Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
File:                     LphQiZ2cq14AM9C-lyKn6zBdfGA.mft (raw, json)
Hash identifier:          lN1pSfX1PMzfMokFUuk7knGB10B6G7SzXebMLF2Pxkg=
Subject key identifier:   B5:2A:22:B5:11:9B:D5:6A:B4:79:07:60:F5:95:C9:C3:DD:55:49:75
Authority key identifier: 2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60
Certificate issuer:       /CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
Certificate serial:       019CAB6BD58C1AAFECADF1A95DEC75F5DB09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:36 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:36 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:36 +0000
Files and hashes:         1: LphQiZ2cq14AM9C-lyKn6zBdfGA.crl (hash: EbbEGZp3cXhcTWqZEhG2zCeqAuvD6sDeMNclfz5d3TM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:d5:8c:1a:af:ec:ad:f1:a9:5d:ec:75:f5:db:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e9850899d9cab5e0033d0be9722a7eb305d7c60
        Validity
            Not Before: Mar  1 22:01:36 2026 GMT
            Not After : Mar  2 22:01:36 2026 GMT
        Subject: CN=b52a22b5119bd56ab4790760f595c9c3dd554975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b0:b0:22:63:12:6f:d2:df:d9:b0:5f:45:3b:
                    75:75:66:8c:b7:63:85:34:90:8a:be:7c:79:20:be:
                    91:a6:03:46:99:10:fe:b5:f4:9f:ae:8a:23:1b:d0:
                    74:62:6a:af:41:7c:0d:5c:9e:56:58:ea:1e:06:ad:
                    47:02:09:3d:7e:43:41:91:e8:7b:92:23:28:ef:cd:
                    a6:01:8d:d4:ca:ae:48:b5:f4:ca:84:ce:d8:a2:05:
                    65:8a:41:f0:33:ea:7a:0a:ba:00:12:09:60:95:2d:
                    71:e4:34:9f:66:c3:3b:b8:8a:e8:64:32:48:d7:d9:
                    52:46:98:f4:24:8c:49:71:a2:d5:c8:68:38:d3:a0:
                    cc:72:4b:2b:41:41:e6:71:06:96:b9:da:db:ea:5b:
                    63:03:4b:86:4b:34:f2:fb:6d:7b:62:5e:b0:23:39:
                    97:76:8b:bb:bb:7e:95:29:22:61:3c:46:2b:ee:30:
                    4f:5f:cd:71:be:57:f8:88:41:6e:1b:ca:1f:d7:eb:
                    ae:f2:97:0e:47:1a:17:0b:57:1a:f9:5a:52:b7:8d:
                    14:87:13:d7:98:b7:3b:b5:d1:45:d0:df:cb:91:f1:
                    ae:32:37:b4:c3:d2:47:6c:f0:b0:00:c3:b2:1b:34:
                    18:9a:23:1b:52:a8:c9:ee:e6:22:2c:80:ef:65:02:
                    8f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:2A:22:B5:11:9B:D5:6A:B4:79:07:60:F5:95:C9:C3:DD:55:49:75
            X509v3 Authority Key Identifier:
