Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          W1A1YPFT6JOLOyBo5wLCIJzBzehkxBc3Io5tIerEkjQ=
Subject key identifier:   15:21:CB:E6:58:6A:B2:BF:7D:EB:D5:39:D2:3B:11:C9:DB:87:1B:D1
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019D27728F76A586DB7EC2275B04C17C04C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          079A
Signing time:             Thu 26 Mar 2026 00:01:52 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:52 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:52 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: USOq7DQL/5NWg9mPUcbHcRmztlIUMKvGqPtQ/Ajp/B0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:8f:76:a5:86:db:7e:c2:27:5b:04:c1:7c:04:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Mar 26 00:01:52 2026 GMT
            Not After : Mar 27 00:01:52 2026 GMT
        Subject: CN=1521cbe6586ab2bf7debd539d23b11c9db871bd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b4:e3:d3:4e:f1:57:96:c3:63:28:ca:fe:db:
                    a6:fc:fe:70:61:2e:f4:52:6f:15:91:b6:4b:69:4f:
                    00:d1:04:20:09:1d:22:49:c1:43:fe:da:e0:11:d1:
                    d9:a3:fd:82:35:1f:71:43:77:d6:3c:9a:f0:68:23:
                    ac:dc:18:66:72:3b:8f:de:12:0d:4e:cc:a0:ca:a2:
                    77:9b:9f:de:68:8f:9a:1f:0c:b1:6f:b8:1d:17:cb:
                    a4:bd:55:77:63:60:4a:e6:0c:d8:27:4c:aa:32:41:
                    e6:f0:a8:22:00:fa:1b:3c:6f:af:fb:d6:28:b2:62:
                    50:82:d3:93:3e:c4:2a:c5:a2:4b:91:6f:72:62:fd:
                    c4:3a:9d:73:fe:c4:ae:3c:39:4f:8a:e0:89:f1:14:
                    53:f9:ba:bc:6d:4a:41:85:28:63:8c:e3:4d:8c:d8:
                    6d:cf:42:39:13:a4:ac:11:9c:ea:fb:66:8a:07:35:
                    99:f3:c8:7e:42:77:c9:55:39:b3:4c:0d:02:fd:16:
                    26:2d:4c:05:db:75:9b:6f:5e:df:65:90:a4:77:62:
                    76:a5:28:55:2f:7d:b3:24:eb:f6:ca:a5:e5:b2:bb:
                    0a:96:e9:ff:5b:ca:cf:44:6d:8b:13:cc:e2:45:e8:
                    5d:48:16:8e:d0:37:a3:16:70:91:ca:2e:db:3f:e0:
                    78:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:21:CB:E6:58:6A:B2:BF:7D:EB:D5:39:D2:3B:11:C9:DB:87:1B:D1
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:a0:c5:af:c8:21:3a:f1:9a:8e:22:fa:be:e2:2d:85:31:9d:
         24:5c:86:6d:db:98:1b:9a:f1:a0:ef:1f:2b:65:c7:2e:bc:13:
         0c:21:8f:ed:d9:a7:62:4f:cd:70:4e:38:1a:fd:82:a6:10:08:
         20:be:d9:62:18:a3:4c:b5:92:75:76:7f:20:88:78:ce:ff:18:
         27:ad:86:3b:f4:f8:af:7a:e3:61:fb:b1:21:98:ab:d2:77:90:
         85:70:9b:74:6f:62:17:d4:c9:2a:d0:91:95:15:d8:31:de:3e:
         47:31:9a:00:b5:e0:ed:8a:17:fb:8e:3c:f1:4b:17:91:d0:da:
         d3:9c:a8:e8:c3:50:58:75:37:60:b5:2d:37:42:67:38:b0:92:
         d7:cc:f8:34:0d:f0:26:ff:b1:ee:6e:82:70:ff:4f:f0:cb:77:
         89:ba:86:f9:82:7b:96:14:57:2b:58:0f:de:28:bc:a0:13:28:
         21:f6:a5:4e:ee:25:65:11:49:09:88:38:d7:76:52:19:89:77:
         0d:f2:8e:af:f9:36:98:02:2e:ee:b0:41:9e:a0:5d:09:18:16:
         c7:45:49:77:4a:f0:e8:6f:60:07:6f:ec:51:7e:cc:e7:aa:bf:
         38:e7:42:ab:d7:e9:23:ba:10:90:0b:54:75:9f:82:13:e1:84:
         7b:63:dc:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nco92pYbbfsInWwTBfATCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjYwMzI2MDAwMTUyWhcNMjYwMzI3MDAwMTUyWjAzMTEwLwYDVQQD
EygxNTIxY2JlNjU4NmFiMmJmN2RlYmQ1MzlkMjNiMTFjOWRiODcxYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7Tj007xV5bDYyjK/tum/P5wYS70
Um8VkbZLaU8A0QQgCR0iScFD/trgEdHZo/2CNR9xQ3fWPJrwaCOs3BhmcjuP3hIN
TsygyqJ3m5/eaI+aHwyxb7gdF8ukvVV3Y2BK5gzYJ0yqMkHm8KgiAPobPG+v+9Yo
smJQgtOTPsQqxaJLkW9yYv3EOp1z/sSuPDlPiuCJ8RRT+bq8bUpBhShjjONNjNht
z0I5E6SsEZzq+2aKBzWZ88h+QnfJVTmzTA0C/RYmLUwF23Wbb17fZZCkd2J2pShV
L32zJOv2yqXlsrsKlun/W8rPRG2LE8ziRehdSBaO0DejFnCRyi7bP+B4XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUhy+ZYarK/fevVOdI7EcnbhxvRMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKDFr8gh
OvGajiL6vuIthTGdJFyGbduYG5rxoO8fK2XHLrwTDCGP7dmnYk/NcE44Gv2CphAI
IL7ZYhijTLWSdXZ/IIh4zv8YJ62GO/T4r3rjYfuxIZir0neQhXCbdG9iF9TJKtCR
lRXYMd4+RzGaALXg7YoX+4488UsXkdDa05yo6MNQWHU3YLUtN0JnOLCS18z4NA3w
Jv+x7m6CcP9P8Mt3ibqG+YJ7lhRXK1gP3ii8oBMoIfalTu4lZRFJCYg413ZSGYl3
DfKOr/k2mAIu7rBBnqBdCRgWx0VJd0rw6G9gB2/sUX7M56q/OOdCq9fpI7oQkAtU
dZ+CE+GEe2Pcww==
-----END CERTIFICATE-----