Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          ph5QIlKcUvU65B0oX7jGCTbNpPIEe6+oCWfY5vxb4fM=
Subject key identifier:   F9:87:1D:00:0A:CB:FC:E7:BA:95:61:58:E8:26:1D:DF:66:79:E1:FE
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       019D2583FF44B44B0D0C282092482143C833
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          0489
Signing time:             Wed 25 Mar 2026 15:01:40 +0000
Manifest this update:     Wed 25 Mar 2026 15:01:40 +0000
Manifest next update:     Thu 26 Mar 2026 15:01:40 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: Xg/A7mqLH6Nu6T62nw0Gm6Nl5Bo3O8TiHOw7d5hUrjg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:ff:44:b4:4b:0d:0c:28:20:92:48:21:43:c8:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Mar 25 15:01:40 2026 GMT
            Not After : Mar 26 15:01:40 2026 GMT
        Subject: CN=f9871d000acbfce7ba956158e8261ddf6679e1fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:21:86:8f:d7:21:f9:67:d1:d8:dc:72:4f:3c:
                    b2:d2:4c:75:fa:64:cd:b4:8a:90:d1:1d:55:6c:fe:
                    5c:d8:88:3b:49:52:61:15:de:f4:dc:b3:e4:ed:cb:
                    12:c8:59:0c:bf:40:2d:7e:8b:9e:87:cb:e4:66:65:
                    5c:64:a4:c2:ba:55:f5:b4:34:fd:fd:06:51:40:1b:
                    b9:41:55:3e:dc:5a:55:c6:97:65:72:47:56:c7:f2:
                    83:55:74:7a:19:e5:32:2e:d0:b5:2c:fe:39:a0:e6:
                    8c:07:de:d8:88:68:81:02:c9:15:93:d9:06:03:18:
                    96:85:70:b1:02:0d:f3:fe:9a:b8:8d:5a:4f:1c:1b:
                    8b:d4:31:94:51:9f:fd:a9:7b:90:af:5d:c6:37:79:
                    b5:c1:a0:3f:20:1e:cb:73:eb:1a:b9:fd:1c:08:c7:
                    88:a7:85:c1:bf:f0:66:66:d9:e5:ed:5d:8d:84:76:
                    ef:ec:a4:bb:33:0c:61:47:ce:56:f8:d6:63:57:33:
                    c3:3e:6a:e8:c1:f1:b0:4e:9b:e7:29:93:1d:30:54:
                    be:6a:35:73:88:cc:30:91:e7:60:5c:a9:36:9a:1b:
                    e7:83:11:09:df:b0:ee:45:10:2e:01:e0:fe:b2:d5:
                    19:2c:ed:a5:da:dc:a3:50:06:02:ea:cb:5b:a1:92:
                    fa:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:87:1D:00:0A:CB:FC:E7:BA:95:61:58:E8:26:1D:DF:66:79:E1:FE
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:f6:36:5f:97:d0:cb:db:df:9f:86:0f:43:2a:bc:b2:50:03:
         7f:d6:f3:7c:6f:8e:4f:80:d0:e8:c7:0a:52:27:4f:2e:73:51:
         9c:47:86:91:b1:e1:f7:c2:b4:98:e0:5d:ba:90:12:b5:b3:b3:
         d2:61:8d:b6:77:75:f7:c2:f5:5d:0f:ea:0f:60:6e:fd:73:32:
         0e:2a:1e:96:e5:66:5b:a9:65:9b:1b:35:93:21:93:a4:9d:4c:
         59:b8:97:7e:c8:24:8c:64:b9:33:1d:46:22:c3:47:79:fa:61:
         b4:06:87:45:92:7a:1a:59:a2:84:34:aa:fa:5a:dc:af:95:e6:
         33:f4:8a:3d:6b:32:46:63:86:17:52:67:cc:6a:51:54:43:bf:
         e0:fc:3c:34:e3:26:0d:d6:ef:4a:82:1f:38:3d:29:fc:40:a7:
         f1:5f:c1:16:48:49:24:d8:cd:16:26:20:54:a4:0f:c9:1e:32:
         22:6e:7f:4b:b0:33:d2:c6:d6:d1:62:98:76:a1:8d:cd:6f:3d:
         ed:a2:32:f6:1d:9a:e3:eb:b2:8d:0e:c7:74:96:32:89:af:bd:
         d9:7f:67:9f:97:76:9c:d6:19:cd:c6:9e:b5:a0:19:b1:db:05:
         c6:a0:54:8f:d0:58:f9:dc:de:79:91:8d:a6:f2:be:73:aa:78:
         7f:c3:53:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg/9EtEsNDCggkkghQ8gzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjYwMzI1MTUwMTQwWhcNMjYwMzI2MTUwMTQwWjAzMTEwLwYDVQQD
EyhmOTg3MWQwMDBhY2JmY2U3YmE5NTYxNThlODI2MWRkZjY2NzllMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSGGj9ch+WfR2NxyTzyy0kx1+mTN
tIqQ0R1VbP5c2Ig7SVJhFd703LPk7csSyFkMv0Atfoueh8vkZmVcZKTCulX1tDT9
/QZRQBu5QVU+3FpVxpdlckdWx/KDVXR6GeUyLtC1LP45oOaMB97YiGiBAskVk9kG
AxiWhXCxAg3z/pq4jVpPHBuL1DGUUZ/9qXuQr13GN3m1waA/IB7Lc+sauf0cCMeI
p4XBv/BmZtnl7V2NhHbv7KS7MwxhR85W+NZjVzPDPmrowfGwTpvnKZMdMFS+ajVz
iMwwkedgXKk2mhvngxEJ37DuRRAuAeD+stUZLO2l2tyjUAYC6stboZL6XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmHHQAKy/znupVhWOgmHd9meeH+MB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPY2X5fQ
y9vfn4YPQyq8slADf9bzfG+OT4DQ6McKUidPLnNRnEeGkbHh98K0mOBdupAStbOz
0mGNtnd198L1XQ/qD2Bu/XMyDioeluVmW6llmxs1kyGTpJ1MWbiXfsgkjGS5Mx1G
IsNHefphtAaHRZJ6GlmihDSq+lrcr5XmM/SKPWsyRmOGF1JnzGpRVEO/4Pw8NOMm
DdbvSoIfOD0p/ECn8V/BFkhJJNjNFiYgVKQPyR4yIm5/S7Az0sbW0WKYdqGNzW89
7aIy9h2a4+uyjQ7HdJYyia+92X9nn5d2nNYZzcaetaAZsdsFxqBUj9BY+dzeeZGN
pvK+c6p4f8NTgQ==
-----END CERTIFICATE-----