Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
File:                     lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft (raw, json)
Hash identifier:          9gf8IpXVO5P9mYop8qrlHFuNeJeng9hkawwO9zZgaLY=
Subject key identifier:   96:75:A9:B0:EA:F3:58:55:8B:E0:82:83:F0:AB:71:39:F3:C1:F9:52
Authority key identifier: 96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A
Certificate issuer:       /CN=960e68c8389b09dc345464a400af276568e7f96a
Certificate serial:       019CADFE8DC0AEBB8D4D022269D9FD2C7763
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
Manifest number:          10C9
Signing time:             Mon 02 Mar 2026 10:01:06 +0000
Manifest this update:     Mon 02 Mar 2026 10:01:06 +0000
Manifest next update:     Tue 03 Mar 2026 10:01:06 +0000
Files and hashes:         1: lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl (hash: bRD+/DiTZ4MajT6G/G89nAMcIBEK+Fh0eDAD/qY/CoA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 10:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:8d:c0:ae:bb:8d:4d:02:22:69:d9:fd:2c:77:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=960e68c8389b09dc345464a400af276568e7f96a
        Validity
            Not Before: Mar  2 10:01:06 2026 GMT
            Not After : Mar  3 10:01:06 2026 GMT
        Subject: CN=9675a9b0eaf358558be08283f0ab7139f3c1f952
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c7:e0:56:06:44:3f:a4:e0:18:c4:6d:95:46:
                    c8:44:90:9b:1f:16:c9:ba:08:69:81:a3:ed:84:92:
                    e7:cb:b4:e1:b2:a3:ba:b7:2c:61:a6:84:f3:b2:36:
                    10:08:e9:4d:75:73:76:82:be:ba:8b:5f:ec:5d:13:
                    35:f3:7a:86:c5:2c:8a:c2:a2:44:ef:7f:63:eb:e6:
                    f5:c2:c1:b9:36:ec:df:ee:4e:78:46:f4:2a:e5:ad:
                    10:bd:55:95:9e:f8:14:bb:f8:ef:db:e0:53:d0:8c:
                    09:d9:44:cd:9a:77:29:f2:01:1c:33:a1:5d:29:0a:
                    c2:53:1f:1c:87:d9:e3:54:b3:3a:6d:6b:b1:60:82:
                    c6:06:7c:10:3b:a0:fc:54:db:f2:fc:05:46:3a:7f:
                    ed:22:61:8c:f5:d6:24:58:4a:17:f6:d8:0d:3a:fa:
                    da:b6:5a:68:3b:c0:64:51:c7:2a:fb:b5:03:f9:e0:
                    f5:4d:c7:45:4b:59:e8:1a:9a:9d:a4:e7:e8:2f:f8:
                    c0:96:1b:f3:43:6c:eb:75:ac:b3:f4:74:d2:d0:50:
                    79:f6:bb:f1:7c:fe:68:9d:31:11:32:3f:b0:34:82:
                    9a:35:23:35:11:a7:f1:3c:80:82:53:d1:c4:c9:0f:
                    f6:e5:0f:f6:17:9b:25:86:e7:29:65:dc:02:b9:2c:
                    16:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:75:A9:B0:EA:F3:58:55:8B:E0:82:83:F0:AB:71:39:F3:C1:F9:52
            X509v3 Authority Key Identifier:
                keyid:96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:eb:1b:4f:f4:b0:99:ad:ee:af:fe:a1:74:ad:4e:30:b6:db:
         2a:16:25:94:49:d1:34:11:45:67:60:82:25:c0:d5:d3:da:9e:
         f9:7e:90:8c:d1:5f:f9:08:12:ec:79:5d:ff:d8:46:b0:a3:fa:
         d0:a9:67:d2:96:f7:ba:67:dd:54:49:92:51:ea:46:37:a7:65:
         e4:3a:6c:1a:d0:e9:1e:a0:3d:f6:87:ce:fa:46:9c:b4:84:de:
         a2:8d:9e:05:1c:16:f0:f3:c0:c8:15:cf:bf:e5:cb:c2:00:b1:
         c9:99:c5:06:ec:9d:21:f7:79:bc:e0:9d:21:c3:c5:6e:52:bb:
         11:23:59:ea:66:e5:c6:62:68:1f:b6:d4:aa:dc:01:1f:39:f3:
         12:fc:79:fe:9e:77:30:a1:9a:ee:6c:69:d0:22:3b:71:c7:a5:
         58:62:4b:c1:f8:38:78:4e:19:a7:07:1c:8a:dd:3b:ff:ca:04:
         b2:ed:3b:ff:45:9f:86:e9:c5:3f:02:ad:73:6d:30:61:78:9c:
         a6:ac:c6:19:e5:a7:4c:81:cc:93:d6:e0:92:51:7d:60:5e:12:
         02:2f:d8:ee:b8:bf:e7:f9:0b:5d:f3:d7:32:9c:10:d1:c8:0e:
         f3:0f:86:27:cd:68:cd:1b:d9:0b:2a:c3:c4:a4:f7:19:12:34:
         65:d7:a0:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/o3ArruNTQIiadn9LHdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MGU2OGM4Mzg5YjA5ZGMzNDU0NjRhNDAwYWYyNzY1Njhl
N2Y5NmEwHhcNMjYwMzAyMTAwMTA2WhcNMjYwMzAzMTAwMTA2WjAzMTEwLwYDVQQD
Eyg5Njc1YTliMGVhZjM1ODU1OGJlMDgyODNmMGFiNzEzOWYzYzFmOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsfgVgZEP6TgGMRtlUbIRJCbHxbJ
ughpgaPthJLny7ThsqO6tyxhpoTzsjYQCOlNdXN2gr66i1/sXRM183qGxSyKwqJE
739j6+b1wsG5Nuzf7k54RvQq5a0QvVWVnvgUu/jv2+BT0IwJ2UTNmncp8gEcM6Fd
KQrCUx8ch9njVLM6bWuxYILGBnwQO6D8VNvy/AVGOn/tImGM9dYkWEoX9tgNOvra
tlpoO8BkUccq+7UD+eD1TcdFS1noGpqdpOfoL/jAlhvzQ2zrdayz9HTS0FB59rvx
fP5onTERMj+wNIKaNSM1EafxPICCU9HEyQ/25Q/2F5slhucpZdwCuSwWrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZ1qbDq81hVi+CCg/CrcTnzwflSMB8GA1UdIwQY
MBaAFJYOaMg4mwncNFRkpACvJ2Vo5/lqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMt
NjMzMzE4NjU4OWE5LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMtNjMzMzE4NjU4OWE5
LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeOsbT/Sw
ma3ur/6hdK1OMLbbKhYllEnRNBFFZ2CCJcDV09qe+X6QjNFf+QgS7Hld/9hGsKP6
0Kln0pb3umfdVEmSUepGN6dl5DpsGtDpHqA99ofO+kactITeoo2eBRwW8PPAyBXP
v+XLwgCxyZnFBuydIfd5vOCdIcPFblK7ESNZ6mblxmJoH7bUqtwBHznzEvx5/p53
MKGa7mxp0CI7ccelWGJLwfg4eE4Zpwccit07/8oEsu07/0WfhunFPwKtc20wYXic
pqzGGeWnTIHMk9bgklF9YF4SAi/Y7ri/5/kLXfPXMpwQ0cgO8w+GJ81ozRvZCyrD
xKT3GRI0Zdeg4A==
-----END CERTIFICATE-----