Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
File:                     lnRtO9Pi3eYWQCDesLXYkixkdm0.mft (raw, json)
Hash identifier:          rDnfmTKPyfyUy04qraLAbWkTXLC4jhTeEUuiTbT3Rb0=
Subject key identifier:   F5:8C:CD:59:5E:48:43:FD:87:B1:F7:50:BF:80:11:98:77:5F:9D:9D
Authority key identifier: 96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D
Certificate issuer:       /CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
Certificate serial:       019CAC1012BBFF077474F77684096AAAED22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
Manifest number:          04FC
Signing time:             Mon 02 Mar 2026 01:01:00 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:00 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:00 +0000
Files and hashes:         1: lnRtO9Pi3eYWQCDesLXYkixkdm0.crl (hash: GX26Hv0szqg3wE4mU5sKfaZKkYXWnQ3FMX5I7n6vKPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:12:bb:ff:07:74:74:f7:76:84:09:6a:aa:ed:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
        Validity
            Not Before: Mar  2 01:01:00 2026 GMT
            Not After : Mar  3 01:01:00 2026 GMT
        Subject: CN=f58ccd595e4843fd87b1f750bf801198775f9d9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9b:fd:e4:fc:ef:28:95:18:0b:b4:3e:96:33:
                    91:8e:3f:3e:68:c6:f3:71:e3:4a:c3:22:2f:b8:9d:
                    4b:17:3d:e7:a8:61:01:e0:c8:92:8a:50:e3:0e:cb:
                    d1:93:54:d7:c0:c9:b8:a3:a8:7a:f7:a1:8c:a7:1c:
                    6c:52:e9:ac:e6:87:99:ce:03:9f:7b:e5:45:f1:e9:
                    5c:ef:bc:53:46:39:96:d3:65:96:b1:c9:30:08:dd:
                    c6:2a:2f:ee:b0:17:d6:74:79:2f:aa:b6:58:11:cf:
                    ec:1d:06:7c:9e:c8:38:b6:3f:20:ef:8a:80:38:a2:
                    b0:39:d5:4b:58:5f:f0:ce:39:b0:e5:38:44:99:15:
                    85:f8:6e:eb:c4:d8:e8:de:dd:0f:38:00:d8:29:e5:
                    4c:08:2a:f0:82:a3:17:fe:8c:02:7c:40:fa:8f:c4:
                    59:59:b5:ce:ca:e3:ea:6f:1f:6d:5d:d4:41:ad:3c:
                    e6:e7:4c:fb:dc:1e:f8:c0:76:1b:fe:c6:89:7f:32:
                    48:11:9e:db:95:43:14:97:e4:c5:1e:2e:3b:2e:88:
                    7c:41:9c:44:c9:20:1c:8e:f9:ca:b3:f8:45:bf:27:
                    25:1a:8c:f2:d4:58:b0:cc:a2:6f:5d:46:b0:31:7e:
                    0a:60:9c:e7:59:94:3d:a7:31:54:34:13:b0:88:7e:
                    f6:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:8C:CD:59:5E:48:43:FD:87:B1:F7:50:BF:80:11:98:77:5F:9D:9D
            X509v3 Authority Key Identifier:
                keyid:96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:be:4e:36:7d:ca:f6:61:01:79:20:14:09:b1:b3:6d:af:84:
         56:9e:d5:da:db:5d:e6:46:b8:5a:31:77:57:35:df:26:9e:42:
         a2:f4:9d:1f:0a:85:8b:9e:9c:0a:41:29:e8:69:33:46:95:d3:
         93:0e:20:ea:49:8a:6e:33:c9:80:8a:21:05:58:b1:76:b7:a4:
         66:92:fd:6a:4b:f2:3c:ff:f2:44:d0:fd:9f:32:48:18:a0:a2:
         70:8f:d8:d2:f5:12:0a:8f:ee:4f:5a:98:68:37:c0:20:a1:4f:
         3a:f7:18:c5:d8:78:4e:d9:1b:ee:14:80:bd:47:f3:b5:51:3c:
         22:c2:10:37:ab:ac:16:11:f8:30:e6:b5:16:76:52:77:e3:75:
         3e:24:c7:21:7b:6d:cf:7d:c3:8a:98:09:20:90:85:75:5b:29:
         41:8e:75:f0:eb:b2:8f:00:fe:cd:8a:20:1f:cc:f1:09:2b:43:
         ec:7d:10:72:b2:ed:77:d5:7b:9a:98:60:91:74:9d:e7:bb:0a:
         3f:83:cc:98:08:b8:a2:37:1d:0b:46:92:42:2d:29:2e:13:f5:
         e2:27:ca:b7:eb:d0:cd:49:a6:09:d3:0d:55:dd:e9:4b:01:69:
         5d:05:3c:25:d4:60:09:9d:6a:f1:0c:e5:c5:80:a1:55:48:56:
         29:59:f3:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEBK7/wd0dPd2hAlqqu0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzQ2ZDNiZDNlMmRkZTYxNjQwMjBkZWIwYjVkODkyMmM2
NDc2NmQwHhcNMjYwMzAyMDEwMTAwWhcNMjYwMzAzMDEwMTAwWjAzMTEwLwYDVQQD
EyhmNThjY2Q1OTVlNDg0M2ZkODdiMWY3NTBiZjgwMTE5ODc3NWY5ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpv95PzvKJUYC7Q+ljORjj8+aMbz
ceNKwyIvuJ1LFz3nqGEB4MiSilDjDsvRk1TXwMm4o6h696GMpxxsUums5oeZzgOf
e+VF8elc77xTRjmW02WWsckwCN3GKi/usBfWdHkvqrZYEc/sHQZ8nsg4tj8g74qA
OKKwOdVLWF/wzjmw5ThEmRWF+G7rxNjo3t0POADYKeVMCCrwgqMX/owCfED6j8RZ
WbXOyuPqbx9tXdRBrTzm50z73B74wHYb/saJfzJIEZ7blUMUl+TFHi47Loh8QZxE
ySAcjvnKs/hFvyclGozy1FiwzKJvXUawMX4KYJznWZQ9pzFUNBOwiH72TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWMzVleSEP9h7H3UL+AEZh3X52dMB8GA1UdIwQY
MBaAFJZ0bTvT4t3mFkAg3rC12JIsZHZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMt
MDgwNTQxOWQ3MjFhLzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMtMDgwNTQxOWQ3MjFh
LzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArr5ONn3K
9mEBeSAUCbGzba+EVp7V2ttd5ka4WjF3VzXfJp5CovSdHwqFi56cCkEp6GkzRpXT
kw4g6kmKbjPJgIohBVixdrekZpL9akvyPP/yRND9nzJIGKCicI/Y0vUSCo/uT1qY
aDfAIKFPOvcYxdh4Ttkb7hSAvUfztVE8IsIQN6usFhH4MOa1FnZSd+N1PiTHIXtt
z33DipgJIJCFdVspQY518OuyjwD+zYogH8zxCStD7H0QcrLtd9V7mphgkXSd57sK
P4PMmAi4ojcdC0aSQi0pLhP14ifKt+vQzUmmCdMNVd3pSwFpXQU8JdRgCZ1q8Qzl
xYChVUhWKVnzQQ==
-----END CERTIFICATE-----