Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
File:                     ltTArxW-ONL8XjD-NFdHXTS3g5o.mft (raw, json)
Hash identifier:          xiruBleaEspb7Ot+kpMt+jjg06Yfhq29vgmwjLmlK/0=
Subject key identifier:   A2:F1:6C:7B:0B:C7:81:2E:FB:8C:7D:45:E9:46:32:6A:E4:0C:53:E0
Authority key identifier: 96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A
Certificate issuer:       /CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
Certificate serial:       019CA97D272CECE1D22784DC718819468B71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
Manifest number:          14B5
Signing time:             Sun 01 Mar 2026 13:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:17 +0000
Files and hashes:         1: ltTArxW-ONL8XjD-NFdHXTS3g5o.crl (hash: OXhhFLBjCtVfpqrzt1GdhJ6DVvYWq+LFVq78jibVYwg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:27:2c:ec:e1:d2:27:84:dc:71:88:19:46:8b:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96d4c0af15be38d2fc5e30fe3457475d34b7839a
        Validity
            Not Before: Mar  1 13:01:17 2026 GMT
            Not After : Mar  2 13:01:17 2026 GMT
        Subject: CN=a2f16c7b0bc7812efb8c7d45e946326ae40c53e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e7:4a:45:55:07:23:fc:d6:8f:52:44:9f:ad:
                    40:24:43:bb:72:ce:15:23:78:ad:d0:7f:b9:37:26:
                    d4:f7:1d:02:3a:8d:d0:15:a6:6a:8c:55:18:3c:59:
                    30:e4:05:58:2e:c6:89:2f:88:a8:07:db:36:73:1c:
                    6b:7b:ce:5e:2d:c5:1c:07:4b:41:c7:b8:c2:bd:e0:
                    e8:47:ba:3f:d6:e6:9a:cd:e6:ea:0e:11:3f:0e:5d:
                    46:5f:97:0b:2d:af:cc:48:55:10:c9:ed:ef:30:68:
                    ef:e7:78:fc:c3:56:47:5b:75:8e:b0:96:6e:88:e0:
                    e5:4a:fa:f8:cb:73:33:d7:ea:7d:7c:61:52:39:e4:
                    9e:e7:8e:73:4f:24:fe:e3:11:6d:ba:32:1f:5d:42:
                    36:e3:db:19:00:6f:83:5e:2a:52:b9:dc:6f:b1:2e:
                    a8:21:e4:1e:24:99:6a:4c:4a:e0:4b:6d:a8:0d:cd:
                    4d:9b:94:58:8a:6e:38:0d:a9:2c:ab:56:4e:1c:50:
                    51:5e:59:bd:cc:b5:b8:b3:ca:31:ad:0d:91:2c:bc:
                    98:ee:6b:de:0d:2c:ef:62:5e:53:4a:ff:43:82:42:
                    a6:31:49:3f:cc:ea:46:48:ff:8e:0a:73:05:96:8a:
                    a6:e7:81:1d:43:7d:e1:ee:1f:55:d2:9d:6d:ff:3b:
                    db:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:F1:6C:7B:0B:C7:81:2E:FB:8C:7D:45:E9:46:32:6A:E4:0C:53:E0
            X509v3 Authority Key Identifier:
