Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          rIwVbh9yKNMgLfIlGTHugo5b0sie167edwkpcFttVio=
Subject key identifier:   C5:60:78:F6:44:99:D3:D6:7C:90:E0:3B:01:08:C9:26:70:9C:01:2D
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019CABA233F926957C9FE2CC72FAB51D2BCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          04F5
Signing time:             Sun 01 Mar 2026 23:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 23:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 23:00:59 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: G784FFSwl2aR36AjkHO1vTuWlLQfjXk11An9yRQqZm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a2:33:f9:26:95:7c:9f:e2:cc:72:fa:b5:1d:2b:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Mar  1 23:00:59 2026 GMT
            Not After : Mar  2 23:00:59 2026 GMT
        Subject: CN=c56078f64499d3d67c90e03b0108c926709c012d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5c:bb:d2:1c:39:78:d6:3a:19:23:ae:86:74:
                    c2:5a:e9:73:40:8c:7d:04:cc:ec:04:d0:d3:41:6b:
                    d5:8a:4c:4c:62:18:cc:ca:40:50:f3:95:b3:bb:39:
                    80:5c:f4:5b:5a:04:c2:0f:37:72:85:14:ed:83:5b:
                    e8:3e:e1:89:db:14:fe:c7:cb:57:25:e8:72:e5:9d:
                    cc:a8:3e:02:34:ad:be:5b:41:61:a1:16:e4:61:b5:
                    f5:af:ec:ea:cc:3a:1e:99:f1:54:95:e9:56:ef:ad:
                    66:cf:20:ad:79:00:1d:0f:ea:06:86:55:61:43:d8:
                    80:4b:d5:a7:a1:16:76:e1:8a:b5:50:34:df:4b:85:
                    9d:36:c8:be:ee:c6:30:de:21:81:cf:e1:b1:1d:d8:
                    06:08:00:64:6f:87:2f:44:a7:ae:af:f0:e9:1d:a5:
                    7c:e8:f8:c8:00:1a:be:25:52:64:c3:a7:f6:31:02:
                    53:e2:31:d0:72:c1:59:b4:bf:7b:3f:94:db:25:b3:
                    08:2c:32:d3:d2:f6:42:be:a0:53:14:7c:f5:09:d4:
                    3b:b1:5c:6b:7c:ad:f4:89:af:3b:ae:74:b5:50:48:
                    5d:fe:00:cd:22:db:87:cb:86:94:81:e0:8b:53:03:
                    64:02:ed:f3:2f:fc:39:ed:47:e7:fe:b3:19:cf:ba:
                    62:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:60:78:F6:44:99:D3:D6:7C:90:E0:3B:01:08:C9:26:70:9C:01:2D
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:44:52:9f:13:f5:79:fb:c9:e1:54:de:bb:c8:98:50:ec:3e:
         6e:43:2a:bd:c1:36:ba:1a:a0:85:28:4d:8f:eb:6c:2d:6b:a0:
         b3:d6:5c:68:b0:8e:d0:8b:fe:67:e4:cc:7d:50:80:d9:cd:42:
         e8:1f:ca:f9:7e:60:5b:b6:06:4c:d3:bd:61:db:ea:bc:47:28:
         9a:72:47:9c:0b:52:6f:1c:52:d8:87:03:f4:c0:84:28:4b:ad:
         37:ee:a5:ec:03:a7:95:c4:5e:ff:52:41:c9:6b:f2:98:28:40:
         58:4f:75:64:40:2b:c4:75:57:aa:3e:7b:40:7a:8a:ee:1d:12:
         ac:94:a2:43:28:27:32:14:5f:4c:49:f9:9d:0f:44:bb:4d:e3:
         c7:de:b6:12:80:75:e9:e1:75:73:b7:49:2f:54:4f:59:b1:87:
         fd:3e:d2:8f:d9:56:93:42:ef:b5:66:18:39:7d:3c:83:e9:47:
         b5:19:12:66:7b:87:d7:f6:08:d2:ac:22:b9:2c:f9:92:37:f2:
         87:1d:b5:f9:34:70:54:cb:02:7b:06:02:53:4d:4a:78:f0:7b:
         28:6e:dd:19:c9:e8:05:ce:e7:fa:9a:a6:8f:ed:11:85:38:c3:
         27:00:6f:f5:fe:49:30:b8:ca:5c:78:f6:3b:70:04:2b:9e:52:
         b6:20:74:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrojP5JpV8n+LMcvq1HSvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjYwMzAxMjMwMDU5WhcNMjYwMzAyMjMwMDU5WjAzMTEwLwYDVQQD
EyhjNTYwNzhmNjQ0OTlkM2Q2N2M5MGUwM2IwMTA4YzkyNjcwOWMwMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1y70hw5eNY6GSOuhnTCWulzQIx9
BMzsBNDTQWvVikxMYhjMykBQ85WzuzmAXPRbWgTCDzdyhRTtg1voPuGJ2xT+x8tX
Jehy5Z3MqD4CNK2+W0FhoRbkYbX1r+zqzDoemfFUlelW761mzyCteQAdD+oGhlVh
Q9iAS9WnoRZ24Yq1UDTfS4WdNsi+7sYw3iGBz+GxHdgGCABkb4cvRKeur/DpHaV8
6PjIABq+JVJkw6f2MQJT4jHQcsFZtL97P5TbJbMILDLT0vZCvqBTFHz1CdQ7sVxr
fK30ia87rnS1UEhd/gDNItuHy4aUgeCLUwNkAu3zL/w57Ufn/rMZz7pi4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVgePZEmdPWfJDgOwEIySZwnAEtMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARkRSnxP1
efvJ4VTeu8iYUOw+bkMqvcE2uhqghShNj+tsLWugs9ZcaLCO0Iv+Z+TMfVCA2c1C
6B/K+X5gW7YGTNO9YdvqvEcomnJHnAtSbxxS2IcD9MCEKEutN+6l7AOnlcRe/1JB
yWvymChAWE91ZEArxHVXqj57QHqK7h0SrJSiQygnMhRfTEn5nQ9Eu03jx962EoB1
6eF1c7dJL1RPWbGH/T7Sj9lWk0LvtWYYOX08g+lHtRkSZnuH1/YI0qwiuSz5kjfy
hx21+TRwVMsCewYCU01KePB7KG7dGcnoBc7n+pqmj+0RhTjDJwBv9f5JMLjKXHj2
O3AEK55StiB0Pg==
-----END CERTIFICATE-----