Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          hHzxjn35mx4S3EFQlFBG9SQueWRZIXQwVyZhdLtG6yA=
Subject key identifier:   81:C2:C6:46:72:26:74:7A:25:9B:E1:13:C4:40:E5:CE:39:C6:58:90
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       019D9B50F14E73F3EA0F9822CDB4C2DD13E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          04C6
Signing time:             Fri 17 Apr 2026 12:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:06 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: qKGy41yuo9DSLY834XFnPPNOlY8iT0A8a5zUUluQrR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:f1:4e:73:f3:ea:0f:98:22:cd:b4:c2:dd:13:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Apr 17 12:01:06 2026 GMT
            Not After : Apr 18 12:01:06 2026 GMT
        Subject: CN=81c2c6467226747a259be113c440e5ce39c65890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:14:5b:33:fd:ce:72:f6:52:e7:b0:ed:ba:0b:
                    b7:f9:24:05:42:ef:af:e9:50:04:8d:dc:d7:b7:bc:
                    b2:60:3f:74:47:a1:87:33:2d:ca:fa:3f:93:c4:c5:
                    0a:ff:cb:49:5d:2e:f7:3f:74:38:56:10:cc:1b:fe:
                    0a:47:18:54:97:53:98:5d:69:b2:51:4f:16:a1:77:
                    84:63:fc:01:27:88:0c:0c:64:5a:5e:56:bd:a6:7b:
                    a7:29:ac:9b:9c:60:e2:78:75:96:99:a1:1a:2e:60:
                    72:39:05:90:12:9d:45:29:3f:e3:43:91:4a:af:9e:
                    0d:88:96:ee:65:33:55:24:31:ed:5b:bf:a9:9b:b9:
                    7f:07:40:9c:f8:6b:b0:98:a2:a0:fb:38:a2:d1:4e:
                    21:2b:78:b9:c2:5e:91:ff:66:59:be:f4:93:29:f8:
                    4b:49:75:6c:e3:6a:ba:a7:2d:27:49:ed:04:57:57:
                    69:3d:3d:b8:87:64:79:36:a2:9c:99:6b:24:d0:57:
                    bd:95:2e:4a:7f:db:ca:71:84:72:ec:ee:64:42:ba:
                    6f:05:9b:fe:d7:84:99:04:b5:03:ab:18:e2:ba:37:
                    25:7f:7b:74:b1:1f:ac:1d:8a:81:f9:62:d6:b8:dc:
                    0a:d9:fd:bf:84:55:5a:27:f7:13:fd:d3:16:67:4e:
                    ed:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:C2:C6:46:72:26:74:7A:25:9B:E1:13:C4:40:E5:CE:39:C6:58:90
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:96:68:2d:66:9f:82:ba:dd:5c:b0:e4:47:ce:90:6c:79:da:
         b7:a4:68:03:15:60:b3:49:43:f6:51:f7:35:6f:2b:63:d0:17:
         8f:8f:55:e6:12:0e:66:de:1e:c0:02:6e:99:96:c1:08:01:b2:
         91:9c:ea:ed:40:13:a5:7c:33:6f:5e:cd:cb:41:5f:a3:88:07:
         28:81:5b:53:c6:70:79:17:31:13:d0:1b:61:22:4b:df:22:92:
         1a:a6:c5:3d:0c:6e:51:92:db:ef:4f:b5:0c:4c:cc:8f:17:1c:
         fe:7e:f4:eb:b5:4b:99:91:c1:0e:06:8a:52:23:c5:09:89:ae:
         09:93:69:26:39:1f:86:36:39:45:80:a7:56:6c:b8:93:36:a1:
         3d:e0:73:0e:96:ee:63:14:d4:0f:f1:2f:26:7e:fd:ca:82:87:
         7e:e0:1e:d5:d7:de:ba:7b:97:3b:f6:ce:23:d1:f0:14:46:52:
         25:b6:58:d3:16:62:d7:66:cf:d9:8d:ea:c3:f1:83:1b:a1:46:
         3e:18:10:0f:d3:96:75:8d:5e:44:a5:83:1e:d9:11:ba:05:d3:
         94:10:53:a7:d6:ad:07:97:11:e5:4e:43:ea:fd:46:ef:15:ae:
         b0:2d:ef:a6:4f:7e:6d:01:fd:6c:e7:71:20:a4:d7:2f:43:8e:
         fc:45:24:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUPFOc/PqD5gizbTC3RPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjYwNDE3MTIwMTA2WhcNMjYwNDE4MTIwMTA2WjAzMTEwLwYDVQQD
Eyg4MWMyYzY0NjcyMjY3NDdhMjU5YmUxMTNjNDQwZTVjZTM5YzY1ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRRbM/3OcvZS57Dtugu3+SQFQu+v
6VAEjdzXt7yyYD90R6GHMy3K+j+TxMUK/8tJXS73P3Q4VhDMG/4KRxhUl1OYXWmy
UU8WoXeEY/wBJ4gMDGRaXla9pnunKaybnGDieHWWmaEaLmByOQWQEp1FKT/jQ5FK
r54NiJbuZTNVJDHtW7+pm7l/B0Cc+GuwmKKg+zii0U4hK3i5wl6R/2ZZvvSTKfhL
SXVs42q6py0nSe0EV1dpPT24h2R5NqKcmWsk0Fe9lS5Kf9vKcYRy7O5kQrpvBZv+
14SZBLUDqxjiujclf3t0sR+sHYqB+WLWuNwK2f2/hFVaJ/cT/dMWZ07tqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHCxkZyJnR6JZvhE8RA5c45xliQMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbZZoLWaf
grrdXLDkR86QbHnat6RoAxVgs0lD9lH3NW8rY9AXj49V5hIOZt4ewAJumZbBCAGy
kZzq7UATpXwzb17Ny0Ffo4gHKIFbU8ZweRcxE9AbYSJL3yKSGqbFPQxuUZLb70+1
DEzMjxcc/n7067VLmZHBDgaKUiPFCYmuCZNpJjkfhjY5RYCnVmy4kzahPeBzDpbu
YxTUD/EvJn79yoKHfuAe1dfeunuXO/bOI9HwFEZSJbZY0xZi12bP2Y3qw/GDG6FG
PhgQD9OWdY1eRKWDHtkRugXTlBBTp9atB5cR5U5D6v1G7xWusC3vpk9+bQH9bOdx
IKTXL0OO/EUkUw==
-----END CERTIFICATE-----