Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
File:                     lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft (raw, json)
Hash identifier:          c7A7pD/+kjoF8WeTIaj0a7YfKZ4NFh89Q+gN20wLy+Y=
Subject key identifier:   9E:14:A2:12:1D:40:94:D3:C2:AE:6F:5F:6F:11:2E:04:7B:DE:ED:A5
Authority key identifier: 96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A
Certificate issuer:       /CN=960e68c8389b09dc345464a400af276568e7f96a
Certificate serial:       019D9B87E411884E093632D7F66F2F85A6BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
Manifest number:          1144
Signing time:             Fri 17 Apr 2026 13:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:07 +0000
Files and hashes:         1: lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl (hash: YTHeI9YinQmW1O/oFg7HsMA1BfSn4FOK2JIac5LRvlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:e4:11:88:4e:09:36:32:d7:f6:6f:2f:85:a6:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=960e68c8389b09dc345464a400af276568e7f96a
        Validity
            Not Before: Apr 17 13:01:07 2026 GMT
            Not After : Apr 18 13:01:07 2026 GMT
        Subject: CN=9e14a2121d4094d3c2ae6f5f6f112e047bdeeda5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:95:c4:2f:75:b6:fa:ad:a2:f0:a7:59:c3:06:
                    c5:9e:51:7f:7d:8e:75:02:57:16:33:e4:b7:e9:74:
                    b0:dd:30:b5:6e:a4:12:07:8f:3c:ca:f7:e4:85:85:
                    b6:d1:a7:67:75:84:c5:25:3b:00:89:a2:50:a8:95:
                    35:1d:89:e1:07:2b:71:aa:8e:22:fb:a3:cb:c3:62:
                    f8:ac:ab:ba:77:ab:84:65:80:17:fb:a0:0a:a2:60:
                    e2:01:b5:17:16:22:e6:4d:0a:41:5c:00:8a:0d:10:
                    13:2c:9f:84:f1:4b:7c:a5:b0:3d:4e:5f:36:9d:82:
                    25:93:70:b6:12:47:15:bf:d4:bd:f8:e8:67:e4:85:
                    e6:7d:2d:cb:7b:40:32:62:a7:66:ec:c9:26:dc:f6:
                    d0:6b:78:e1:ca:6a:3c:81:0f:93:ff:0f:64:ec:c8:
                    8f:85:3f:7b:b2:38:85:39:a5:be:de:1c:b6:c2:83:
                    67:ef:9b:a8:38:88:a8:ee:13:fd:22:0f:94:17:5e:
                    4d:d6:36:8e:53:c4:f8:4e:4b:b7:25:4a:f6:90:7c:
                    ee:aa:72:5f:27:c2:70:03:62:d0:15:e4:4e:3e:b6:
                    84:f8:4f:87:05:39:20:fc:cb:63:b4:ab:ae:18:28:
                    5e:90:cb:73:f5:66:d4:57:d9:f0:e9:23:34:68:c9:
                    40:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:14:A2:12:1D:40:94:D3:C2:AE:6F:5F:6F:11:2E:04:7B:DE:ED:A5
            X509v3 Authority Key Identifier:
