Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          wbod1TAoRLWXcvrdzCC0Gnb/gNaFjcnjPCfLas3JCro=
Subject key identifier:   C1:DE:CA:6F:40:1D:AA:82:46:BF:98:59:62:17:13:54:0B:68:66:3A
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       019D9AE2FC6432C369380FD610E071434F46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          14A5
Signing time:             Fri 17 Apr 2026 10:01:00 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:00 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:00 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: C6qdhARpNpGbNF9T7qOHRdRaUzkVnT5Gp61jmiVTdkI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:fc:64:32:c3:69:38:0f:d6:10:e0:71:43:4f:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Apr 17 10:01:00 2026 GMT
            Not After : Apr 18 10:01:00 2026 GMT
        Subject: CN=c1deca6f401daa8246bf9859621713540b68663a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:3e:ff:b3:27:ef:d9:1d:68:65:27:f4:0d:4f:
                    2e:ef:99:1c:d0:00:55:2a:a1:0c:1f:4b:50:ad:b8:
                    fa:63:7b:3f:8b:c9:f5:78:51:26:a8:92:23:cc:77:
                    ab:62:1a:e8:45:cf:0e:48:a9:3f:3a:78:ef:89:d3:
                    ef:98:ef:10:ab:7b:69:af:37:3c:a7:1b:f9:88:09:
                    c1:4b:90:18:e9:0d:3d:25:81:9d:b1:fd:10:cc:54:
                    b2:c3:cf:70:5f:f6:3f:0c:24:00:1b:6f:df:d6:23:
                    cd:b7:6c:7c:f8:1d:c1:0b:d5:6d:13:78:53:e0:05:
                    77:5e:e2:c0:bd:2a:a5:ac:09:f2:11:dc:2a:bc:9f:
                    ab:79:db:68:d4:c3:49:4a:f7:f3:c2:bc:1b:05:fc:
                    b1:cc:80:1e:2c:b1:34:08:5f:28:b7:2c:80:e6:36:
                    81:dd:cd:e9:01:52:74:35:fb:a0:fa:68:b9:61:d3:
                    8d:8a:aa:89:b4:f1:29:53:38:7f:68:8f:5c:79:74:
                    3e:c3:1b:a1:7b:1d:b9:2b:8a:90:02:57:a9:a1:a0:
                    11:5b:99:c6:6e:69:ae:86:85:32:f8:51:d0:bc:22:
                    b1:2a:6c:01:81:e5:10:24:2a:52:42:0c:01:47:92:
                    cf:a6:20:df:85:1d:a1:c3:49:92:92:72:65:24:61:
                    a8:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:DE:CA:6F:40:1D:AA:82:46:BF:98:59:62:17:13:54:0B:68:66:3A
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:7a:e2:04:3d:05:25:f8:98:af:86:2f:43:d9:bb:38:ed:bc:
         c1:8a:33:dd:d2:44:f9:d6:02:f5:77:c8:35:b6:69:96:f9:64:
         df:76:01:d9:db:26:4c:d7:ab:b8:03:40:32:4d:fc:7f:87:a9:
         cb:b9:83:cc:ea:fa:39:c6:19:8d:82:e4:f7:1b:54:39:bd:f3:
         02:12:56:a5:65:d5:e6:bf:cf:17:51:dc:9f:ab:d2:a1:a0:1e:
         32:33:e7:28:68:33:53:9e:95:e6:fe:c0:e2:6b:72:4d:04:28:
         3e:2b:36:80:47:49:38:42:18:db:1c:60:f8:a8:69:af:8d:70:
         09:f1:26:e8:b8:7b:6c:ea:7e:b0:f2:25:7c:b5:e1:50:05:27:
         15:45:ea:b1:1a:11:ee:ba:35:44:4d:04:30:f2:6d:70:ef:11:
         a6:b2:c7:cd:9e:a6:51:a1:50:be:17:be:f6:d3:1e:70:b5:79:
         f5:ef:43:93:a0:87:71:f7:8a:37:b9:4d:f7:c6:7b:21:78:af:
         a7:d2:c2:37:f3:4a:c9:af:87:65:4c:2f:20:55:5a:31:aa:62:
         fb:10:00:bc:cd:cc:53:35:0c:53:e1:e8:93:1f:12:ab:82:25:
         eb:89:27:cf:cb:7c:ca:25:66:f3:a7:d9:cb:1a:2b:86:c5:fb:
         58:99:67:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4vxkMsNpOA/WEOBxQ09GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjYwNDE3MTAwMTAwWhcNMjYwNDE4MTAwMTAwWjAzMTEwLwYDVQQD
EyhjMWRlY2E2ZjQwMWRhYTgyNDZiZjk4NTk2MjE3MTM1NDBiNjg2NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz7/syfv2R1oZSf0DU8u75kc0ABV
KqEMH0tQrbj6Y3s/i8n1eFEmqJIjzHerYhroRc8OSKk/OnjvidPvmO8Qq3tprzc8
pxv5iAnBS5AY6Q09JYGdsf0QzFSyw89wX/Y/DCQAG2/f1iPNt2x8+B3BC9VtE3hT
4AV3XuLAvSqlrAnyEdwqvJ+redto1MNJSvfzwrwbBfyxzIAeLLE0CF8otyyA5jaB
3c3pAVJ0Nfug+mi5YdONiqqJtPEpUzh/aI9ceXQ+wxuhex25K4qQAlepoaARW5nG
bmmuhoUy+FHQvCKxKmwBgeUQJCpSQgwBR5LPpiDfhR2hw0mSknJlJGGokQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHeym9AHaqCRr+YWWIXE1QLaGY6MB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjnriBD0F
JfiYr4YvQ9m7OO28wYoz3dJE+dYC9XfINbZplvlk33YB2dsmTNeruANAMk38f4ep
y7mDzOr6OcYZjYLk9xtUOb3zAhJWpWXV5r/PF1Hcn6vSoaAeMjPnKGgzU56V5v7A
4mtyTQQoPis2gEdJOEIY2xxg+Khpr41wCfEm6Lh7bOp+sPIlfLXhUAUnFUXqsRoR
7ro1RE0EMPJtcO8RprLHzZ6mUaFQvhe+9tMecLV59e9Dk6CHcfeKN7lN98Z7IXiv
p9LCN/NKya+HZUwvIFVaMapi+xAAvM3MUzUMU+Hokx8Sq4Il64knz8t8yiVm86fZ
yxorhsX7WJlnHw==
-----END CERTIFICATE-----