                keyid:96:D4:C0:AF:15:BE:38:D2:FC:5E:30:FE:34:57:47:5D:34:B7:83:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltTArxW-ONL8XjD-NFdHXTS3g5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b1b128-4f10-486e-a1ee-952f6fc02672/1/ltTArxW-ONL8XjD-NFdHXTS3g5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:f3:2b:94:f1:c2:b8:13:65:bf:39:33:cf:c6:01:d2:d3:70:
         e6:36:96:db:98:52:0e:f7:9c:bd:05:58:0c:1a:47:85:03:e5:
         d7:ce:e9:a3:80:15:9c:b6:58:2d:d6:a0:c3:b1:c3:ed:6c:c9:
         7c:94:e5:93:96:0c:e1:38:0a:bd:f1:2c:38:06:33:e2:d2:d4:
         17:4c:47:33:3e:03:f9:42:15:da:2b:88:cd:d3:8b:57:ad:13:
         4c:34:27:bc:36:56:b3:a4:45:4c:65:25:e5:63:6f:4d:e4:19:
         a3:fd:bf:45:b3:0f:ab:24:8d:31:6f:04:2f:52:cd:99:d0:7c:
         d9:6b:f2:0c:ff:65:c3:32:77:fd:ff:43:5c:11:20:d5:11:cb:
         9b:8a:87:71:04:94:83:b4:0e:99:25:ea:b4:7c:67:4b:15:ea:
         07:32:f9:af:97:39:16:d4:2f:21:98:5a:07:b6:16:1a:3d:fd:
         eb:ba:41:48:1f:a4:a1:c8:81:46:d5:10:dd:57:0f:2c:8d:40:
         b6:1f:6f:83:77:a8:7f:e0:62:0e:29:00:a4:91:43:c7:07:d3:
         58:24:0c:ba:96:a8:e8:e4:96:db:16:2e:73:c2:1e:d1:e3:32:
         01:e4:9c:b1:ff:0f:0d:6f:ed:ed:66:12:92:e6:e9:63:c9:70:
         e4:38:d2:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfScs7OHSJ4TccYgZRotxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDRjMGFmMTViZTM4ZDJmYzVlMzBmZTM0NTc0NzVkMzRi
NzgzOWEwHhcNMjYwMzAxMTMwMTE3WhcNMjYwMzAyMTMwMTE3WjAzMTEwLwYDVQQD
EyhhMmYxNmM3YjBiYzc4MTJlZmI4YzdkNDVlOTQ2MzI2YWU0MGM1M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxedKRVUHI/zWj1JEn61AJEO7cs4V
I3it0H+5NybU9x0COo3QFaZqjFUYPFkw5AVYLsaJL4ioB9s2cxxre85eLcUcB0tB
x7jCveDoR7o/1uaazebqDhE/Dl1GX5cLLa/MSFUQye3vMGjv53j8w1ZHW3WOsJZu
iODlSvr4y3Mz1+p9fGFSOeSe545zTyT+4xFtujIfXUI249sZAG+DXipSudxvsS6o
IeQeJJlqTErgS22oDc1Nm5RYim44Daksq1ZOHFBRXlm9zLW4s8oxrQ2RLLyY7mve
DSzvYl5TSv9DgkKmMUk/zOpGSP+OCnMFloqm54EdQ33h7h9V0p1t/zvbkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLxbHsLx4Eu+4x9RelGMmrkDFPgMB8GA1UdIwQY
MBaAFJbUwK8VvjjS/F4w/jRXR100t4OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUt
OTUyZjZmYzAyNjcyLzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iMWIxMjgtNGYxMC00ODZlLWExZWUtOTUyZjZmYzAyNjcy
LzEvbHRUQXJ4Vy1PTkw4WGpELU5GZEhYVFMzZzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvMrlPHC
uBNlvzkzz8YB0tNw5jaW25hSDvecvQVYDBpHhQPl187po4AVnLZYLdagw7HD7WzJ
fJTlk5YM4TgKvfEsOAYz4tLUF0xHMz4D+UIV2iuIzdOLV60TTDQnvDZWs6RFTGUl
5WNvTeQZo/2/RbMPqySNMW8EL1LNmdB82WvyDP9lwzJ3/f9DXBEg1RHLm4qHcQSU
g7QOmSXqtHxnSxXqBzL5r5c5FtQvIZhaB7YWGj3967pBSB+kociBRtUQ3VcPLI1A
th9vg3eof+BiDikApJFDxwfTWCQMupao6OSW2xYuc8Ie0eMyAeScsf8PDW/t7WYS
kubpY8lw5DjSoA==
-----END CERTIFICATE-----