Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
File:                     Lokc9xG_fhxC4ILWoviaBL7rldE.mft (raw, json)
Hash identifier:          55kbXHAXgNviPN1zvp/jYVCEbwGObhFPWvLNhviniZ4=
Subject key identifier:   91:FD:8F:99:82:1B:9E:BA:B2:F2:0C:10:C7:80:89:F9:DD:C2:34:CD
Authority key identifier: 2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1
Certificate issuer:       /CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
Certificate serial:       019CADC80E8DFDF23980707F626F9C4A2CF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
Manifest number:          044B
Signing time:             Mon 02 Mar 2026 09:01:35 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:35 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:35 +0000
Files and hashes:         1: Lokc9xG_fhxC4ILWoviaBL7rldE.crl (hash: VPiA9a4byxWUwlYdyMIBd4ADJLdYxG8zfj7Ce+AqaM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c8:0e:8d:fd:f2:39:80:70:7f:62:6f:9c:4a:2c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e891cf711bf7e1c42e082d6a2f89a04beeb95d1
        Validity
            Not Before: Mar  2 09:01:35 2026 GMT
            Not After : Mar  3 09:01:35 2026 GMT
        Subject: CN=91fd8f99821b9ebab2f20c10c78089f9ddc234cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c1:7a:e1:f4:db:37:b8:51:a9:62:0d:59:6b:
                    aa:80:9d:89:41:86:f6:71:8d:10:bd:1f:a5:06:1d:
                    38:bc:be:ed:fc:cd:26:1f:2e:b2:83:8a:b2:fa:c2:
                    8a:f5:d8:b8:b2:6b:32:0d:68:72:64:dd:96:8e:a0:
                    03:d6:b9:a0:e4:d8:6c:be:81:6d:e1:4c:84:73:3c:
                    e3:22:fe:04:ac:4d:a4:26:cc:b3:35:b8:7c:91:0c:
                    6a:0a:02:fe:15:21:5f:77:34:fa:d1:cc:d2:a3:18:
                    96:93:d1:b2:61:ce:10:2f:8d:23:02:70:05:17:39:
                    05:9d:1a:34:06:9e:11:32:bc:04:63:9e:68:f4:8c:
                    49:57:1c:7e:9a:cc:6e:bc:4f:16:68:0a:5f:86:a0:
                    d2:23:cc:41:60:c0:15:9b:3a:ee:e1:a6:67:28:5a:
                    11:92:66:f3:78:51:0e:77:de:62:c1:3d:c7:e7:6d:
                    c4:fb:c1:48:20:d8:de:eb:30:30:c2:b9:9e:81:5b:
                    1a:94:56:91:e2:8e:51:75:67:12:c4:7e:80:f5:aa:
                    63:57:f6:c7:ef:2e:a4:77:56:65:18:26:4e:7b:60:
                    ee:34:02:02:50:c0:07:b5:ac:5b:dc:b0:1b:49:22:
                    24:81:d2:83:ef:15:e5:1a:bd:ab:b2:1e:47:5e:dd:
                    1f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:FD:8F:99:82:1B:9E:BA:B2:F2:0C:10:C7:80:89:F9:DD:C2:34:CD
            X509v3 Authority Key Identifier:
