Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
File:                     JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft (raw, json)
Hash identifier:          5BMHataimQ4TFSUzRi9uOeSdPxzz1gL2DBvDifRuvPI=
Subject key identifier:   F7:48:4C:B5:79:BC:33:71:EC:15:AD:3D:F0:46:43:1E:A1:BE:6A:96
Authority key identifier: 25:BA:87:95:F3:E7:E2:D2:C7:C9:0F:1C:36:66:CF:7F:92:83:DA:9E
Certificate issuer:       /CN=25ba8795f3e7e2d2c7c90f1c3666cf7f9283da9e
Certificate serial:       019D38668B1DFC19C75D00B17A00C7CBA89B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
Manifest number:          1889
Signing time:             Sun 29 Mar 2026 07:02:17 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:17 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:17 +0000
Files and hashes:         1: JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl (hash: ufKRNnGfB/j2TeFJNy6iFrzua6pxOXblfTGsa1HQEso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:8b:1d:fc:19:c7:5d:00:b1:7a:00:c7:cb:a8:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25ba8795f3e7e2d2c7c90f1c3666cf7f9283da9e
        Validity
            Not Before: Mar 29 07:02:17 2026 GMT
            Not After : Mar 30 07:02:17 2026 GMT
        Subject: CN=f7484cb579bc3371ec15ad3df046431ea1be6a96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b8:86:77:fd:36:d9:c2:81:2f:fa:0c:e4:01:
                    c2:19:b0:16:7f:09:a0:5a:43:7d:17:bf:17:20:98:
                    f6:ab:e0:0d:7d:bc:dc:2e:7a:d7:c7:5e:08:ce:99:
                    45:a9:cb:fd:2f:be:2a:9b:34:6d:44:86:3a:f4:24:
                    e7:ab:d5:f0:24:8a:47:8c:77:06:d8:4b:d0:03:b2:
                    fe:74:dd:f4:05:34:04:fa:26:13:83:cc:75:c7:44:
                    a9:a0:48:fa:de:7a:e3:66:b9:fd:7b:19:e6:e5:66:
                    eb:5b:12:b5:f2:f9:70:21:eb:9f:b1:81:35:e8:dd:
                    bd:e4:3b:c2:49:7a:5d:f9:bb:ac:e7:ff:ef:fc:57:
                    1b:a9:3c:36:e0:e5:59:06:a2:2d:e0:dd:98:4d:d5:
                    6f:b1:4b:41:1e:b7:be:0f:e7:fc:a1:6a:03:d0:49:
                    b5:1f:c2:b4:82:e6:ba:60:1d:d5:44:d7:77:4c:69:
                    04:05:95:55:fc:29:14:39:3f:ad:05:46:ff:a2:34:
                    26:13:65:ef:71:46:97:c7:50:66:40:99:f4:1d:88:
                    61:4c:be:bf:c4:81:92:22:6b:05:a1:56:ad:28:bc:
                    6b:ce:58:4d:02:e9:a0:52:96:27:19:c0:93:95:91:
                    92:95:b5:47:71:76:be:0f:c4:4f:60:a6:91:a8:03:
                    1a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:48:4C:B5:79:BC:33:71:EC:15:AD:3D:F0:46:43:1E:A1:BE:6A:96
            X509v3 Authority Key Identifier:
                keyid:25:BA:87:95:F3:E7:E2:D2:C7:C9:0F:1C:36:66:CF:7F:92:83:DA:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:38:09:ac:68:da:e8:75:f6:e6:da:dc:65:05:e0:15:d6:48:
         af:f3:59:a6:ee:07:df:f4:4a:25:52:be:95:9b:ec:64:3d:b2:
         79:1f:64:7a:da:d9:62:5d:4b:c5:b8:a7:7d:85:0c:39:b4:b3:
         c0:46:14:6f:f0:a8:f8:44:43:67:01:3a:f7:70:1b:9b:92:31:
         bb:1b:04:cb:f8:8c:de:2a:3a:d2:99:27:86:34:8e:7a:af:66:
         d6:89:f6:9b:91:75:46:79:79:d8:8b:e8:71:a1:aa:fa:93:e9:
         51:fa:a1:50:42:a7:f2:a8:04:ed:dd:9c:2d:fb:e0:b7:bf:ba:
         f2:ba:db:64:0f:e6:1d:d5:f0:c6:fb:86:7d:b6:c1:06:05:c8:
         bc:b9:f3:ea:2b:0c:95:6f:19:fa:8f:eb:04:c1:0d:73:70:86:
         90:46:ca:04:6c:d8:e1:a8:6e:8d:02:83:45:27:e4:96:19:22:
         49:a6:7c:fd:81:34:16:dd:de:c5:f3:0f:18:20:9d:f4:45:87:
         c1:4f:69:38:cb:40:cd:ed:b7:e5:de:10:06:f8:61:6b:ad:d7:
         88:22:0a:0a:76:11:dc:e3:d4:8c:1e:d6:b4:c4:39:13:8b:d5:
         fd:45:36:1f:fb:83:80:bc:2c:6c:56:14:ae:b1:6f:c6:e8:af:
         85:14:55:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zosd/BnHXQCxegDHy6ibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmE4Nzk1ZjNlN2UyZDJjN2M5MGYxYzM2NjZjZjdmOTI4
M2RhOWUwHhcNMjYwMzI5MDcwMjE3WhcNMjYwMzMwMDcwMjE3WjAzMTEwLwYDVQQD
EyhmNzQ4NGNiNTc5YmMzMzcxZWMxNWFkM2RmMDQ2NDMxZWExYmU2YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLiGd/022cKBL/oM5AHCGbAWfwmg
WkN9F78XIJj2q+ANfbzcLnrXx14IzplFqcv9L74qmzRtRIY69CTnq9XwJIpHjHcG
2EvQA7L+dN30BTQE+iYTg8x1x0SpoEj63nrjZrn9exnm5WbrWxK18vlwIeufsYE1
6N295DvCSXpd+bus5//v/FcbqTw24OVZBqIt4N2YTdVvsUtBHre+D+f8oWoD0Em1
H8K0gua6YB3VRNd3TGkEBZVV/CkUOT+tBUb/ojQmE2XvcUaXx1BmQJn0HYhhTL6/
xIGSImsFoVatKLxrzlhNAumgUpYnGcCTlZGSlbVHcXa+D8RPYKaRqAMaRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdITLV5vDNx7BWtPfBGQx6hvmqWMB8GA1UdIwQY
MBaAFCW6h5Xz5+LSx8kPHDZmz3+Sg9qeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81NDg0MTctNWIwMS00ZjVlLWI5YjMt
NGVkZGJlYjgzODdiLzEvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81NDg0MTctNWIwMS00ZjVlLWI5YjMtNGVkZGJlYjgzODdi
LzEvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPDgJrGja
6HX25trcZQXgFdZIr/NZpu4H3/RKJVK+lZvsZD2yeR9ketrZYl1LxbinfYUMObSz
wEYUb/Co+ERDZwE693Abm5IxuxsEy/iM3io60pknhjSOeq9m1on2m5F1Rnl52Ivo
caGq+pPpUfqhUEKn8qgE7d2cLfvgt7+68rrbZA/mHdXwxvuGfbbBBgXIvLnz6isM
lW8Z+o/rBMENc3CGkEbKBGzY4ahujQKDRSfklhkiSaZ8/YE0Ft3exfMPGCCd9EWH
wU9pOMtAze235d4QBvhha63XiCIKCnYR3OPUjB7WtMQ5E4vV/UU2H/uDgLwsbFYU
rrFvxuivhRRVHA==
-----END CERTIFICATE-----