Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          DDliaWvmGSEnXW0RMmlWU1Vambh4MKDjeOOJCeQNYPM=
Subject key identifier:   FA:E9:44:94:70:55:DC:15:EB:DE:84:82:65:2B:B1:95:E9:C6:98:1B
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       019CAD594362B47A7E8A2B3559EA16F29097
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          1547
Signing time:             Mon 02 Mar 2026 07:00:34 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:34 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:34 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: cItNYFiB1yd68d90muuc5xvIjUxhyOLHCMIlvvdDkcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:43:62:b4:7a:7e:8a:2b:35:59:ea:16:f2:90:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Mar  2 07:00:34 2026 GMT
            Not After : Mar  3 07:00:34 2026 GMT
        Subject: CN=fae944947055dc15ebde8482652bb195e9c6981b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:28:56:8a:2e:bd:99:99:6c:29:26:30:69:82:
                    36:09:fc:be:db:5e:59:cf:a8:90:dd:ba:47:fa:39:
                    82:0b:10:51:04:3a:16:0b:f6:15:00:f5:f7:91:7e:
                    3a:91:52:c9:14:c5:12:a3:a2:f9:01:96:26:b8:a1:
                    6a:ba:2b:48:b2:fd:39:ed:69:51:53:8d:c6:02:a5:
                    9e:53:14:74:0b:01:59:ea:07:80:eb:c6:91:a6:6f:
                    c5:da:ec:9f:36:de:00:53:48:11:95:46:fc:5a:60:
                    ce:a4:98:2b:de:50:52:fb:46:66:9d:e7:ee:32:6a:
                    6e:35:81:40:ba:42:d0:1d:88:4d:ac:04:45:7b:ef:
                    2e:56:81:c0:76:4d:42:c9:f2:cb:0f:9f:0d:d3:80:
                    ae:24:c4:ae:c2:3b:a2:7c:5f:88:e0:2a:fe:37:4e:
                    d4:70:80:a4:4b:fe:04:16:3f:43:96:8e:14:e9:52:
                    94:ea:ca:50:e9:ea:d2:cd:30:69:88:b8:41:71:9a:
                    37:e0:34:a5:40:e9:3e:b3:dc:28:86:28:cf:50:c2:
                    de:18:b0:48:c2:46:07:ad:9b:3f:38:8d:15:4f:17:
                    48:cc:b1:69:ab:38:ff:92:ff:45:c1:c4:6b:af:de:
                    c4:29:84:f1:e6:1b:8b:b6:7f:f1:ee:b2:43:26:8a:
                    8c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:E9:44:94:70:55:DC:15:EB:DE:84:82:65:2B:B1:95:E9:C6:98:1B
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:b2:44:d4:3e:7e:79:4c:35:ed:79:56:bb:dc:70:f2:a1:6a:
         00:45:f8:e8:70:22:ba:b9:74:ac:ee:43:86:e8:76:a3:2d:5b:
         90:c7:d1:b0:3a:e1:6f:60:1e:10:e9:ee:2b:74:71:28:e6:25:
         76:38:e7:8d:00:f3:b9:16:9c:a0:cd:1e:03:d0:dc:48:f3:25:
         4b:21:ca:e0:fe:bd:5d:d9:67:37:70:65:72:29:86:1e:5e:67:
         bc:03:48:b4:ee:d4:9f:74:8a:4d:e6:c5:90:32:2d:fa:e3:d2:
         1e:a0:fc:0c:1a:9a:c1:c6:f9:d0:96:d9:6b:fb:af:ae:60:21:
         bf:55:ec:bc:fc:18:a7:e3:d4:e6:69:7b:d6:19:b8:44:63:c8:
         64:36:e3:98:30:78:3e:5c:78:3f:fe:e7:6c:1d:fe:81:2c:c1:
         78:22:0b:fc:6c:13:12:27:55:64:30:41:88:f2:21:0f:40:bd:
         6d:a1:d9:23:6b:3c:ee:c7:e0:b2:cf:2d:b9:91:b0:49:65:13:
         a8:37:97:75:0d:3f:0b:0a:5d:12:ba:9b:60:c1:ff:a4:0d:5d:
         d6:50:08:06:e9:97:87:d6:47:65:a5:0a:97:47:f1:23:1f:ae:
         ad:f1:1f:64:6f:8e:9c:fc:71:d6:93:c2:e1:3e:e1:bf:91:f4:
         07:dc:5c:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWUNitHp+iis1WeoW8pCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjYwMzAyMDcwMDM0WhcNMjYwMzAzMDcwMDM0WjAzMTEwLwYDVQQD
EyhmYWU5NDQ5NDcwNTVkYzE1ZWJkZTg0ODI2NTJiYjE5NWU5YzY5ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryhWii69mZlsKSYwaYI2Cfy+215Z
z6iQ3bpH+jmCCxBRBDoWC/YVAPX3kX46kVLJFMUSo6L5AZYmuKFquitIsv057WlR
U43GAqWeUxR0CwFZ6geA68aRpm/F2uyfNt4AU0gRlUb8WmDOpJgr3lBS+0Zmnefu
MmpuNYFAukLQHYhNrARFe+8uVoHAdk1CyfLLD58N04CuJMSuwjuifF+I4Cr+N07U
cICkS/4EFj9Dlo4U6VKU6spQ6erSzTBpiLhBcZo34DSlQOk+s9wohijPUMLeGLBI
wkYHrZs/OI0VTxdIzLFpqzj/kv9FwcRrr97EKYTx5huLtn/x7rJDJoqM8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrpRJRwVdwV696EgmUrsZXpxpgbMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI7JE1D5+
eUw17XlWu9xw8qFqAEX46HAiurl0rO5Dhuh2oy1bkMfRsDrhb2AeEOnuK3RxKOYl
djjnjQDzuRacoM0eA9DcSPMlSyHK4P69XdlnN3BlcimGHl5nvANItO7Un3SKTebF
kDIt+uPSHqD8DBqawcb50JbZa/uvrmAhv1XsvPwYp+PU5ml71hm4RGPIZDbjmDB4
Plx4P/7nbB3+gSzBeCIL/GwTEidVZDBBiPIhD0C9baHZI2s87sfgss8tuZGwSWUT
qDeXdQ0/CwpdErqbYMH/pA1d1lAIBumXh9ZHZaUKl0fxIx+urfEfZG+OnPxx1pPC
4T7hv5H0B9xcgQ==
-----END CERTIFICATE-----