Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
File:                     PtWjaKny40iTSpFIiEVZQ2I_lus.mft (raw, json)
Hash identifier:          alvL8XnewVSiWa2Ruk2ySX7M69Va90yEfdMHVa/G7pM=
Subject key identifier:   3A:1C:07:0F:AA:3A:0C:40:55:9A:64:18:88:45:07:CB:95:62:E6:13
Authority key identifier: 3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB
Certificate issuer:       /CN=3ed5a368a9f2e348934a914888455943623f96eb
Certificate serial:       019CAD59BDCC50AF84630700216B9F649292
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
Manifest number:          142A
Signing time:             Mon 02 Mar 2026 07:01:05 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:05 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:05 +0000
Files and hashes:         1: PtWjaKny40iTSpFIiEVZQ2I_lus.crl (hash: DfhZTxo/A4+9oJmV5/sKnMPBhnUVDFQUXoDgUly0WZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:bd:cc:50:af:84:63:07:00:21:6b:9f:64:92:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed5a368a9f2e348934a914888455943623f96eb
        Validity
            Not Before: Mar  2 07:01:05 2026 GMT
            Not After : Mar  3 07:01:05 2026 GMT
        Subject: CN=3a1c070faa3a0c40559a6418884507cb9562e613
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:56:08:05:fd:75:0a:61:f9:3e:66:2f:29:12:
                    52:0a:10:92:76:17:dc:a8:7f:55:b7:2f:d0:54:ba:
                    a5:11:47:3c:44:b2:bf:13:4c:b1:49:68:e9:2b:04:
                    1f:38:e6:40:87:cf:89:5e:03:00:05:2d:d3:26:2f:
                    1c:a1:64:c4:e7:c9:e9:68:d2:0b:2b:46:e7:04:ab:
                    cb:0b:25:db:04:ef:79:a5:2d:0b:85:08:ba:5a:e4:
                    5e:29:cd:0e:6f:af:a2:89:b5:3f:40:27:46:9c:0b:
                    0c:43:35:19:78:7c:09:69:29:b6:22:f5:4f:9c:c2:
                    be:e2:a9:a3:18:46:f3:33:c9:47:12:2d:9f:4b:d9:
                    db:b6:cb:66:ce:6d:92:c7:95:69:fd:23:61:2c:32:
                    ea:4b:fa:dc:64:9c:a7:2d:d7:69:08:a2:53:cd:24:
                    96:6b:a8:7a:4a:ea:ba:34:dc:9a:bd:ec:24:bc:60:
                    4d:4a:9b:a9:c8:db:79:41:50:2f:2c:c2:4b:a7:bd:
                    13:67:d3:b4:a2:b4:e1:e0:84:da:3c:7b:f5:4f:bd:
                    f0:65:17:a2:4a:14:71:f8:5e:3b:93:35:4e:ef:28:
                    04:48:b1:64:dc:ad:6a:24:a9:ca:6e:de:49:02:cf:
                    25:7e:8b:36:6c:19:d8:c8:6b:a8:76:a0:59:51:b3:
                    d1:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:1C:07:0F:AA:3A:0C:40:55:9A:64:18:88:45:07:CB:95:62:E6:13
            X509v3 Authority Key Identifier:
