Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/5f9ed3-fae0-4bde-9e94-7af63d72dd8d/1/lYM0pMEu57_TbL84WQfAQhA0NsY.mft
File:                     lYM0pMEu57_TbL84WQfAQhA0NsY.mft (raw, json)
Hash identifier:          S+Hz67wrLouyj4VLFbgGJXCck2uhIXN6D3r2gZHe1ss=
Subject key identifier:   DA:AF:09:E2:10:8A:28:5A:86:6D:14:BE:FF:0D:96:6B:7F:34:67:55
Authority key identifier: 95:83:34:A4:C1:2E:E7:BF:D3:6C:BF:38:59:07:C0:42:10:34:36:C6
Certificate issuer:       /CN=958334a4c12ee7bfd36cbf385907c042103436c6
Certificate serial:       019D27E04148E82DBE09E751AC8F0523E5C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lYM0pMEu57_TbL84WQfAQhA0NsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/5f9ed3-fae0-4bde-9e94-7af63d72dd8d/1/lYM0pMEu57_TbL84WQfAQhA0NsY.mft
Manifest number:          2D
Signing time:             Thu 26 Mar 2026 02:01:41 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:41 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:41 +0000
Files and hashes:         1: lYM0pMEu57_TbL84WQfAQhA0NsY.crl (hash: 282tbMRNHwEG3WbKwVWHV8979PHqGXcP6kqwBDloJVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/5f9ed3-fae0-4bde-9e94-7af63d72dd8d/1/lYM0pMEu57_TbL84WQfAQhA0NsY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/5f9ed3-fae0-4bde-9e94-7af63d72dd8d/1/lYM0pMEu57_TbL84WQfAQhA0NsY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lYM0pMEu57_TbL84WQfAQhA0NsY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:41:48:e8:2d:be:09:e7:51:ac:8f:05:23:e5:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=958334a4c12ee7bfd36cbf385907c042103436c6
        Validity
            Not Before: Mar 26 02:01:41 2026 GMT
            Not After : Mar 27 02:01:41 2026 GMT
        Subject: CN=daaf09e2108a285a866d14beff0d966b7f346755
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b0:01:2f:a7:f5:4b:7b:9c:99:2d:b5:83:2f:
                    b8:97:16:5f:76:bb:9f:f2:a1:ae:f5:b5:20:73:e0:
                    89:d7:87:74:a0:ee:0c:b4:76:90:25:1c:58:c7:b5:
                    d3:54:c5:82:c6:80:9d:fa:ea:50:a3:d8:ab:a4:b3:
                    a4:1b:9d:0c:b1:fe:14:59:bb:8a:ff:dc:24:a4:69:
                    3c:ad:e7:b6:c8:f3:0d:f3:09:2f:da:df:d9:66:16:
                    5e:69:aa:86:ac:d7:96:0a:8c:fd:77:1f:24:17:4a:
                    80:ec:4e:fa:d7:0b:3e:47:b0:5f:22:18:55:cc:7f:
                    ad:20:3f:97:83:83:d5:3e:26:ca:f3:ba:8d:7c:15:
                    fd:32:8b:f8:33:f7:ef:29:92:6e:89:01:8b:9c:4f:
                    49:c5:ae:bf:ca:5f:e3:a5:29:c2:c0:4f:cc:dd:bc:
                    43:c8:e7:cb:e4:60:63:0e:9a:a8:a0:1e:99:29:8e:
                    62:38:24:35:ad:8f:00:65:79:0e:c0:a6:f1:b0:b3:
                    d2:1a:c9:86:2d:d8:e7:cf:10:7d:6b:04:3a:44:b1:
                    54:e1:e4:96:fd:55:7d:02:73:de:20:f3:b8:77:01:
                    e9:7e:d7:96:32:33:7a:9f:ac:ac:bf:14:86:a0:59:
                    08:7e:65:84:a1:c4:e3:6d:24:73:b4:82:43:43:67:
                    3f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:AF:09:E2:10:8A:28:5A:86:6D:14:BE:FF:0D:96:6B:7F:34:67:55
