Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File:                     LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier:          hb5vPnH3UMTSeFiD5BVI25J5BsDu7A4yCgBjgqPzfWk=
Subject key identifier:   78:5D:2D:EA:51:C1:1F:01:67:EE:39:1F:A0:40:D8:74:38:7B:E7:77
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer:       /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial:       019D9AE294C9099253CED3F43E25173116A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 10:00:33 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:33 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:33 +0000
Files and hashes:         1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: Ea3kWmPoPqrlVeyrJ9MDKv3TbD3rqfQNlQYQ2aBMXMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:94:c9:09:92:53:ce:d3:f4:3e:25:17:31:16:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
        Validity
            Not Before: Apr 17 10:00:33 2026 GMT
            Not After : Apr 18 10:00:33 2026 GMT
        Subject: CN=785d2dea51c11f0167ee391fa040d874387be777
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:3d:2a:b3:e9:a8:fe:12:ba:f3:ec:45:1d:42:
                    07:78:46:b7:09:66:00:1b:c9:e0:d0:5d:43:5a:49:
                    55:b4:53:79:e3:e3:d5:49:98:24:f3:38:80:67:a2:
                    db:a9:96:b7:60:6d:56:89:96:b9:de:fb:88:c9:1a:
                    aa:db:9b:65:35:55:f9:7f:a2:ad:29:59:13:62:89:
                    9e:73:f4:57:01:d6:5b:d5:d9:39:f1:81:fc:44:e8:
                    0b:b0:68:7d:c9:07:4a:06:fc:0e:0b:37:52:d1:b6:
                    2a:3a:47:59:0b:ec:7a:5f:94:99:e5:e4:44:ed:ba:
                    05:52:18:94:13:8d:50:66:29:4c:58:f8:c8:ae:a5:
                    11:ec:84:a7:48:19:67:8f:cb:ae:d4:e8:81:c4:75:
                    b8:db:88:1b:72:97:79:56:b2:6f:0f:0a:5e:ed:80:
                    a4:f0:85:60:ea:92:e0:4b:b8:0a:35:11:b6:ba:8b:
                    e0:c6:3f:55:b2:08:92:df:6f:89:24:08:1e:3c:56:
                    bc:f6:e3:95:8a:3c:49:bb:20:04:a3:db:0b:ae:eb:
                    b3:3e:18:2c:99:b4:ee:ea:9a:b0:22:ee:f5:47:07:
                    37:b7:62:83:fe:2e:5c:d6:7e:2c:6b:d1:96:9d:35:
                    1c:02:d0:f0:5f:45:33:2b:15:f3:da:3f:2f:8a:d5:
                    ac:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:5D:2D:EA:51:C1:1F:01:67:EE:39:1F:A0:40:D8:74:38:7B:E7:77
            X509v3 Authority Key Identifier:
                keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:26:3c:43:46:e3:63:9b:dd:6b:a8:1b:04:b3:b2:fe:81:87:
         1a:d4:e7:17:93:d2:a5:8c:2c:e9:91:24:ef:5e:22:91:6a:16:
         99:7c:45:fa:aa:ac:f6:70:7f:31:55:32:9c:22:c4:cc:d5:9a:
         92:81:b5:f9:f8:ed:b2:72:28:6d:74:4a:87:18:d5:35:69:39:
         ea:9a:42:7f:fe:fb:89:20:02:36:55:89:1a:b6:4d:97:b5:48:
         47:ef:92:62:bf:2b:00:0f:e5:e1:7c:de:93:dc:69:25:29:05:
         84:eb:1d:94:4a:3b:b3:c0:c1:2a:df:4a:af:e7:98:33:00:78:
         97:52:74:f6:46:ef:f8:f2:9c:df:70:1f:cd:f4:84:03:8c:9e:
         56:bd:f9:45:b6:21:25:df:d8:fd:f6:df:c6:b0:bd:7b:40:b3:
         6c:39:e9:66:0a:32:61:ea:c6:1c:98:d4:f4:74:c1:35:e0:4d:
         0a:b8:4a:24:5b:04:d7:46:08:38:e4:37:f5:b1:d1:aa:9d:4f:
         4f:7a:cc:50:3a:18:b1:54:54:25:0d:01:69:b4:7e:fd:23:b9:
         ed:60:5a:b6:41:1f:10:e6:6a:54:e3:82:3a:08:78:1a:b4:aa:
         0c:33:ba:c2:db:2a:d7:d0:34:9e:ed:7b:41:31:e1:71:b0:36:
         75:ca:c0:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4pTJCZJTztP0PiUXMRanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjYwNDE3MTAwMDMzWhcNMjYwNDE4MTAwMDMzWjAzMTEwLwYDVQQD
Eyg3ODVkMmRlYTUxYzExZjAxNjdlZTM5MWZhMDQwZDg3NDM4N2JlNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArj0qs+mo/hK68+xFHUIHeEa3CWYA
G8ng0F1DWklVtFN54+PVSZgk8ziAZ6LbqZa3YG1WiZa53vuIyRqq25tlNVX5f6Kt
KVkTYomec/RXAdZb1dk58YH8ROgLsGh9yQdKBvwOCzdS0bYqOkdZC+x6X5SZ5eRE
7boFUhiUE41QZilMWPjIrqUR7ISnSBlnj8uu1OiBxHW424gbcpd5VrJvDwpe7YCk
8IVg6pLgS7gKNRG2uovgxj9VsgiS32+JJAgePFa89uOVijxJuyAEo9sLruuzPhgs
mbTu6pqwIu71Rwc3t2KD/i5c1n4sa9GWnTUcAtDwX0UzKxXz2j8vitWslwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhdLepRwR8BZ+45H6BA2HQ4e+d3MB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACCY8Q0bj
Y5vda6gbBLOy/oGHGtTnF5PSpYws6ZEk714ikWoWmXxF+qqs9nB/MVUynCLEzNWa
koG1+fjtsnIobXRKhxjVNWk56ppCf/77iSACNlWJGrZNl7VIR++SYr8rAA/l4Xze
k9xpJSkFhOsdlEo7s8DBKt9Kr+eYMwB4l1J09kbv+PKc33AfzfSEA4yeVr35RbYh
Jd/Y/fbfxrC9e0CzbDnpZgoyYerGHJjU9HTBNeBNCrhKJFsE10YIOOQ39bHRqp1P
T3rMUDoYsVRUJQ0BabR+/SO57WBatkEfEOZqVOOCOgh4GrSqDDO6wtsq19A0nu17
QTHhcbA2dcrATg==
-----END CERTIFICATE-----