                keyid:3E:D5:A3:68:A9:F2:E3:48:93:4A:91:48:88:45:59:43:62:3F:96:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtWjaKny40iTSpFIiEVZQ2I_lus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c70c4-9060-4ffc-8ad3-6f017e1f1eed/1/PtWjaKny40iTSpFIiEVZQ2I_lus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:d6:c4:f6:b5:4c:d1:e7:65:eb:12:5f:62:92:35:bb:9c:93:
         b7:97:d4:46:31:70:40:6e:b0:e0:a1:ff:bb:7d:65:a0:8a:1c:
         96:50:1c:9d:58:46:a5:7e:70:8f:f8:a4:15:fc:2d:ea:9e:d4:
         e1:db:4e:3e:2f:1f:b8:2e:33:23:49:9a:eb:c0:08:6e:c0:d4:
         84:2b:46:cd:e1:1b:56:0c:16:7d:7c:7a:b7:ff:29:92:0e:dd:
         7c:f3:b6:c5:b0:77:d9:10:f5:e0:0b:da:41:42:1a:2c:eb:c7:
         2c:07:28:d3:14:06:43:c6:8c:86:47:be:48:5e:87:18:90:a9:
         40:1c:43:dd:ff:73:45:93:9d:ab:da:20:70:59:65:f8:d5:17:
         78:d5:45:cc:2b:17:64:fa:1f:38:0c:6c:3e:73:6d:af:8b:e3:
         b1:f3:d0:4b:56:bf:91:b3:ad:20:f7:68:11:23:5a:04:7c:92:
         8b:e0:87:fc:87:2b:6f:04:da:a5:44:ed:e6:a5:80:27:47:da:
         2d:ec:7a:d3:56:27:cf:23:f1:65:1f:73:ab:20:23:16:18:16:
         bb:f5:c2:56:f7:52:b5:8e:6d:35:a6:45:ec:f4:af:ec:c3:8d:
         f7:a9:da:df:95:93:d0:bc:12:5b:a5:20:13:d0:38:5b:27:ab:
         07:20:aa:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWb3MUK+EYwcAIWufZJKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDVhMzY4YTlmMmUzNDg5MzRhOTE0ODg4NDU1OTQzNjIz
Zjk2ZWIwHhcNMjYwMzAyMDcwMTA1WhcNMjYwMzAzMDcwMTA1WjAzMTEwLwYDVQQD
EygzYTFjMDcwZmFhM2EwYzQwNTU5YTY0MTg4ODQ1MDdjYjk1NjJlNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylYIBf11CmH5PmYvKRJSChCSdhfc
qH9Vty/QVLqlEUc8RLK/E0yxSWjpKwQfOOZAh8+JXgMABS3TJi8coWTE58npaNIL
K0bnBKvLCyXbBO95pS0LhQi6WuReKc0Ob6+iibU/QCdGnAsMQzUZeHwJaSm2IvVP
nMK+4qmjGEbzM8lHEi2fS9nbtstmzm2Sx5Vp/SNhLDLqS/rcZJynLddpCKJTzSSW
a6h6Suq6NNyavewkvGBNSpupyNt5QVAvLMJLp70TZ9O0orTh4ITaPHv1T73wZRei
ShRx+F47kzVO7ygESLFk3K1qJKnKbt5JAs8lfos2bBnYyGuodqBZUbPRgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDocBw+qOgxAVZpkGIhFB8uVYuYTMB8GA1UdIwQY
MBaAFD7Vo2ip8uNIk0qRSIhFWUNiP5brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMt
NmYwMTdlMWYxZWVkLzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84YzcwYzQtOTA2MC00ZmZjLThhZDMtNmYwMTdlMWYxZWVk
LzEvUHRXamFLbnk0MGlUU3BGSWlFVlpRMklfbHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAttbE9rVM
0edl6xJfYpI1u5yTt5fURjFwQG6w4KH/u31loIocllAcnVhGpX5wj/ikFfwt6p7U
4dtOPi8fuC4zI0ma68AIbsDUhCtGzeEbVgwWfXx6t/8pkg7dfPO2xbB32RD14Ava
QUIaLOvHLAco0xQGQ8aMhke+SF6HGJCpQBxD3f9zRZOdq9ogcFll+NUXeNVFzCsX
ZPofOAxsPnNtr4vjsfPQS1a/kbOtIPdoESNaBHySi+CH/IcrbwTapUTt5qWAJ0fa
Lex601YnzyPxZR9zqyAjFhgWu/XCVvdStY5tNaZF7PSv7MON96na35WT0LwSW6Ug
E9A4WyerByCq0Q==
-----END CERTIFICATE-----