                keyid:96:0E:68:C8:38:9B:09:DC:34:54:64:A4:00:AF:27:65:68:E7:F9:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lg5oyDibCdw0VGSkAK8nZWjn-Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7bd8f3-4753-42cd-8ff3-6333186589a9/1/lg5oyDibCdw0VGSkAK8nZWjn-Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:25:34:58:98:76:9b:cb:3e:bb:17:77:ff:79:10:f6:e7:4d:
         9c:8f:f7:7b:cf:08:b1:33:54:32:c5:e0:64:40:e1:8b:e4:da:
         1b:85:7f:54:be:cf:89:60:e1:0a:c1:ce:ba:91:70:f5:fa:50:
         1b:fe:fe:75:52:5a:21:f4:ec:e6:bf:3d:93:29:6a:df:4c:75:
         a5:e0:be:09:6f:d8:87:f8:08:40:37:38:9f:f0:0a:e6:a4:97:
         78:70:e3:4d:25:e2:91:75:5c:59:d5:3e:48:68:38:d5:b3:2c:
         2c:fc:b7:78:48:c2:53:f3:e3:2f:4f:e5:2d:4c:14:f6:6d:ee:
         cb:99:3e:ee:12:2e:d9:7a:1c:09:70:6c:99:50:f9:5b:1b:64:
         10:76:7b:89:02:d1:48:53:cb:95:8a:51:37:2e:ac:16:05:58:
         3b:c9:98:4a:19:4e:c8:ef:85:c1:90:56:af:88:7d:68:15:06:
         0f:09:e9:ea:60:87:ae:8a:56:69:f1:0a:6d:48:99:40:ff:5d:
         6e:e8:fc:82:dc:d9:5c:26:10:ac:08:84:1f:0c:c2:60:35:71:
         db:29:a0:4e:30:8b:48:75:dd:ad:a9:91:04:fb:e1:8c:a4:df:
         9b:1b:0e:15:97:34:d6:cf:b3:7d:bb:63:af:5d:25:14:f0:1b:
         bf:3f:65:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh+QRiE4JNjLX9m8vhaa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MGU2OGM4Mzg5YjA5ZGMzNDU0NjRhNDAwYWYyNzY1Njhl
N2Y5NmEwHhcNMjYwNDE3MTMwMTA3WhcNMjYwNDE4MTMwMTA3WjAzMTEwLwYDVQQD
Eyg5ZTE0YTIxMjFkNDA5NGQzYzJhZTZmNWY2ZjExMmUwNDdiZGVlZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJXEL3W2+q2i8KdZwwbFnlF/fY51
AlcWM+S36XSw3TC1bqQSB488yvfkhYW20adndYTFJTsAiaJQqJU1HYnhBytxqo4i
+6PLw2L4rKu6d6uEZYAX+6AKomDiAbUXFiLmTQpBXACKDRATLJ+E8Ut8pbA9Tl82
nYIlk3C2EkcVv9S9+Ohn5IXmfS3Le0AyYqdm7Mkm3PbQa3jhymo8gQ+T/w9k7MiP
hT97sjiFOaW+3hy2woNn75uoOIio7hP9Ig+UF15N1jaOU8T4Tku3JUr2kHzuqnJf
J8JwA2LQFeROPraE+E+HBTkg/MtjtKuuGChekMtz9WbUV9nw6SM0aMlAwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4UohIdQJTTwq5vX28RLgR73u2lMB8GA1UdIwQY
MBaAFJYOaMg4mwncNFRkpACvJ2Vo5/lqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMt
NjMzMzE4NjU4OWE5LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83YmQ4ZjMtNDc1My00MmNkLThmZjMtNjMzMzE4NjU4OWE5
LzEvbGc1b3lEaWJDZHcwVkdTa0FLOG5aV2puLVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyU0WJh2
m8s+uxd3/3kQ9udNnI/3e88IsTNUMsXgZEDhi+TaG4V/VL7PiWDhCsHOupFw9fpQ
G/7+dVJaIfTs5r89kylq30x1peC+CW/Yh/gIQDc4n/AK5qSXeHDjTSXikXVcWdU+
SGg41bMsLPy3eEjCU/PjL0/lLUwU9m3uy5k+7hIu2XocCXBsmVD5WxtkEHZ7iQLR
SFPLlYpRNy6sFgVYO8mYShlOyO+FwZBWr4h9aBUGDwnp6mCHropWafEKbUiZQP9d
buj8gtzZXCYQrAiEHwzCYDVx2ymgTjCLSHXdramRBPvhjKTfmxsOFZc01s+zfbtj
r10lFPAbvz9l4w==
-----END CERTIFICATE-----