Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
File:                     LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft (raw, json)
Hash identifier:          UgmQhW+I7DfGxbs+H0UpZKqm5OgggOotz3f2ygQ2Dcw=
Subject key identifier:   E7:23:BB:27:C5:2A:A4:F9:6A:9A:69:13:3A:1F:A4:30:CB:7C:73:89
Authority key identifier: 2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42
Certificate issuer:       /CN=2e1810d5c911b4a81073fae638971b577dd7a642
Certificate serial:       019DA29D1950868753D059EC22B01D83CACC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
Manifest number:          1392
Signing time:             Sat 18 Apr 2026 22:01:37 +0000
Manifest this update:     Sat 18 Apr 2026 22:01:37 +0000
Manifest next update:     Sun 19 Apr 2026 22:01:37 +0000
Files and hashes:         1: LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl (hash: B6MAIpKHkKfJArZRyjGBvUzmnUtSlxyVHm0rpKQcWBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9d:19:50:86:87:53:d0:59:ec:22:b0:1d:83:ca:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e1810d5c911b4a81073fae638971b577dd7a642
        Validity
            Not Before: Apr 18 22:01:37 2026 GMT
            Not After : Apr 19 22:01:37 2026 GMT
        Subject: CN=e723bb27c52aa4f96a9a69133a1fa430cb7c7389
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:47:44:c5:8a:5d:43:1a:b5:7d:f8:1b:ac:e8:
                    65:82:71:10:81:10:3c:d5:c9:60:d6:33:e4:e3:6b:
                    f9:8d:6e:c5:77:d8:88:b3:fc:a9:a0:03:fd:b4:8a:
                    d8:4f:62:29:39:03:e3:f9:46:c1:14:f5:f2:25:0e:
                    90:a7:96:18:33:cf:20:9f:32:10:38:ce:b3:2f:95:
                    a0:88:3b:0f:d9:b8:c0:1b:bd:0a:dd:da:08:db:5a:
                    00:2c:ba:30:a7:66:d7:b9:8d:d9:2b:b3:92:9e:94:
                    02:81:55:d0:69:00:88:ab:0c:40:a4:81:af:8d:7c:
                    38:ce:62:35:84:1b:52:d0:8b:77:fa:4e:06:f7:84:
                    e6:a5:04:b5:98:3f:ee:23:d0:d8:e0:82:ba:5f:9f:
                    cc:3d:ee:91:61:65:83:54:6d:08:e5:6c:0d:31:16:
                    3e:bc:e0:a2:d8:89:f6:14:1b:a2:4b:39:2a:0e:6d:
                    48:49:96:ac:1f:92:0d:c8:3c:8c:87:de:b6:34:f7:
                    ec:41:db:22:63:b3:4f:e8:f9:f6:83:2e:2d:73:9c:
                    4c:bc:4a:b1:fb:ca:37:05:75:bc:ca:0d:b3:56:9d:
                    a7:dc:65:fd:81:09:4a:75:2f:62:d7:3c:ab:e4:ba:
                    79:61:49:74:c4:aa:2b:83:7a:ef:d7:90:d6:59:d0:
                    ba:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:23:BB:27:C5:2A:A4:F9:6A:9A:69:13:3A:1F:A4:30:CB:7C:73:89
            X509v3 Authority Key Identifier:
                keyid:2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:e1:9b:0d:8e:44:0e:71:d5:1a:82:89:d8:7c:84:c3:03:14:
         92:b4:02:67:d3:34:2b:26:5d:55:b0:9c:be:3a:99:44:43:56:
         39:83:97:f2:fd:a6:2e:31:eb:7b:d5:eb:3f:56:3c:83:f7:de:
         e4:f5:11:3a:92:9f:36:24:b0:84:fe:f0:f2:52:e8:cb:66:14:
         f5:c3:32:32:13:82:99:6d:c9:aa:ed:e9:ba:63:70:c2:ec:e6:
         e4:e3:cc:71:0f:ed:da:a4:36:3b:3f:af:2f:ed:b3:2c:20:db:
         52:98:89:cb:2d:d5:a3:70:a4:16:c9:f2:c6:c1:ff:59:21:9e:
         13:68:5c:cc:ab:0f:54:f4:32:89:21:a9:78:e4:5e:af:68:25:
         f9:7d:e0:58:7e:5e:13:93:01:7a:65:53:36:30:85:59:53:1e:
         89:cd:18:e8:74:48:53:e5:dd:9a:92:e9:c6:2f:72:de:c5:b9:
         4a:9a:25:66:6f:76:77:11:7b:70:91:fb:ea:f1:d4:97:07:54:
         d0:7f:83:74:ed:71:84:94:19:dc:49:fa:ef:41:5d:ec:e7:4e:
         46:dd:cd:b7:23:3e:00:9f:8b:ab:0c:62:99:ed:d0:30:e1:13:
         b9:06:25:03:37:16:0c:88:81:17:f6:29:ae:9e:30:1d:f2:ff:
         56:4a:3b:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inRlQhodT0FnsIrAdg8rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTgxMGQ1YzkxMWI0YTgxMDczZmFlNjM4OTcxYjU3N2Rk
N2E2NDIwHhcNMjYwNDE4MjIwMTM3WhcNMjYwNDE5MjIwMTM3WjAzMTEwLwYDVQQD
EyhlNzIzYmIyN2M1MmFhNGY5NmE5YTY5MTMzYTFmYTQzMGNiN2M3Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkdExYpdQxq1ffgbrOhlgnEQgRA8
1clg1jPk42v5jW7Fd9iIs/ypoAP9tIrYT2IpOQPj+UbBFPXyJQ6Qp5YYM88gnzIQ
OM6zL5WgiDsP2bjAG70K3doI21oALLowp2bXuY3ZK7OSnpQCgVXQaQCIqwxApIGv
jXw4zmI1hBtS0It3+k4G94TmpQS1mD/uI9DY4IK6X5/MPe6RYWWDVG0I5WwNMRY+
vOCi2In2FBuiSzkqDm1ISZasH5INyDyMh962NPfsQdsiY7NP6Pn2gy4tc5xMvEqx
+8o3BXW8yg2zVp2n3GX9gQlKdS9i1zyr5Lp5YUl0xKorg3rv15DWWdC6yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOcjuyfFKqT5apppEzofpDDLfHOJMB8GA1UdIwQY
MBaAFC4YENXJEbSoEHP65jiXG1d916ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzIt
ZGQyYTU4NGE2MmJiLzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzItZGQyYTU4NGE2MmJi
LzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPOGbDY5E
DnHVGoKJ2HyEwwMUkrQCZ9M0KyZdVbCcvjqZRENWOYOX8v2mLjHre9XrP1Y8g/fe
5PUROpKfNiSwhP7w8lLoy2YU9cMyMhOCmW3Jqu3pumNwwuzm5OPMcQ/t2qQ2Oz+v
L+2zLCDbUpiJyy3Vo3CkFsnyxsH/WSGeE2hczKsPVPQyiSGpeORer2gl+X3gWH5e
E5MBemVTNjCFWVMeic0Y6HRIU+XdmpLpxi9y3sW5SpolZm92dxF7cJH76vHUlwdU
0H+DdO1xhJQZ3En670Fd7OdORt3NtyM+AJ+Lqwxime3QMOETuQYlAzcWDIiBF/Yp
rp4wHfL/Vko7aA==
-----END CERTIFICATE-----