Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
File:                     lmsFxmHHalvMSNqDju22lz8VO4Y.mft (raw, json)
Hash identifier:          nwJTq27gV6s1FnZ9W3w806jvbG81NMzVoi9FrzVSxAY=
Subject key identifier:   63:58:5F:35:EF:80:C3:1A:00:BB:64:41:7C:95:07:5B:BC:E3:56:10
Authority key identifier: 96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
Certificate issuer:       /CN=966b05c661c76a5bcc48da838eedb6973f153b86
Certificate serial:       019D98F4B16ECE1C116510AACFF034ACE097
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
Manifest number:          18C7
Signing time:             Fri 17 Apr 2026 01:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:06 +0000
Files and hashes:         1: lmsFxmHHalvMSNqDju22lz8VO4Y.crl (hash: 0XV0YftNAjyVKajjbJMy4oo0vD3y0trUvYrxY5hTjIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:b1:6e:ce:1c:11:65:10:aa:cf:f0:34:ac:e0:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=966b05c661c76a5bcc48da838eedb6973f153b86
        Validity
            Not Before: Apr 17 01:01:06 2026 GMT
            Not After : Apr 18 01:01:06 2026 GMT
        Subject: CN=63585f35ef80c31a00bb64417c95075bbce35610
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9a:a5:25:28:5a:6a:55:35:67:7b:0d:57:74:
                    c8:eb:49:95:cb:cb:c6:cc:89:f9:cb:5e:91:ed:91:
                    ec:d3:10:86:b9:e8:a3:87:dd:ad:15:19:e4:a8:5e:
                    40:20:16:cc:41:c5:c8:fb:76:52:df:ca:95:c5:d0:
                    bf:7c:f7:24:8a:3b:e2:9f:7f:c0:67:31:8e:26:e6:
                    ec:46:20:98:d1:35:c4:8a:61:7c:85:4a:34:6d:2f:
                    8d:ec:82:42:01:75:22:4d:be:8c:00:bf:65:38:ce:
                    50:8a:bb:17:bf:54:7c:2b:c4:57:a0:64:11:c9:ed:
                    97:c2:a5:95:45:82:fc:f9:fe:e4:4d:a6:f5:13:8d:
                    43:4d:31:dc:31:61:00:da:c3:ff:c4:dd:21:53:f1:
                    1a:1f:9c:26:a9:7d:fc:0f:e5:63:63:89:c3:38:db:
                    20:5e:1a:1f:d2:ba:ae:a8:f9:86:0d:26:13:39:38:
                    8f:39:8a:16:ed:10:95:4f:45:e7:e5:2c:43:fe:ba:
                    d1:76:ce:cc:a5:73:9b:0f:88:d5:2a:2e:d8:10:e6:
                    20:3f:78:cc:a7:e0:ff:54:37:61:ba:c0:7f:9c:64:
                    c6:07:1f:c1:bb:10:9d:79:1d:2a:a0:25:1c:7c:9d:
                    95:3e:f5:0e:9a:67:6c:a4:41:cb:a5:3e:43:40:50:
                    69:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:58:5F:35:EF:80:C3:1A:00:BB:64:41:7C:95:07:5B:BC:E3:56:10
            X509v3 Authority Key Identifier:
                keyid:96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:dd:82:97:12:0d:0c:a2:ec:f9:55:1c:6f:de:d5:8b:cb:6e:
         0b:a7:87:57:16:44:d2:65:67:9f:a5:e6:55:1c:d1:8d:32:32:
         ad:34:00:1e:3e:75:ea:2e:ae:a5:74:be:16:b0:bf:01:38:d4:
         94:b2:fd:57:4e:05:56:58:2e:f1:8a:d1:40:ff:4d:0b:c0:46:
         35:28:e3:77:0e:a3:af:54:53:3b:75:88:1f:ba:20:dc:f8:a9:
         64:8a:0b:e9:60:db:d3:cf:ef:43:07:08:a3:e4:ec:65:b1:60:
         fa:91:fe:72:cb:dd:36:fb:c4:da:46:db:cf:6b:d8:3c:a8:2c:
         0a:e7:23:41:03:18:2a:c8:0e:67:bc:b7:a3:ad:e0:09:d7:8a:
         52:eb:be:94:53:ce:44:04:60:77:a0:12:df:06:95:d8:d5:0b:
         11:86:83:4f:7e:fe:c2:81:22:60:4e:50:f2:55:c5:5f:0f:5d:
         9c:09:a2:10:bf:fc:43:12:2f:06:2d:a9:ea:f2:f7:81:d7:4a:
         3b:62:0e:a3:fe:9c:59:e9:10:84:9e:35:86:ac:14:35:62:83:
         55:83:61:ce:61:f7:35:93:ea:0e:dc:86:a7:7d:f2:fa:57:f3:
         f0:13:2f:0d:d7:38:01:bb:b0:92:f6:82:8e:cf:f1:e9:5d:b7:
         60:03:66:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9LFuzhwRZRCqz/A0rOCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmIwNWM2NjFjNzZhNWJjYzQ4ZGE4MzhlZWRiNjk3M2Yx
NTNiODYwHhcNMjYwNDE3MDEwMTA2WhcNMjYwNDE4MDEwMTA2WjAzMTEwLwYDVQQD
Eyg2MzU4NWYzNWVmODBjMzFhMDBiYjY0NDE3Yzk1MDc1YmJjZTM1NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5qlJShaalU1Z3sNV3TI60mVy8vG
zIn5y16R7ZHs0xCGueijh92tFRnkqF5AIBbMQcXI+3ZS38qVxdC/fPckijvin3/A
ZzGOJubsRiCY0TXEimF8hUo0bS+N7IJCAXUiTb6MAL9lOM5QirsXv1R8K8RXoGQR
ye2XwqWVRYL8+f7kTab1E41DTTHcMWEA2sP/xN0hU/EaH5wmqX38D+VjY4nDONsg
Xhof0rquqPmGDSYTOTiPOYoW7RCVT0Xn5SxD/rrRds7MpXObD4jVKi7YEOYgP3jM
p+D/VDdhusB/nGTGBx/BuxCdeR0qoCUcfJ2VPvUOmmdspEHLpT5DQFBpTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNYXzXvgMMaALtkQXyVB1u841YQMB8GA1UdIwQY
MBaAFJZrBcZhx2pbzEjag47ttpc/FTuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMt
ZTNjMmYzMmNmM2I3LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMtZTNjMmYzMmNmM2I3
LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVN2ClxIN
DKLs+VUcb97Vi8tuC6eHVxZE0mVnn6XmVRzRjTIyrTQAHj516i6upXS+FrC/ATjU
lLL9V04FVlgu8YrRQP9NC8BGNSjjdw6jr1RTO3WIH7og3PipZIoL6WDb08/vQwcI
o+TsZbFg+pH+csvdNvvE2kbbz2vYPKgsCucjQQMYKsgOZ7y3o63gCdeKUuu+lFPO
RARgd6AS3waV2NULEYaDT37+woEiYE5Q8lXFXw9dnAmiEL/8QxIvBi2p6vL3gddK
O2IOo/6cWekQhJ41hqwUNWKDVYNhzmH3NZPqDtyGp33y+lfz8BMvDdc4AbuwkvaC
js/x6V23YANmzQ==
-----END CERTIFICATE-----