Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
File:                     JTncEcLyIukQROG-eygeV23u5Fs.mft (raw, json)
Hash identifier:          d6OGFpz9eoJa74znUJgF2t/yISE/Wjfa70RS1iKpd4M=
Subject key identifier:   74:B8:CA:5F:55:E3:1E:7E:0F:D7:0B:63:69:F1:AB:17:43:36:39:71
Authority key identifier: 25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B
Certificate issuer:       /CN=2539dc11c2f222e91044e1be7b281e576deee45b
Certificate serial:       019D389BD1B0AC73EEF30614AA2BB20F01CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
Manifest number:          0365
Signing time:             Sun 29 Mar 2026 08:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:28 +0000
Files and hashes:         1: JTncEcLyIukQROG-eygeV23u5Fs.crl (hash: gR5a0tJ3fUbSooc8DISY04V/5u1VJUsKsFamWjzNdEU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:d1:b0:ac:73:ee:f3:06:14:aa:2b:b2:0f:01:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2539dc11c2f222e91044e1be7b281e576deee45b
        Validity
            Not Before: Mar 29 08:00:28 2026 GMT
            Not After : Mar 30 08:00:28 2026 GMT
        Subject: CN=74b8ca5f55e31e7e0fd70b6369f1ab1743363971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4d:bf:33:c4:9c:fc:cc:72:cf:56:bd:61:8f:
                    8c:5b:28:6c:c7:9e:9d:31:75:89:53:f4:20:97:c1:
                    e0:43:7c:04:e7:73:b8:cf:bf:b1:62:4a:99:43:8a:
                    f4:d9:88:d0:61:9e:6d:54:76:bc:07:60:dd:f8:ec:
                    01:0f:f8:18:f4:ee:1e:2c:b5:e4:cd:78:02:31:f7:
                    d2:5a:ca:27:81:83:5e:21:a0:e6:f6:4a:dc:b3:f9:
                    cf:60:c2:1e:41:a6:f7:6f:a7:43:9f:36:c5:48:83:
                    f0:b3:61:43:64:53:4a:7a:76:6a:8b:34:3f:85:af:
                    68:38:0c:4f:91:4b:d8:a6:bf:cd:e3:ea:c4:51:7f:
                    6e:ed:2e:4f:12:01:9a:41:02:51:82:a8:2b:ee:11:
                    72:f1:10:a1:89:f2:82:3b:32:a6:67:b3:09:f7:b8:
                    53:e5:13:4e:3f:c6:68:42:b7:66:34:55:1c:cf:3c:
                    6f:a6:d4:d6:7b:d2:3a:55:d2:7e:d3:cd:c7:52:89:
                    1d:73:c5:79:4f:4e:52:a8:3f:e4:8a:1f:d2:82:27:
                    2b:10:61:78:4a:95:ae:4a:8c:2d:9e:7c:2d:f1:a5:
                    3d:bb:9e:34:15:e4:b4:6e:90:5a:bf:17:26:cf:cc:
                    21:bd:a8:10:a7:28:2a:32:30:e2:79:15:54:38:4b:
                    33:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:B8:CA:5F:55:E3:1E:7E:0F:D7:0B:63:69:F1:AB:17:43:36:39:71
            X509v3 Authority Key Identifier:
                keyid:25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:e7:82:66:27:36:1c:e3:37:84:6b:6d:19:5d:95:d9:5d:b8:
         0f:d1:ed:18:43:9f:91:e2:e0:9a:35:f2:6a:b1:bc:bd:ea:3c:
         c6:94:68:44:6e:9a:7e:1e:c0:c6:6e:24:da:d7:04:07:44:1c:
         96:27:78:6f:e7:16:ce:ad:05:d4:e2:5d:72:1c:d7:f3:91:3b:
         c2:91:48:da:70:97:21:ac:8c:af:13:1e:ad:23:f3:02:27:17:
         81:ca:ec:d9:11:a9:53:56:47:70:ec:9e:f3:f5:88:a0:dd:d1:
         cb:64:94:89:13:f6:c1:e2:c8:00:c6:5a:56:60:50:7c:f0:28:
         68:dd:3a:68:11:35:59:64:01:ea:3a:e9:ea:c7:3d:b8:6b:22:
         96:f3:a8:69:f1:63:21:f6:3e:e2:fa:1d:3f:a9:ba:8b:38:10:
         0a:20:e9:3a:d8:b7:58:80:cb:33:aa:33:e5:5d:02:82:38:ca:
         16:b4:ce:94:70:c2:26:1f:fa:b0:3b:cf:ac:ab:a2:ef:47:73:
         10:69:3d:a0:e3:97:e7:a8:88:cc:b2:be:85:18:da:74:08:3f:
         df:8b:8e:be:5c:67:41:6a:17:8a:04:8f:8d:25:17:2a:e2:bb:
         db:6a:0b:77:de:2c:85:ef:5f:bb:02:48:62:a0:62:ce:3b:74:
         7a:c3:43:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m9GwrHPu8wYUqiuyDwHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzlkYzExYzJmMjIyZTkxMDQ0ZTFiZTdiMjgxZTU3NmRl
ZWU0NWIwHhcNMjYwMzI5MDgwMDI4WhcNMjYwMzMwMDgwMDI4WjAzMTEwLwYDVQQD
Eyg3NGI4Y2E1ZjU1ZTMxZTdlMGZkNzBiNjM2OWYxYWIxNzQzMzYzOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr02/M8Sc/Mxyz1a9YY+MWyhsx56d
MXWJU/Qgl8HgQ3wE53O4z7+xYkqZQ4r02YjQYZ5tVHa8B2Dd+OwBD/gY9O4eLLXk
zXgCMffSWsongYNeIaDm9krcs/nPYMIeQab3b6dDnzbFSIPws2FDZFNKenZqizQ/
ha9oOAxPkUvYpr/N4+rEUX9u7S5PEgGaQQJRgqgr7hFy8RChifKCOzKmZ7MJ97hT
5RNOP8ZoQrdmNFUczzxvptTWe9I6VdJ+083HUokdc8V5T05SqD/kih/SgicrEGF4
SpWuSowtnnwt8aU9u540FeS0bpBavxcmz8whvagQpygqMjDieRVUOEszKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHS4yl9V4x5+D9cLY2nxqxdDNjlxMB8GA1UdIwQY
MBaAFCU53BHC8iLpEEThvnsoHldt7uRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUt
MGZjOGRhMDUwM2M5LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUtMGZjOGRhMDUwM2M5
LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+eCZic2
HOM3hGttGV2V2V24D9HtGEOfkeLgmjXyarG8veo8xpRoRG6afh7Axm4k2tcEB0Qc
lid4b+cWzq0F1OJdchzX85E7wpFI2nCXIayMrxMerSPzAicXgcrs2RGpU1ZHcOye
8/WIoN3Ry2SUiRP2weLIAMZaVmBQfPAoaN06aBE1WWQB6jrp6sc9uGsilvOoafFj
IfY+4vodP6m6izgQCiDpOti3WIDLM6oz5V0CgjjKFrTOlHDCJh/6sDvPrKui70dz
EGk9oOOX56iIzLK+hRjadAg/34uOvlxnQWoXigSPjSUXKuK722oLd94she9fuwJI
YqBizjt0esND6Q==
-----END CERTIFICATE-----