhCIG33NfXnm0A48RXbmc24NO
PFc3yPfwd3hgcEZerWCktDv/7pHKobaEfjm8uk9WQOgX48CwPYFRmHEsa6nPFI0f
q6T5MdG9EG1e/DszpeyHQjYrlhhrUVoyXLQJN6LDU62WLPzkW/3g8yqiVndQ9ENL
arucF9hzQeQ26g==
-----END CERTIFICATE-----