Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
File:                     lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft (raw, json)
Hash identifier:          KUq1HJ3j8aKa2iSXBqsnzwU2G27BOUns5rnOZP4e9ko=
Subject key identifier:   D5:34:4D:88:39:7D:FB:E8:04:2C:17:38:51:72:65:92:E4:3F:1C:80
Authority key identifier: 95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C
Certificate issuer:       /CN=954cf721c08c8e9bc5242d56196677217350455c
Certificate serial:       019CA97CE2D90D6907F37BEFD4D8CEE3C6CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
Manifest number:          0864
Signing time:             Sun 01 Mar 2026 13:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:59 +0000
Files and hashes:         1: lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl (hash: ogZnx60OaTFkrUFY3qKeX3nY9dLoewEXKZMnG+rwd5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:e2:d9:0d:69:07:f3:7b:ef:d4:d8:ce:e3:c6:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954cf721c08c8e9bc5242d56196677217350455c
        Validity
            Not Before: Mar  1 13:00:59 2026 GMT
            Not After : Mar  2 13:00:59 2026 GMT
        Subject: CN=d5344d88397dfbe8042c173851726592e43f1c80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:bd:60:3b:25:6e:07:87:62:d1:9f:1c:04:60:
                    dd:b8:b1:28:61:13:77:00:4e:eb:1e:f6:87:cc:de:
                    cb:33:5f:5c:ad:0c:41:80:7f:15:31:e5:7e:45:2c:
                    ef:64:09:b4:e2:2f:7f:cb:a3:16:d5:70:92:05:01:
                    d9:8c:07:a6:5b:03:ad:f6:a0:d8:24:7f:8b:5b:fc:
                    70:27:3f:e8:4c:da:38:fb:fa:47:68:bc:d5:e2:76:
                    8f:e4:10:a3:5a:86:b4:4c:20:ef:9e:b6:16:bc:e2:
                    36:91:44:f2:2b:67:4b:97:00:0b:75:48:25:a8:ed:
                    a0:d0:b3:f7:ac:d9:1a:62:19:75:d1:c8:ff:ca:c0:
                    c1:4b:8b:1f:eb:b1:33:c2:76:6e:cd:58:43:dc:c7:
                    84:84:f4:df:31:98:3c:ca:b9:f9:21:4f:fc:9c:62:
                    02:e6:f2:ff:0d:9b:17:fe:4f:44:43:a4:2e:1a:a9:
                    18:03:4b:11:57:4e:b1:86:6e:ba:d9:53:d9:a7:10:
                    a6:a1:a1:f0:90:04:51:dc:c6:8f:35:42:5d:42:79:
                    3e:87:eb:48:8c:ac:d2:f8:83:c7:50:46:42:d8:91:
                    8c:a0:f7:70:b7:8a:23:ca:fc:90:2b:3c:bf:4b:26:
                    b8:48:28:ec:66:8c:79:77:a9:22:a9:6c:3c:4d:90:
                    0e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:34:4D:88:39:7D:FB:E8:04:2C:17:38:51:72:65:92:E4:3F:1C:80
            X509v3 Authority Key Identifier:
                keyid:95:4C:F7:21:C0:8C:8E:9B:C5:24:2D:56:19:66:77:21:73:50:45:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2823dd-25a1-44a0-bfc1-cbbd08ad3ec2/1/lUz3IcCMjpvFJC1WGWZ3IXNQRVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:e0:b6:9d:83:8e:0e:d2:9a:d5:22:b7:c7:64:4c:c4:9d:20:
         14:48:39:d1:ec:4a:95:9f:56:b5:00:47:7a:2a:af:9c:cb:e9:
         67:f8:58:3e:a2:94:6f:c9:8d:3d:4b:49:c7:f3:4c:6a:18:bb:
         d9:db:63:da:45:77:95:1c:b6:bf:04:bd:70:5d:d4:b8:1f:96:
         e8:68:01:24:16:ea:61:04:50:75:21:9d:9f:4a:14:bf:64:46:
         94:a7:e7:73:c1:0a:7c:29:13:8b:be:86:97:72:0d:fe:15:4a:
         5e:af:c6:62:f2:2c:fe:2a:41:28:81:7f:ef:29:e8:c5:13:8b:
         e0:c5:c8:46:41:f4:c5:38:a8:72:17:0c:4f:57:36:9c:29:bb:
         3a:cb:9a:fc:10:37:13:26:32:b9:68:be:89:17:34:25:4b:b5:
         7a:8b:b5:af:8c:49:49:9c:fa:18:89:63:22:93:7b:07:b4:e4:
         fb:9f:a8:68:6a:15:63:95:a7:b0:14:a4:75:62:33:f3:f3:96:
         78:12:df:12:15:53:d7:22:b0:4d:52:1f:78:67:8f:3d:67:83:
         83:e8:a2:c6:27:b3:78:a7:b8:2e:b1:66:7b:f0:65:89:d6:59:
         66:81:f2:72:09:37:77:e3:d5:58:4c:63:4f:d4:10:06:f2:c3:
         b6:44:27:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfOLZDWkH83vv1NjO48bOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGNmNzIxYzA4YzhlOWJjNTI0MmQ1NjE5NjY3NzIxNzM1
MDQ1NWMwHhcNMjYwMzAxMTMwMDU5WhcNMjYwMzAyMTMwMDU5WjAzMTEwLwYDVQQD
EyhkNTM0NGQ4ODM5N2RmYmU4MDQyYzE3Mzg1MTcyNjU5MmU0M2YxYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr1gOyVuB4di0Z8cBGDduLEoYRN3
AE7rHvaHzN7LM19crQxBgH8VMeV+RSzvZAm04i9/y6MW1XCSBQHZjAemWwOt9qDY
JH+LW/xwJz/oTNo4+/pHaLzV4naP5BCjWoa0TCDvnrYWvOI2kUTyK2dLlwALdUgl
qO2g0LP3rNkaYhl10cj/ysDBS4sf67EzwnZuzVhD3MeEhPTfMZg8yrn5IU/8nGIC
5vL/DZsX/k9EQ6QuGqkYA0sRV06xhm662VPZpxCmoaHwkARR3MaPNUJdQnk+h+tI
jKzS+IPHUEZC2JGMoPdwt4ojyvyQKzy/Sya4SCjsZox5d6kiqWw8TZAOPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNU0TYg5ffvoBCwXOFFyZZLkPxyAMB8GA1UdIwQY
MBaAFJVM9yHAjI6bxSQtVhlmdyFzUEVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEt
Y2JiZDA4YWQzZWMyLzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yODIzZGQtMjVhMS00NGEwLWJmYzEtY2JiZDA4YWQzZWMy
LzEvbFV6M0ljQ01qcHZGSkMxV0dXWjNJWE5RUlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFuC2nYOO
DtKa1SK3x2RMxJ0gFEg50exKlZ9WtQBHeiqvnMvpZ/hYPqKUb8mNPUtJx/NMahi7
2dtj2kV3lRy2vwS9cF3UuB+W6GgBJBbqYQRQdSGdn0oUv2RGlKfnc8EKfCkTi76G
l3IN/hVKXq/GYvIs/ipBKIF/7ynoxROL4MXIRkH0xTiochcMT1c2nCm7Osua/BA3
EyYyuWi+iRc0JUu1eou1r4xJSZz6GIljIpN7B7Tk+5+oaGoVY5WnsBSkdWIz8/OW
eBLfEhVT1yKwTVIfeGePPWeDg+iixiezeKe4LrFme/BlidZZZoHycgk3d+PVWExj
T9QQBvLDtkQniA==
-----END CERTIFICATE-----