Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
File:                     LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft (raw, json)
Hash identifier:          paPUYxjK6/IWN3KXg487mCcEUdFRy9Tngsxd+EyOslo=
Subject key identifier:   CF:8B:2C:39:AB:72:F9:E4:26:BA:87:40:C1:B1:BF:35:5F:22:20:23
Authority key identifier: 2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9
Certificate issuer:       /CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
Certificate serial:       019D270398D2408FB45F8631C6853D7B7073
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
Manifest number:          0CFF
Signing time:             Wed 25 Mar 2026 22:00:40 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:40 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:40 +0000
Files and hashes:         1: LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl (hash: 32yZXhbCyM/PApgM1ZMsQupiAvfktA0ka5biaF87z+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:98:d2:40:8f:b4:5f:86:31:c6:85:3d:7b:70:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e316312ad2b21aa9a04811f62ad036bf68885d9
        Validity
            Not Before: Mar 25 22:00:40 2026 GMT
            Not After : Mar 26 22:00:40 2026 GMT
        Subject: CN=cf8b2c39ab72f9e426ba8740c1b1bf355f222023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e8:8f:4f:b1:b0:b8:3c:28:77:83:a7:e9:25:
                    99:b0:8f:c0:5a:73:13:d3:10:f5:fc:21:dc:9e:c3:
                    df:07:b6:8e:b5:e9:20:9d:61:d4:fe:20:a9:0f:41:
                    ab:89:86:b8:77:27:b8:7e:97:ee:5a:35:14:0f:02:
                    99:f8:3e:4b:31:7a:0e:e7:13:d6:94:d5:43:7a:2a:
                    49:47:e7:e5:c6:8f:c2:f5:11:13:ea:c2:12:9a:f9:
                    44:a8:3c:67:13:f7:bd:d8:0a:04:67:1e:c8:f6:cb:
                    e3:b0:62:30:99:9c:9a:0d:1c:84:72:3f:d3:36:20:
                    ba:43:01:61:66:9e:a3:e9:1f:cf:f3:41:64:02:e5:
                    ba:f8:0c:e8:df:4a:28:3d:b2:eb:07:12:56:99:c4:
                    29:dc:54:4a:cd:f2:82:46:82:59:b6:c9:72:c8:4c:
                    53:63:7d:78:20:8c:aa:41:8e:d2:8f:03:68:ea:79:
                    02:cf:21:a9:d1:f1:0b:1e:ef:70:78:44:30:61:20:
                    ee:fa:2c:ce:8f:53:38:e1:ae:2c:b0:f0:7d:38:aa:
                    d7:1f:71:b8:49:95:72:da:a9:9c:02:32:73:c9:d7:
                    64:ad:f4:0e:41:77:bd:9b:a7:8a:07:54:ab:86:e8:
                    c4:97:4f:8b:e7:5b:bf:42:a7:13:23:8e:3e:64:1c:
                    fb:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:8B:2C:39:AB:72:F9:E4:26:BA:87:40:C1:B1:BF:35:5F:22:20:23
            X509v3 Authority Key Identifier:
                keyid:2E:31:63:12:AD:2B:21:AA:9A:04:81:1F:62:AD:03:6B:F6:88:85:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjFjEq0rIaqaBIEfYq0Da_aIhdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7b9d2c-7d49-4a19-a55d-3b47666d1365/1/LjFjEq0rIaqaBIEfYq0Da_aIhdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:53:a5:dd:f3:03:94:ae:7a:7b:7d:12:bb:2c:d9:13:a5:3c:
         32:1f:53:91:56:57:de:e7:d5:ef:b8:19:7e:3b:31:60:d6:f4:
         97:65:fe:e4:9e:34:fb:eb:0e:45:df:43:a0:1c:a2:91:11:4c:
         e1:be:a6:72:0d:1f:93:9a:d8:f3:d7:07:26:eb:77:26:15:cd:
         d3:12:53:a4:f4:3a:65:b0:ef:13:9a:cf:7e:ab:e0:7b:70:09:
         db:a7:c6:61:f6:fa:56:53:71:eb:d6:1e:e4:fb:ac:5c:65:cb:
         66:f2:9c:18:29:50:ef:88:1e:c3:8d:ad:21:42:38:a9:de:1d:
         7d:05:cc:95:4d:49:ba:c9:41:75:71:de:fa:9e:b0:42:ef:7b:
         d4:96:72:b6:13:43:cd:2e:08:26:93:ed:8d:dc:4d:c4:19:65:
         5b:90:c2:94:61:85:04:3c:af:d9:bf:e8:fe:50:65:c7:d4:21:
         c3:31:eb:c1:87:32:41:88:4b:2f:52:2c:fa:84:5b:bc:7e:28:
         25:38:3a:88:88:ed:52:08:3c:12:7c:28:85:a9:63:a9:63:b9:
         92:74:96:59:fb:32:ba:78:4b:61:67:d3:27:82:9f:d4:7c:28:
         96:f3:34:65:ae:b0:75:31:7b:f7:90:d4:19:29:7c:22:ff:f6:
         16:b7:a9:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA5jSQI+0X4YxxoU9e3BzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzE2MzEyYWQyYjIxYWE5YTA0ODExZjYyYWQwMzZiZjY4
ODg1ZDkwHhcNMjYwMzI1MjIwMDQwWhcNMjYwMzI2MjIwMDQwWjAzMTEwLwYDVQQD
EyhjZjhiMmMzOWFiNzJmOWU0MjZiYTg3NDBjMWIxYmYzNTVmMjIyMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteiPT7GwuDwod4On6SWZsI/AWnMT
0xD1/CHcnsPfB7aOtekgnWHU/iCpD0GriYa4dye4fpfuWjUUDwKZ+D5LMXoO5xPW
lNVDeipJR+flxo/C9RET6sISmvlEqDxnE/e92AoEZx7I9svjsGIwmZyaDRyEcj/T
NiC6QwFhZp6j6R/P80FkAuW6+Azo30ooPbLrBxJWmcQp3FRKzfKCRoJZtslyyExT
Y314IIyqQY7SjwNo6nkCzyGp0fELHu9weEQwYSDu+izOj1M44a4ssPB9OKrXH3G4
SZVy2qmcAjJzyddkrfQOQXe9m6eKB1SrhujEl0+L51u/QqcTI44+ZBz7rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+LLDmrcvnkJrqHQMGxvzVfIiAjMB8GA1UdIwQY
MBaAFC4xYxKtKyGqmgSBH2KtA2v2iIXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQt
M2I0NzY2NmQxMzY1LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83YjlkMmMtN2Q0OS00YTE5LWE1NWQtM2I0NzY2NmQxMzY1
LzEvTGpGakVxMHJJYXFhQklFZllxMERhX2FJaGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALFOl3fMD
lK56e30SuyzZE6U8Mh9TkVZX3ufV77gZfjsxYNb0l2X+5J40++sORd9DoByikRFM
4b6mcg0fk5rY89cHJut3JhXN0xJTpPQ6ZbDvE5rPfqvge3AJ26fGYfb6VlNx69Ye
5PusXGXLZvKcGClQ74gew42tIUI4qd4dfQXMlU1JuslBdXHe+p6wQu971JZythND
zS4IJpPtjdxNxBllW5DClGGFBDyv2b/o/lBlx9QhwzHrwYcyQYhLL1Is+oRbvH4o
JTg6iIjtUgg8EnwohaljqWO5knSWWfsyunhLYWfTJ4Kf1HwolvM0Za6wdTF795DU
GSl8Iv/2FrepNg==
-----END CERTIFICATE-----