                keyid:2E:89:1C:F7:11:BF:7E:1C:42:E0:82:D6:A2:F8:9A:04:BE:EB:95:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lokc9xG_fhxC4ILWoviaBL7rldE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/50b550-f85e-489b-8473-e0365381bb85/1/Lokc9xG_fhxC4ILWoviaBL7rldE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:50:9b:2b:a3:1b:42:b9:9f:ad:50:20:59:6f:29:f0:fa:4e:
         5a:ca:59:4b:47:78:09:01:f5:26:5a:d4:ca:08:a2:6e:5f:b0:
         25:68:4e:6f:b9:4c:cc:d7:bd:8e:c4:41:95:cb:4e:be:45:eb:
         a3:19:97:21:49:d9:71:d3:cf:f8:b1:90:23:c0:97:85:41:65:
         77:b7:db:5f:27:62:34:f6:2c:c6:1d:fe:d7:79:7b:eb:31:81:
         13:02:77:14:74:0c:76:8f:eb:b9:bb:bb:09:8a:de:26:75:e1:
         23:e4:d8:68:1b:e1:2b:ee:7d:83:a6:cb:e2:f1:ab:40:56:b6:
         fb:42:b0:2a:d0:f6:16:d0:88:0f:84:47:f7:8e:e8:d8:14:2d:
         a0:76:c8:ef:3c:2b:34:94:78:7c:bc:a4:13:d0:12:a0:3b:b7:
         ad:58:f6:e4:5f:30:02:b7:3c:6d:0a:64:ed:90:5d:cd:88:7c:
         ca:34:56:0b:63:0b:c4:65:13:8d:a0:2c:7b:d9:14:1b:17:c7:
         25:a1:1e:1d:a1:06:05:e1:95:9a:20:51:4f:0d:2d:cd:34:2e:
         c9:a3:95:12:82:a9:3a:1b:30:b4:8c:08:04:4c:03:50:78:12:
         50:54:3d:a5:26:e9:06:cc:83:77:e2:c3:95:8f:7e:cf:34:9e:
         4e:02:3e:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyA6N/fI5gHB/Ym+cSizyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkxY2Y3MTFiZjdlMWM0MmUwODJkNmEyZjg5YTA0YmVl
Yjk1ZDEwHhcNMjYwMzAyMDkwMTM1WhcNMjYwMzAzMDkwMTM1WjAzMTEwLwYDVQQD
Eyg5MWZkOGY5OTgyMWI5ZWJhYjJmMjBjMTBjNzgwODlmOWRkYzIzNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcF64fTbN7hRqWINWWuqgJ2JQYb2
cY0QvR+lBh04vL7t/M0mHy6yg4qy+sKK9di4smsyDWhyZN2WjqAD1rmg5NhsvoFt
4UyEczzjIv4ErE2kJsyzNbh8kQxqCgL+FSFfdzT60czSoxiWk9GyYc4QL40jAnAF
FzkFnRo0Bp4RMrwEY55o9IxJVxx+msxuvE8WaApfhqDSI8xBYMAVmzru4aZnKFoR
kmbzeFEOd95iwT3H523E+8FIINje6zAwwrmegVsalFaR4o5RdWcSxH6A9apjV/bH
7y6kd1ZlGCZOe2DuNAICUMAHtaxb3LAbSSIkgdKD7xXlGr2rsh5HXt0fTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJH9j5mCG566svIMEMeAifndwjTNMB8GA1UdIwQY
MBaAFC6JHPcRv34cQuCC1qL4mgS+65XRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMt
ZTAzNjUzODFiYjg1LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MGI1NTAtZjg1ZS00ODliLTg0NzMtZTAzNjUzODFiYjg1
LzEvTG9rYzl4R19maHhDNElMV292aWFCTDdybGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqFCbK6Mb
QrmfrVAgWW8p8PpOWspZS0d4CQH1JlrUygiibl+wJWhOb7lMzNe9jsRBlctOvkXr
oxmXIUnZcdPP+LGQI8CXhUFld7fbXydiNPYsxh3+13l76zGBEwJ3FHQMdo/rubu7
CYreJnXhI+TYaBvhK+59g6bL4vGrQFa2+0KwKtD2FtCID4RH947o2BQtoHbI7zwr
NJR4fLykE9ASoDu3rVj25F8wArc8bQpk7ZBdzYh8yjRWC2MLxGUTjaAse9kUGxfH
JaEeHaEGBeGVmiBRTw0tzTQuyaOVEoKpOhswtIwIBEwDUHgSUFQ9pSbpBsyDd+LD
lY9+zzSeTgI+XQ==
-----END CERTIFICATE-----