Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          2j0O9HuteRJrH0npn2Wc81lYaADuU7RhKYzZ1gh/DVg=
Subject key identifier:   63:DD:C4:CD:C4:7D:7C:B8:C3:52:4A:8B:61:F6:9A:9A:E9:58:44:27
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       019D3865908DDEBC2C588654CA166719763A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:13 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:13 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:13 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: KShWPZ+jkSF2vXvaYd2yj75pFSQ8+bozTWGBTpMpT1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:90:8d:de:bc:2c:58:86:54:ca:16:67:19:76:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: Mar 29 07:01:13 2026 GMT
            Not After : Mar 30 07:01:13 2026 GMT
        Subject: CN=63ddc4cdc47d7cb8c3524a8b61f69a9ae9584427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:76:8b:27:a2:e2:e8:d4:2e:41:99:51:a3:66:
                    39:8f:4c:a0:a6:3c:9d:56:6d:de:79:a7:fa:d1:b3:
                    63:b0:b0:ab:b9:34:c7:fd:cb:25:c5:d8:59:cc:26:
                    3a:ff:f8:2d:b3:c1:94:83:1e:c9:a0:33:62:07:f9:
                    ec:98:2f:b7:33:67:d5:6c:56:91:05:3d:32:4b:a9:
                    56:f0:20:31:12:9e:58:98:35:d6:fb:e2:59:b2:93:
                    0f:4c:a2:93:79:e0:a9:9e:ab:a4:26:bb:b0:9c:5c:
                    3e:fb:60:aa:e0:68:ee:f4:9e:35:5d:1d:60:4f:df:
                    22:fb:22:18:83:65:33:71:18:fd:0e:6e:c5:dd:c4:
                    59:8f:b5:b7:33:99:31:b0:4f:cb:77:c2:fd:e2:e4:
                    7f:d6:8d:d0:86:bc:57:fa:79:9f:a8:ec:39:6f:cb:
                    89:91:a4:93:97:f2:a9:44:94:48:9f:ee:b9:5d:d4:
                    e5:37:0a:4e:77:2f:2a:dc:ed:ec:a2:5c:e6:5a:7f:
                    b7:08:10:4f:ee:4b:60:89:d4:dd:4b:1d:85:c5:7e:
                    fe:1d:a0:a8:07:39:75:85:1f:61:de:fd:1e:e1:31:
                    b9:74:54:1d:c3:b7:a5:d2:f5:9c:4d:73:c8:58:bc:
                    51:b6:c0:84:b1:75:7c:46:19:c2:1f:5a:91:b3:b0:
                    35:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:DD:C4:CD:C4:7D:7C:B8:C3:52:4A:8B:61:F6:9A:9A:E9:58:44:27
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:cc:80:83:15:6d:64:64:c0:04:52:6e:26:17:fb:40:5b:6a:
         88:3c:d1:e3:61:e3:b0:fc:6c:8d:fd:4c:de:9a:8b:70:8c:c8:
         46:b4:0d:c5:62:e0:ef:23:ab:fc:fe:d5:9b:fe:82:60:aa:da:
         84:43:64:c2:04:8e:b3:88:b3:e7:f4:07:ce:dc:bd:5b:b5:6b:
         e1:2f:ff:ff:2e:6d:67:40:d1:05:ad:79:26:e1:07:57:8e:34:
         21:57:f2:f8:69:c1:13:c3:6f:8d:0d:21:13:ec:8d:47:0b:b8:
         d1:0c:6b:bc:c3:3d:72:50:ef:65:e6:63:6d:76:8f:2e:83:51:
         b9:fa:a2:c1:7d:c1:e5:2a:67:3e:06:5f:84:c1:4b:7f:a8:3b:
         b9:a1:5d:5e:45:7d:ec:f1:02:90:15:f3:d7:fc:c2:ec:53:d6:
         7e:6e:5c:d2:8f:ed:eb:71:e1:ca:b0:73:e2:7f:0b:bf:9c:23:
         bd:a5:f7:00:61:9e:20:94:90:97:14:05:7a:37:de:ac:6d:a9:
         ff:d1:2e:56:45:ba:0c:7d:22:8c:93:ce:bf:71:35:95:c6:1b:
         6e:5d:43:ea:d9:a1:4b:b3:25:b3:a1:51:1c:3d:a5:28:a1:52:
         32:ae:3c:e6:cd:d5:f1:cd:bd:86:10:12:68:13:08:3b:95:1d:
         06:a2:5a:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZCN3rwsWIZUyhZnGXY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjYwMzI5MDcwMTEzWhcNMjYwMzMwMDcwMTEzWjAzMTEwLwYDVQQD
Eyg2M2RkYzRjZGM0N2Q3Y2I4YzM1MjRhOGI2MWY2OWE5YWU5NTg0NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnaLJ6Li6NQuQZlRo2Y5j0ygpjyd
Vm3eeaf60bNjsLCruTTH/cslxdhZzCY6//gts8GUgx7JoDNiB/nsmC+3M2fVbFaR
BT0yS6lW8CAxEp5YmDXW++JZspMPTKKTeeCpnqukJruwnFw++2Cq4Gju9J41XR1g
T98i+yIYg2UzcRj9Dm7F3cRZj7W3M5kxsE/Ld8L94uR/1o3QhrxX+nmfqOw5b8uJ
kaSTl/KpRJRIn+65XdTlNwpOdy8q3O3solzmWn+3CBBP7ktgidTdSx2FxX7+HaCo
Bzl1hR9h3v0e4TG5dFQdw7el0vWcTXPIWLxRtsCEsXV8RhnCH1qRs7A1gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPdxM3EfXy4w1JKi2H2mprpWEQnMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx8yAgxVt
ZGTABFJuJhf7QFtqiDzR42HjsPxsjf1M3pqLcIzIRrQNxWLg7yOr/P7Vm/6CYKra
hENkwgSOs4iz5/QHzty9W7Vr4S///y5tZ0DRBa15JuEHV440IVfy+GnBE8NvjQ0h
E+yNRwu40QxrvMM9clDvZeZjbXaPLoNRufqiwX3B5SpnPgZfhMFLf6g7uaFdXkV9
7PECkBXz1/zC7FPWfm5c0o/t63HhyrBz4n8Lv5wjvaX3AGGeIJSQlxQFejferG2p
/9EuVkW6DH0ijJPOv3E1lcYbbl1D6tmhS7Mls6FRHD2lKKFSMq485s3V8c29hhAS
aBMIO5UdBqJaeA==
-----END CERTIFICATE-----