            X509v3 Authority Key Identifier:
                keyid:95:83:34:A4:C1:2E:E7:BF:D3:6C:BF:38:59:07:C0:42:10:34:36:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYM0pMEu57_TbL84WQfAQhA0NsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5f9ed3-fae0-4bde-9e94-7af63d72dd8d/1/lYM0pMEu57_TbL84WQfAQhA0NsY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5f9ed3-fae0-4bde-9e94-7af63d72dd8d/1/lYM0pMEu57_TbL84WQfAQhA0NsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:00:98:b1:8a:4e:4b:82:bb:29:09:66:be:21:7e:9b:d0:b3:
         19:a8:59:56:77:69:6d:3f:9d:22:5f:4a:3c:6f:72:64:31:87:
         ab:63:e7:46:7a:8b:17:3c:8d:16:a9:92:3f:86:57:07:ce:32:
         00:69:14:91:52:7c:0f:c1:c4:59:6c:be:56:76:99:03:db:88:
         60:1e:d4:a9:97:ec:ef:3e:9e:db:3b:1e:bd:a2:4e:37:03:d6:
         ed:75:8f:1f:2d:99:16:f3:d9:16:f3:5a:f8:da:54:c8:80:d1:
         23:e0:71:c6:eb:67:ef:94:17:76:c8:9e:ec:00:62:34:f3:eb:
         e5:f6:ad:15:be:98:c1:64:ce:50:f2:41:06:57:69:eb:cf:74:
         31:1a:e2:27:5e:1d:20:8b:ef:ca:5b:3c:9c:cb:c1:e8:54:56:
         32:4b:b2:51:c1:3a:5e:69:a4:49:e3:1c:db:36:05:04:86:63:
         67:33:26:1b:d6:be:87:26:7b:4f:ea:e2:e0:fb:51:b9:17:16:
         3f:2f:db:e1:ee:7e:e5:e0:e7:17:b8:77:4b:ef:b3:0c:2a:22:
         83:7a:45:45:6a:ed:b0:99:85:85:8e:6d:6e:c7:97:74:5a:8c:
         09:38:f1:4c:1d:1b:fa:73:95:80:7f:9c:a2:b4:58:7c:d9:9e:
         78:9e:33:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4EFI6C2+CedRrI8FI+XDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ODMzNGE0YzEyZWU3YmZkMzZjYmYzODU5MDdjMDQyMTAz
NDM2YzYwHhcNMjYwMzI2MDIwMTQxWhcNMjYwMzI3MDIwMTQxWjAzMTEwLwYDVQQD
EyhkYWFmMDllMjEwOGEyODVhODY2ZDE0YmVmZjBkOTY2YjdmMzQ2NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubABL6f1S3ucmS21gy+4lxZfdruf
8qGu9bUgc+CJ14d0oO4MtHaQJRxYx7XTVMWCxoCd+upQo9irpLOkG50Msf4UWbuK
/9wkpGk8ree2yPMN8wkv2t/ZZhZeaaqGrNeWCoz9dx8kF0qA7E761ws+R7BfIhhV
zH+tID+Xg4PVPibK87qNfBX9Mov4M/fvKZJuiQGLnE9Jxa6/yl/jpSnCwE/M3bxD
yOfL5GBjDpqooB6ZKY5iOCQ1rY8AZXkOwKbxsLPSGsmGLdjnzxB9awQ6RLFU4eSW
/VV9AnPeIPO4dwHpfteWMjN6n6ysvxSGoFkIfmWEocTjbSRztIJDQ2c/gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqvCeIQiihahm0Uvv8Nlmt/NGdVMB8GA1UdIwQY
MBaAFJWDNKTBLue/02y/OFkHwEIQNDbGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlNMHBNRXU1N19UYkw4NFdRZkFRaEEwTnNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81ZjllZDMtZmFlMC00YmRlLTllOTQt
N2FmNjNkNzJkZDhkLzEvbFlNMHBNRXU1N19UYkw4NFdRZkFRaEEwTnNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81ZjllZDMtZmFlMC00YmRlLTllOTQtN2FmNjNkNzJkZDhk
LzEvbFlNMHBNRXU1N19UYkw4NFdRZkFRaEEwTnNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQCYsYpO
S4K7KQlmviF+m9CzGahZVndpbT+dIl9KPG9yZDGHq2PnRnqLFzyNFqmSP4ZXB84y
AGkUkVJ8D8HEWWy+VnaZA9uIYB7UqZfs7z6e2zsevaJONwPW7XWPHy2ZFvPZFvNa
+NpUyIDRI+Bxxutn75QXdsie7ABiNPPr5fatFb6YwWTOUPJBBldp6890MRriJ14d
IIvvyls8nMvB6FRWMkuyUcE6XmmkSeMc2zYFBIZjZzMmG9a+hyZ7T+ri4PtRuRcW
Py/b4e5+5eDnF7h3S++zDCoig3pFRWrtsJmFhY5tbseXdFqMCTjxTB0b+nOVgH+c
orRYfNmeeJ4zYg==
-----END CERTIFICATE-----