Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
File:                     lkptHqRrxAuqMavE9ByQZn7-Nu0.mft (raw, json)
Hash identifier:          IyBq1ZXHxxafpU8UWzhrFZ7B+fgPV0IBVOvTDP4L/sk=
Subject key identifier:   CA:77:3D:E0:12:41:3A:97:E3:BE:36:B8:68:AE:89:C8:F3:FE:C5:59
Authority key identifier: 96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED
Certificate issuer:       /CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
Certificate serial:       019CAB6B30E994675179CAFDD7114A9F1133
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
Manifest number:          0912
Signing time:             Sun 01 Mar 2026 22:00:54 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:54 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:54 +0000
Files and hashes:         1: lkptHqRrxAuqMavE9ByQZn7-Nu0.crl (hash: ywz3odz2ok7+1Oj2GL6TOCVSrXpvY+hdY8gOul0eM+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:30:e9:94:67:51:79:ca:fd:d7:11:4a:9f:11:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a6d1ea46bc40baa31abc4f41c90667efe36ed
        Validity
            Not Before: Mar  1 22:00:54 2026 GMT
            Not After : Mar  2 22:00:54 2026 GMT
        Subject: CN=ca773de012413a97e3be36b868ae89c8f3fec559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:36:94:1c:04:0d:c8:3c:56:3c:f3:d5:b0:55:
                    dc:83:4b:0f:f8:d1:c3:07:c4:39:fc:92:c6:97:e9:
                    36:64:2f:69:15:d5:57:5c:77:62:db:20:21:dc:71:
                    4f:f3:b0:b3:48:48:f3:db:24:cb:b1:c7:ba:46:81:
                    bf:94:a2:d3:53:5a:e2:ae:cb:4a:2b:df:7b:4c:6e:
                    d4:e5:69:02:a0:b6:ee:23:13:51:3b:32:39:47:df:
                    3c:b7:00:28:1d:62:44:07:ec:81:21:5e:05:ec:01:
                    15:78:c5:9d:33:4e:82:a4:20:ad:0c:b1:15:10:79:
                    2a:f4:b0:d7:a0:59:12:e3:00:87:27:6a:ad:5a:3b:
                    14:9e:73:bb:a9:c4:f9:39:72:fc:c1:35:f5:24:97:
                    65:64:b6:ed:cc:3a:f6:e9:0c:ac:8c:51:97:c3:40:
                    8c:40:b0:23:a0:6f:df:e0:25:a8:43:75:ff:10:ea:
                    65:f7:26:6a:54:8a:3e:10:94:8a:9e:b4:15:0d:ba:
                    02:8d:14:c9:8e:56:af:16:f8:73:9f:1e:d7:3a:0e:
                    9d:36:1c:3b:7a:39:38:24:0e:09:f1:b1:38:02:de:
                    38:35:b0:58:77:b3:d4:59:4a:a9:5a:2c:9c:36:01:
                    d2:f0:a2:98:f3:ab:10:e4:b3:76:90:81:15:65:1f:
                    81:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:77:3D:E0:12:41:3A:97:E3:BE:36:B8:68:AE:89:C8:F3:FE:C5:59
            X509v3 Authority Key Identifier:
