Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
File:                     LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft (raw, json)
Hash identifier:          4nHdRaT35UcB/StQe9MVzsP7BSkWEAUVFE+ChHYRoG0=
Subject key identifier:   46:94:67:D1:74:C7:65:E7:8E:76:72:8D:49:2D:B6:AF:E2:9E:79:B0
Authority key identifier: 2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92
Certificate issuer:       /CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
Certificate serial:       019CAD22F88CAFFC2B5D973916102759B0A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
Manifest number:          055B
Signing time:             Mon 02 Mar 2026 06:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 06:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 06:01:16 +0000
Files and hashes:         1: LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl (hash: ZykDk0Pz/S0X1UZz/paRgaih3FVkXqNsvQ2fMi1HsZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 06:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:f8:8c:af:fc:2b:5d:97:39:16:10:27:59:b0:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
        Validity
            Not Before: Mar  2 06:01:16 2026 GMT
            Not After : Mar  3 06:01:16 2026 GMT
        Subject: CN=469467d174c765e78e76728d492db6afe29e79b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:33:bd:8a:5c:06:bd:cf:5f:39:f8:45:6d:18:
                    eb:19:19:12:1d:bf:ff:e9:bb:ad:31:04:89:37:69:
                    a8:7c:9c:62:3e:97:ea:33:19:32:4c:62:7d:a3:49:
                    a3:46:ef:8e:6c:00:0b:09:86:dd:a2:be:fe:e7:b1:
                    16:54:df:77:48:4c:b4:25:b8:80:05:18:d7:ce:ef:
                    c6:3f:b6:d5:3c:29:db:d3:90:a6:c4:a7:50:2e:46:
                    68:72:74:7e:f6:a8:dd:9f:89:64:2a:de:ef:35:e0:
                    81:e1:b8:68:d6:97:13:99:a5:43:fc:4a:38:1f:c8:
                    f3:bc:54:1b:b2:56:e9:b2:10:f6:7b:be:ab:c7:97:
                    1d:0f:54:64:14:66:fd:b3:15:9a:de:09:31:44:0a:
                    92:46:19:53:13:8e:47:bd:d7:a5:b4:7d:46:bc:3b:
                    53:0f:4c:90:6e:b5:4f:6b:dc:0c:06:18:61:3e:23:
                    66:20:68:b9:a4:2f:f2:0b:19:38:56:e6:7b:a6:34:
                    6a:39:d2:37:c2:00:55:77:af:7d:af:4f:32:34:43:
                    50:b5:ba:60:7e:70:3a:59:4e:25:1d:a0:06:ab:c1:
                    0b:aa:99:26:54:53:62:09:77:89:87:6a:0e:ee:d4:
                    b0:6b:78:7e:fd:1d:6e:a2:ee:ff:00:d5:72:f5:1a:
                    d2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:94:67:D1:74:C7:65:E7:8E:76:72:8D:49:2D:B6:AF:E2:9E:79:B0
            X509v3 Authority Key Identifier:
                keyid:2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:aa:d4:fe:41:50:6a:c0:ce:76:ec:90:a1:42:dd:4a:1f:cf:
         78:f0:9b:01:f2:65:18:f4:5b:57:7f:5e:21:cc:a2:f7:72:e3:
         ec:8a:44:86:10:25:2f:5b:dc:43:43:a5:e3:cf:bd:ae:d7:f6:
         0b:5d:71:75:a3:39:f2:95:c8:be:b0:af:40:d6:9a:a1:af:39:
         76:c6:29:52:f0:ea:84:70:89:bd:fa:2a:7a:5e:55:c6:43:92:
         e4:b2:8a:f3:7e:88:45:7e:6b:fb:1a:2a:1a:17:fa:80:ad:a5:
         68:91:3a:bc:4b:50:d8:aa:65:22:d5:b8:43:c4:86:ae:64:67:
         45:40:b8:3d:ae:02:de:3f:98:22:f7:ff:91:a8:48:08:2e:42:
         71:e2:49:ff:fa:1d:73:b1:6e:34:a2:a6:50:a4:23:ca:36:ea:
         9b:93:98:21:6b:bc:ee:64:59:1b:71:8f:35:01:3d:8b:3e:df:
         0b:53:b6:cc:0a:60:d8:c9:cd:e7:d1:14:9e:70:ad:09:4b:11:
         57:df:a6:aa:c0:7a:e9:14:10:54:21:a4:aa:f9:b4:e6:61:80:
         90:d2:35:46:e4:c7:42:9f:5b:ce:f7:54:15:0c:f1:07:f5:d2:
         5f:c3:59:2b:a6:b7:53:a1:64:25:03:6b:f8:eb:d2:92:75:fd:
         0f:0b:95:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIviMr/wrXZc5FhAnWbCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTViNzNhN2MyZDEzMWVjMTRlYmQ5MDcxNzE4YjU0YzNm
YmE2OTIwHhcNMjYwMzAyMDYwMTE2WhcNMjYwMzAzMDYwMTE2WjAzMTEwLwYDVQQD
Eyg0Njk0NjdkMTc0Yzc2NWU3OGU3NjcyOGQ0OTJkYjZhZmUyOWU3OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDO9ilwGvc9fOfhFbRjrGRkSHb//
6butMQSJN2mofJxiPpfqMxkyTGJ9o0mjRu+ObAALCYbdor7+57EWVN93SEy0JbiA
BRjXzu/GP7bVPCnb05CmxKdQLkZocnR+9qjdn4lkKt7vNeCB4bho1pcTmaVD/Eo4
H8jzvFQbslbpshD2e76rx5cdD1RkFGb9sxWa3gkxRAqSRhlTE45HvdeltH1GvDtT
D0yQbrVPa9wMBhhhPiNmIGi5pC/yCxk4VuZ7pjRqOdI3wgBVd699r08yNENQtbpg
fnA6WU4lHaAGq8ELqpkmVFNiCXeJh2oO7tSwa3h+/R1uou7/ANVy9RrSZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaUZ9F0x2XnjnZyjUkttq/innmwMB8GA1UdIwQY
MBaAFC8Vtzp8LRMewU69kHFxi1TD+6aSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgt
MGViNDVlZjYyZDhkLzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgtMGViNDVlZjYyZDhk
LzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKrU/kFQ
asDOduyQoULdSh/PePCbAfJlGPRbV39eIcyi93Lj7IpEhhAlL1vcQ0Ol48+9rtf2
C11xdaM58pXIvrCvQNaaoa85dsYpUvDqhHCJvfoqel5VxkOS5LKK836IRX5r+xoq
Ghf6gK2laJE6vEtQ2KplItW4Q8SGrmRnRUC4Pa4C3j+YIvf/kahICC5CceJJ//od
c7FuNKKmUKQjyjbqm5OYIWu87mRZG3GPNQE9iz7fC1O2zApg2MnN59EUnnCtCUsR
V9+mqsB66RQQVCGkqvm05mGAkNI1RuTHQp9bzvdUFQzxB/XSX8NZK6a3U6FkJQNr
+OvSknX9DwuVrg==
-----END CERTIFICATE-----