                keyid:2E:98:50:89:9D:9C:AB:5E:00:33:D0:BE:97:22:A7:EB:30:5D:7C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LphQiZ2cq14AM9C-lyKn6zBdfGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37fd9d-61e6-4df3-9c07-6b6ad0456b65/1/LphQiZ2cq14AM9C-lyKn6zBdfGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:27:99:b4:b3:8c:43:a6:32:0b:4e:6d:aa:92:67:d6:c9:65:
         bc:60:cf:7a:96:57:6c:a8:50:df:d5:93:39:0a:69:20:f0:98:
         a3:1c:63:2e:c9:80:63:ab:2e:ec:6e:dc:67:93:a0:aa:a8:a5:
         2c:5d:96:2c:59:3e:8b:07:73:5b:ed:b0:cb:bd:61:57:22:0a:
         73:4b:fc:62:5e:9b:ab:78:90:b7:66:8d:9c:93:6f:6b:90:ed:
         83:d2:1c:a9:1a:7b:56:4d:e1:b3:85:24:37:0b:2f:72:24:42:
         3b:4d:60:d7:13:61:9b:22:7a:48:98:7c:04:a6:eb:44:18:cd:
         8c:74:8a:71:03:c4:0d:6b:a2:bc:26:91:10:1c:a6:34:97:28:
         7f:18:79:d3:a2:ae:4d:91:2f:44:2f:91:46:67:d5:f5:80:11:
         0f:7a:d6:dd:7b:52:d7:c6:0b:5b:d3:5b:42:63:d5:8f:b5:ab:
         51:88:16:e2:db:2a:03:9d:3b:be:2c:51:1e:8c:03:be:c2:81:
         0b:80:fb:c8:76:79:38:f7:3e:48:a7:db:6a:c2:ab:0a:87:53:
         f8:a2:ba:a3:ba:91:06:5c:84:62:ee:bf:de:9d:60:b5:3e:0e:
         3e:29:e2:bd:2f:ce:fc:4c:dc:b1:e9:dc:54:a2:73:18:e4:91:
         e8:2d:29:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9WMGq/srfGpXex19dsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOTg1MDg5OWQ5Y2FiNWUwMDMzZDBiZTk3MjJhN2ViMzA1
ZDdjNjAwHhcNMjYwMzAxMjIwMTM2WhcNMjYwMzAyMjIwMTM2WjAzMTEwLwYDVQQD
EyhiNTJhMjJiNTExOWJkNTZhYjQ3OTA3NjBmNTk1YzljM2RkNTU0OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bCwImMSb9Lf2bBfRTt1dWaMt2OF
NJCKvnx5IL6RpgNGmRD+tfSfroojG9B0YmqvQXwNXJ5WWOoeBq1HAgk9fkNBkeh7
kiMo782mAY3Uyq5ItfTKhM7YogVlikHwM+p6CroAEglglS1x5DSfZsM7uIroZDJI
19lSRpj0JIxJcaLVyGg406DMcksrQUHmcQaWudrb6ltjA0uGSzTy+217Yl6wIzmX
dou7u36VKSJhPEYr7jBPX81xvlf4iEFuG8of1+uu8pcORxoXC1ca+VpSt40UhxPX
mLc7tdFF0N/LkfGuMje0w9JHbPCwAMOyGzQYmiMbUqjJ7uYiLIDvZQKPIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUqIrURm9VqtHkHYPWVycPdVUl1MB8GA1UdIwQY
MBaAFC6YUImdnKteADPQvpcip+swXXxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDct
NmI2YWQwNDU2YjY1LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zN2ZkOWQtNjFlNi00ZGYzLTljMDctNmI2YWQwNDU2YjY1
LzEvTHBoUWlaMmNxMTRBTTlDLWx5S242ekJkZkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyeZtLOM
Q6YyC05tqpJn1sllvGDPepZXbKhQ39WTOQppIPCYoxxjLsmAY6su7G7cZ5Ogqqil
LF2WLFk+iwdzW+2wy71hVyIKc0v8Yl6bq3iQt2aNnJNva5Dtg9IcqRp7Vk3hs4Uk
NwsvciRCO01g1xNhmyJ6SJh8BKbrRBjNjHSKcQPEDWuivCaREBymNJcofxh506Ku
TZEvRC+RRmfV9YARD3rW3XtS18YLW9NbQmPVj7WrUYgW4tsqA507vixRHowDvsKB
C4D7yHZ5OPc+SKfbasKrCodT+KK6o7qRBlyEYu6/3p1gtT4OPinivS/O/Ezcsenc
VKJzGOSR6C0pmg==
-----END CERTIFICATE-----