Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
File:                     lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft (raw, json)
Hash identifier:          CxVHsIg0L/Svef8ucHPWDEIec9uPbaEoZNhEj17bUCI=
Subject key identifier:   D9:AE:6C:74:02:17:00:BD:1F:F9:D7:EF:47:D8:1F:CB:8F:E7:AE:B4
Authority key identifier: 94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D
Certificate issuer:       /CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
Certificate serial:       019CAB6B1388B224BF9EA2ABE808A4FF30EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
Manifest number:          0483
Signing time:             Sun 01 Mar 2026 22:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:47 +0000
Files and hashes:         1: lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl (hash: Vh3ZvLbbmRasE5ooId9mgPR+9ufWuLHYpg3r8ggJ+r4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:13:88:b2:24:bf:9e:a2:ab:e8:08:a4:ff:30:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9475eddca95b736653a4c9f9d91540d2d3efb53d
        Validity
            Not Before: Mar  1 22:00:47 2026 GMT
            Not After : Mar  2 22:00:47 2026 GMT
        Subject: CN=d9ae6c74021700bd1ff9d7ef47d81fcb8fe7aeb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:46:c8:e9:94:6c:a9:30:e1:b1:29:b1:e9:fb:
                    40:c3:2b:01:2c:63:98:56:b7:21:5a:42:42:9a:3d:
                    e5:ae:a1:10:be:68:6d:17:d6:7e:f0:5e:76:10:2e:
                    dc:b8:a6:0d:ac:6c:a6:1d:e3:95:08:55:d3:02:b5:
                    f0:d2:73:a7:06:bf:05:71:4e:f4:30:90:fb:89:04:
                    59:f3:c1:69:25:c8:63:8a:db:35:9a:e0:b5:90:c7:
                    d0:f8:0d:87:a8:b4:9e:fa:b1:d1:32:eb:92:e8:88:
                    56:44:d2:5f:4b:4e:3f:bb:7e:23:26:f5:36:d8:ea:
                    67:a6:ac:27:00:2b:a7:a1:6b:22:c6:45:b2:e1:48:
                    aa:e6:d6:24:c4:06:43:e0:5b:19:57:f6:27:ca:61:
                    83:b3:7a:c5:30:da:27:97:9c:68:be:86:05:63:e3:
                    87:db:93:78:e9:1a:b5:1b:56:a2:aa:da:e1:3e:db:
                    05:e2:9c:8d:9b:fd:d5:4d:31:35:22:57:d3:48:89:
                    54:d3:64:6d:a1:84:5a:65:2f:00:e4:23:93:c2:e6:
                    f0:cc:6c:31:ad:d1:35:20:82:2b:e7:e4:b0:49:bd:
                    b1:6e:5c:64:05:47:86:8f:20:16:3b:73:c2:a8:4e:
                    3b:92:58:f5:67:50:b1:2a:24:4a:71:13:f5:89:6e:
                    ed:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AE:6C:74:02:17:00:BD:1F:F9:D7:EF:47:D8:1F:CB:8F:E7:AE:B4
            X509v3 Authority Key Identifier:
                keyid:94:75:ED:DC:A9:5B:73:66:53:A4:C9:F9:D9:15:40:D2:D3:EF:B5:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHXt3Klbc2ZTpMn52RVA0tPvtT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23ca21-bceb-433e-b7d9-7b003984b863/1/lHXt3Klbc2ZTpMn52RVA0tPvtT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:bd:86:61:b7:65:79:47:6d:50:34:02:81:83:77:19:1c:e8:
         24:45:31:a8:ad:4c:27:4a:39:02:d6:f1:86:61:06:4e:a5:85:
         f3:32:03:54:59:e5:e0:da:c0:00:7d:6a:29:cb:e2:28:71:bc:
         b0:cc:35:d3:0d:bc:2b:a2:bb:2d:2b:eb:0c:c6:39:15:f7:e1:
         8d:52:63:eb:00:09:82:12:ae:1d:f2:21:a0:0b:1c:43:1e:b6:
         87:d5:f9:ce:54:81:20:38:fd:47:d2:ce:31:05:e9:d0:23:f2:
         e7:00:20:cc:1d:10:e9:18:2f:c3:3d:83:7b:f5:e8:15:ec:39:
         9c:70:51:60:6d:9a:4f:51:d0:d2:d3:f8:88:3e:6c:90:6c:47:
         11:91:b8:89:f9:53:14:8c:7e:85:a0:30:58:87:9f:c1:ff:95:
         32:07:a6:0f:a2:69:ca:57:5d:0a:da:35:ad:79:88:9a:29:c9:
         7a:5b:8a:a8:5d:bb:01:af:97:2c:41:e0:f1:12:aa:aa:60:f0:
         be:98:2c:79:f7:cc:84:d6:eb:cc:98:e5:a1:4e:74:a7:04:ac:
         78:70:79:1a:37:aa:1b:e9:cb:f1:82:ff:c4:cb:c1:86:7b:d2:
         65:85:d1:17:7b:9c:18:d6:41:66:ff:57:a6:8f:2e:2b:b0:d5:
         59:58:a1:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraxOIsiS/nqKr6Aik/zDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzVlZGRjYTk1YjczNjY1M2E0YzlmOWQ5MTU0MGQyZDNl
ZmI1M2QwHhcNMjYwMzAxMjIwMDQ3WhcNMjYwMzAyMjIwMDQ3WjAzMTEwLwYDVQQD
EyhkOWFlNmM3NDAyMTcwMGJkMWZmOWQ3ZWY0N2Q4MWZjYjhmZTdhZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0bI6ZRsqTDhsSmx6ftAwysBLGOY
VrchWkJCmj3lrqEQvmhtF9Z+8F52EC7cuKYNrGymHeOVCFXTArXw0nOnBr8FcU70
MJD7iQRZ88FpJchjits1muC1kMfQ+A2HqLSe+rHRMuuS6IhWRNJfS04/u34jJvU2
2OpnpqwnACunoWsixkWy4Uiq5tYkxAZD4FsZV/YnymGDs3rFMNonl5xovoYFY+OH
25N46Rq1G1aiqtrhPtsF4pyNm/3VTTE1IlfTSIlU02RtoYRaZS8A5COTwubwzGwx
rdE1IIIr5+SwSb2xblxkBUeGjyAWO3PCqE47klj1Z1CxKiRKcRP1iW7tlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmubHQCFwC9H/nX70fYH8uP5660MB8GA1UdIwQY
MBaAFJR17dypW3NmU6TJ+dkVQNLT77U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDkt
N2IwMDM5ODRiODYzLzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2NhMjEtYmNlYi00MzNlLWI3ZDktN2IwMDM5ODRiODYz
LzEvbEhYdDNLbGJjMlpUcE1uNTJSVkEwdFB2dFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN72GYbdl
eUdtUDQCgYN3GRzoJEUxqK1MJ0o5AtbxhmEGTqWF8zIDVFnl4NrAAH1qKcviKHG8
sMw10w28K6K7LSvrDMY5FffhjVJj6wAJghKuHfIhoAscQx62h9X5zlSBIDj9R9LO
MQXp0CPy5wAgzB0Q6Rgvwz2De/XoFew5nHBRYG2aT1HQ0tP4iD5skGxHEZG4iflT
FIx+haAwWIefwf+VMgemD6JpylddCto1rXmIminJeluKqF27Aa+XLEHg8RKqqmDw
vpgseffMhNbrzJjloU50pwSseHB5GjeqG+nL8YL/xMvBhnvSZYXRF3ucGNZBZv9X
po8uK7DVWVih1Q==
-----END CERTIFICATE-----