                keyid:96:4A:6D:1E:A4:6B:C4:0B:AA:31:AB:C4:F4:1C:90:66:7E:FE:36:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkptHqRrxAuqMavE9ByQZn7-Nu0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/edc41e-352e-412b-9ae6-a0951ef7dfcd/1/lkptHqRrxAuqMavE9ByQZn7-Nu0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:65:50:86:d0:0f:6a:48:38:58:b7:51:15:0a:50:49:d2:93:
         2f:cd:52:06:78:42:a9:c8:94:01:2b:d8:ae:c8:f8:95:7c:be:
         9c:49:90:5e:a9:06:66:9b:41:4b:bd:61:ed:b0:a0:7c:d6:53:
         0f:e5:58:b7:9c:eb:4f:0d:2c:7a:50:3e:78:c2:76:10:a2:bd:
         60:15:63:c4:07:fc:8d:07:7a:b9:4a:dd:be:a5:bf:2c:ec:4d:
         4e:8c:71:c0:11:fa:94:f5:11:65:94:4c:6b:6b:f4:b3:c2:de:
         9a:bc:ab:4b:fa:c3:a3:2c:55:89:0a:90:6a:3a:a8:96:14:d5:
         27:81:c5:0c:e3:42:0c:60:87:04:cc:fe:14:b3:b9:72:3e:9f:
         2a:d1:ab:08:31:bd:6e:fc:5e:1b:76:67:9e:a1:6c:83:16:33:
         72:3e:de:76:6d:22:cc:f4:98:41:f6:d5:60:96:5c:79:8e:96:
         19:8a:c9:1b:e4:7c:5f:91:ef:79:dc:71:35:ee:d0:40:d4:97:
         81:7e:e6:59:e8:17:b0:2f:a3:40:a2:8c:e9:46:a2:76:ec:4e:
         26:de:dc:f9:e4:21:5c:42:66:d3:7e:4e:3a:75:dd:71:89:b9:
         87:fe:a1:5d:5c:f9:6f:b6:0d:3c:f7:61:80:ed:96:3a:fb:b8:
         84:18:5d:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrazDplGdRecr91xFKnxEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NGE2ZDFlYTQ2YmM0MGJhYTMxYWJjNGY0MWM5MDY2N2Vm
ZTM2ZWQwHhcNMjYwMzAxMjIwMDU0WhcNMjYwMzAyMjIwMDU0WjAzMTEwLwYDVQQD
EyhjYTc3M2RlMDEyNDEzYTk3ZTNiZTM2Yjg2OGFlODljOGYzZmVjNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzaUHAQNyDxWPPPVsFXcg0sP+NHD
B8Q5/JLGl+k2ZC9pFdVXXHdi2yAh3HFP87CzSEjz2yTLsce6RoG/lKLTU1rirstK
K997TG7U5WkCoLbuIxNROzI5R988twAoHWJEB+yBIV4F7AEVeMWdM06CpCCtDLEV
EHkq9LDXoFkS4wCHJ2qtWjsUnnO7qcT5OXL8wTX1JJdlZLbtzDr26QysjFGXw0CM
QLAjoG/f4CWoQ3X/EOpl9yZqVIo+EJSKnrQVDboCjRTJjlavFvhznx7XOg6dNhw7
ejk4JA4J8bE4At44NbBYd7PUWUqpWiycNgHS8KKY86sQ5LN2kIEVZR+BJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMp3PeASQTqX4742uGiuicjz/sVZMB8GA1UdIwQY
MBaAFJZKbR6ka8QLqjGrxPQckGZ+/jbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYt
YTA5NTFlZjdkZmNkLzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZGM0MWUtMzUyZS00MTJiLTlhZTYtYTA5NTFlZjdkZmNk
LzEvbGtwdEhxUnJ4QXVxTWF2RTlCeVFabjctTnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoGVQhtAP
akg4WLdRFQpQSdKTL81SBnhCqciUASvYrsj4lXy+nEmQXqkGZptBS71h7bCgfNZT
D+VYt5zrTw0selA+eMJ2EKK9YBVjxAf8jQd6uUrdvqW/LOxNToxxwBH6lPURZZRM
a2v0s8LemryrS/rDoyxViQqQajqolhTVJ4HFDONCDGCHBMz+FLO5cj6fKtGrCDG9
bvxeG3ZnnqFsgxYzcj7edm0izPSYQfbVYJZceY6WGYrJG+R8X5HvedxxNe7QQNSX
gX7mWegXsC+jQKKM6UaiduxOJt7c+eQhXEJm035OOnXdcYm5h/6hXVz5b7YNPPdh
gO2WOvu4hBhdLw==
-----END CERTIFICATE-----