Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
File:                     lmsFxmHHalvMSNqDju22lz8VO4Y.mft (raw, json)
Hash identifier:          9vnlrvhptTa5kVpZrwdTzmVIf9UVgfspGVlnXWZYzfs=
Subject key identifier:   37:09:D4:85:36:E4:1E:00:84:70:DB:BF:11:30:D0:34:B3:9D:D8:05
Authority key identifier: 96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
Certificate issuer:       /CN=966b05c661c76a5bcc48da838eedb6973f153b86
Certificate serial:       019CAF47D29CE6A3F069E19C5D4C528E3A98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
Manifest number:          184E
Signing time:             Mon 02 Mar 2026 16:00:45 +0000
Manifest this update:     Mon 02 Mar 2026 16:00:45 +0000
Manifest next update:     Tue 03 Mar 2026 16:00:45 +0000
Files and hashes:         1: lmsFxmHHalvMSNqDju22lz8VO4Y.crl (hash: Qr/PZUAvR2XUwqe25zjybh6mKqwTFDEMJkswESSKikk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:47:d2:9c:e6:a3:f0:69:e1:9c:5d:4c:52:8e:3a:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=966b05c661c76a5bcc48da838eedb6973f153b86
        Validity
            Not Before: Mar  2 16:00:45 2026 GMT
            Not After : Mar  3 16:00:45 2026 GMT
        Subject: CN=3709d48536e41e008470dbbf1130d034b39dd805
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:0f:dd:41:2b:52:34:4a:3f:c8:00:d0:f4:6d:
                    36:6f:33:a3:1f:2c:06:98:68:3d:02:6c:ff:2c:f0:
                    c6:f4:9e:c4:f1:3c:e6:5d:20:b1:6a:fe:ff:8c:b7:
                    72:96:43:78:1d:55:46:00:69:7e:b8:f6:dd:54:60:
                    94:c3:40:4d:c7:4a:32:a8:bd:6c:f5:fe:25:d1:55:
                    b3:f4:82:ee:6b:af:16:33:ee:c0:33:32:f6:3f:c6:
                    7a:a2:6d:16:1c:7d:46:19:4f:00:68:1c:09:db:c5:
                    b4:3e:4d:17:fc:99:a4:7c:2e:30:fa:1a:10:26:dd:
                    68:b9:41:30:ba:e3:fb:9b:9b:c0:1d:95:57:c0:f7:
                    3f:02:d0:fc:33:25:72:5a:52:ba:7c:b0:01:c8:0d:
                    9c:fd:8a:ed:4c:22:bc:41:13:46:00:ac:f6:d8:1b:
                    2b:b2:2e:3f:df:9e:23:6c:ff:2a:31:ff:4b:1a:4b:
                    0e:0c:a4:09:cd:93:d5:82:43:5c:e0:5e:35:08:fb:
                    f2:31:e2:1c:03:ad:87:0a:9f:13:cc:27:e0:f4:c5:
                    d3:ce:82:13:d0:9d:54:53:48:f0:29:d0:fe:b9:2b:
                    5b:e6:2c:b7:9c:e1:79:a2:c3:ea:e8:ff:01:b6:bf:
                    ae:84:58:91:99:de:d3:8f:ab:e7:06:99:55:7a:c6:
                    43:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:09:D4:85:36:E4:1E:00:84:70:DB:BF:11:30:D0:34:B3:9D:D8:05
            X509v3 Authority Key Identifier:
                keyid:96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:93:61:55:7a:c8:bd:ea:e2:e9:62:12:5d:74:e4:36:ff:59:
         c2:66:c2:0c:7d:70:ac:f1:51:4b:30:a9:a2:f5:13:46:97:89:
         26:be:66:dd:65:fb:37:f4:81:e2:d7:79:43:a7:fa:29:1b:c3:
         63:c1:4c:fc:5f:2f:5f:30:46:60:fe:51:22:51:b0:d4:f6:5e:
         c0:40:5f:66:a4:c2:69:9a:62:8e:0f:06:e6:67:04:85:99:9e:
         e9:01:df:ad:72:c1:f5:c5:e0:e9:59:1c:28:63:fb:61:f3:6d:
         a2:3a:3d:4e:ff:99:fb:ef:86:5b:cf:08:39:a5:d0:76:97:f9:
         a2:0e:bb:9b:54:6c:a9:17:21:e7:7f:c5:b2:9f:cf:05:db:7a:
         e6:b1:ce:11:89:11:2b:31:c8:5e:d8:a4:c6:65:26:83:f0:41:
         d2:ed:91:3e:2d:fa:33:89:9d:97:a8:21:b0:f1:3f:5f:5c:d1:
         aa:3c:cd:26:00:0c:92:8f:ca:ee:0c:02:67:ba:18:35:b3:56:
         64:e9:34:5f:6d:92:55:c0:3e:fe:9b:32:4d:ed:15:61:43:13:
         fd:23:a8:0b:cb:1a:47:dc:c1:90:aa:36:fc:5d:42:fc:1e:29:
         e7:e8:52:dc:5c:c0:86:7c:90:2f:05:24:13:ba:e0:89:12:9f:
         2e:52:ff:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvR9Kc5qPwaeGcXUxSjjqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmIwNWM2NjFjNzZhNWJjYzQ4ZGE4MzhlZWRiNjk3M2Yx
NTNiODYwHhcNMjYwMzAyMTYwMDQ1WhcNMjYwMzAzMTYwMDQ1WjAzMTEwLwYDVQQD
EygzNzA5ZDQ4NTM2ZTQxZTAwODQ3MGRiYmYxMTMwZDAzNGIzOWRkODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Q/dQStSNEo/yADQ9G02bzOjHywG
mGg9Amz/LPDG9J7E8TzmXSCxav7/jLdylkN4HVVGAGl+uPbdVGCUw0BNx0oyqL1s
9f4l0VWz9ILua68WM+7AMzL2P8Z6om0WHH1GGU8AaBwJ28W0Pk0X/JmkfC4w+hoQ
Jt1ouUEwuuP7m5vAHZVXwPc/AtD8MyVyWlK6fLAByA2c/YrtTCK8QRNGAKz22Bsr
si4/354jbP8qMf9LGksODKQJzZPVgkNc4F41CPvyMeIcA62HCp8TzCfg9MXTzoIT
0J1UU0jwKdD+uStb5iy3nOF5osPq6P8Btr+uhFiRmd7Tj6vnBplVesZDrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcJ1IU25B4AhHDbvxEw0DSzndgFMB8GA1UdIwQY
MBaAFJZrBcZhx2pbzEjag47ttpc/FTuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMt
ZTNjMmYzMmNmM2I3LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMtZTNjMmYzMmNmM2I3
LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5NhVXrI
veri6WISXXTkNv9ZwmbCDH1wrPFRSzCpovUTRpeJJr5m3WX7N/SB4td5Q6f6KRvD
Y8FM/F8vXzBGYP5RIlGw1PZewEBfZqTCaZpijg8G5mcEhZme6QHfrXLB9cXg6Vkc
KGP7YfNtojo9Tv+Z+++GW88IOaXQdpf5og67m1RsqRch53/Fsp/PBdt65rHOEYkR
KzHIXtikxmUmg/BB0u2RPi36M4mdl6ghsPE/X1zRqjzNJgAMko/K7gwCZ7oYNbNW
ZOk0X22SVcA+/psyTe0VYUMT/SOoC8saR9zBkKo2/F1C/B4p5+hS3FzAhnyQLwUk
E7rgiRKfLlL/GQ==
-----END CERTIFICATE-----