Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
File:                     Jnzx804vAQuQLcFCRVtrtzJs8I0.mft (raw, json)
Hash identifier:          DljIXJGXKQXh3uk8p3nkiz/40cRVY8C81I68QOsFNZ8=
Subject key identifier:   DD:74:D7:91:B7:FF:72:E7:A0:AE:BF:5A:FA:57:C0:5B:2C:93:73:EB
Authority key identifier: 26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D
Certificate issuer:       /CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
Certificate serial:       019D39E5452850AC06073DBDBB29D7A82B74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
Manifest number:          1891
Signing time:             Sun 29 Mar 2026 14:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:19 +0000
Files and hashes:         1: Jnzx804vAQuQLcFCRVtrtzJs8I0.crl (hash: gMoBBoqoE+0Y+abd91hMvZ84bsC+Zq/ByGSgi9usOPQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:45:28:50:ac:06:07:3d:bd:bb:29:d7:a8:2b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=267cf1f34e2f010b902dc142455b6bb7326cf08d
        Validity
            Not Before: Mar 29 14:00:19 2026 GMT
            Not After : Mar 30 14:00:19 2026 GMT
        Subject: CN=dd74d791b7ff72e7a0aebf5afa57c05b2c9373eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b1:cf:fb:b5:b4:99:40:d4:06:a5:9e:c4:33:
                    2c:3a:f5:8a:b1:51:4a:a2:f1:d3:ab:73:4b:24:52:
                    4d:81:94:88:32:4d:be:2c:ac:29:84:97:8a:21:6a:
                    f8:d0:dd:fc:d1:2c:31:c4:9e:a5:81:1c:cb:ea:6a:
                    75:05:ab:0c:39:e8:5e:5e:b5:ce:fd:a6:80:8d:14:
                    55:8b:07:79:58:97:01:10:da:23:75:ef:86:ff:ea:
                    44:64:a7:dd:f9:23:07:af:a7:d0:ab:b7:a3:07:8d:
                    66:c3:bd:b7:68:ec:f3:39:b1:4b:c7:ec:d7:95:44:
                    70:c1:09:3b:bf:30:7b:6e:92:12:5e:87:d8:7b:96:
                    f9:85:ce:f1:27:e3:4a:0f:08:a6:00:a7:16:0f:36:
                    9f:58:aa:94:ca:95:e5:78:b0:8e:f1:ab:37:e5:29:
                    f7:f9:e3:5e:d5:39:da:ea:0f:f8:6e:33:28:ec:b9:
                    35:af:b4:67:2d:58:6c:a3:61:66:12:94:9f:03:ef:
                    71:95:96:da:77:5e:3b:f4:d6:ba:ae:9d:41:a7:ac:
                    71:ed:30:78:c8:3d:b2:8d:a3:26:b8:e0:2b:97:b9:
                    0d:7f:8c:1d:f9:3b:b7:1d:0f:e6:97:2e:db:84:04:
                    2a:fc:22:88:95:c6:5c:52:fc:62:7c:94:d6:44:e9:
                    2a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:74:D7:91:B7:FF:72:E7:A0:AE:BF:5A:FA:57:C0:5B:2C:93:73:EB
            X509v3 Authority Key Identifier:
                keyid:26:7C:F1:F3:4E:2F:01:0B:90:2D:C1:42:45:5B:6B:B7:32:6C:F0:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jnzx804vAQuQLcFCRVtrtzJs8I0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/91bcd8-a1f7-4fb1-b288-011b451b45b4/1/Jnzx804vAQuQLcFCRVtrtzJs8I0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:9e:14:fe:7f:d6:ce:be:12:85:ca:a0:2c:9f:fc:47:01:6d:
         8a:80:6d:35:36:02:37:3f:8a:1c:5a:a8:dc:81:67:3c:07:06:
         08:2f:40:f2:cd:d0:cc:a3:00:10:f4:28:58:27:63:73:5d:82:
         e6:0d:24:93:eb:ef:00:1e:db:57:17:27:f8:57:c2:59:04:b5:
         12:3d:2a:f4:cb:ed:53:4e:3d:cd:30:4a:cd:d0:61:ff:dd:47:
         5f:91:a8:ae:b1:0d:8a:aa:14:31:62:36:33:eb:f4:03:25:ab:
         7b:ed:9d:63:8b:25:8f:24:51:6b:a3:c2:6d:e8:fd:5b:59:3c:
         22:29:ab:6e:4d:fa:4b:84:da:36:1f:0f:55:34:a7:d5:82:21:
         3a:6a:5c:aa:82:0c:be:a4:54:1b:51:9e:15:12:e1:9b:94:4d:
         9b:33:28:29:79:19:62:ca:42:37:cd:10:6a:e5:f9:af:bb:68:
         d2:81:e5:3c:06:df:38:a3:85:ea:24:41:14:1d:f8:26:0c:b4:
         e4:7b:7a:3c:42:76:92:e9:d4:23:f3:da:d6:2e:7b:c3:f6:5d:
         4e:33:75:ce:ec:86:bb:69:a6:d0:83:82:07:0f:3d:21:cc:80:
         14:7a:93:d6:a8:2b:93:c5:5a:bd:d8:d0:b4:b0:c7:43:96:87:
         4e:44:9f:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055UUoUKwGBz29uynXqCt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2NmMWYzNGUyZjAxMGI5MDJkYzE0MjQ1NWI2YmI3MzI2
Y2YwOGQwHhcNMjYwMzI5MTQwMDE5WhcNMjYwMzMwMTQwMDE5WjAzMTEwLwYDVQQD
EyhkZDc0ZDc5MWI3ZmY3MmU3YTBhZWJmNWFmYTU3YzA1YjJjOTM3M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLHP+7W0mUDUBqWexDMsOvWKsVFK
ovHTq3NLJFJNgZSIMk2+LKwphJeKIWr40N380SwxxJ6lgRzL6mp1BasMOeheXrXO
/aaAjRRViwd5WJcBENojde+G/+pEZKfd+SMHr6fQq7ejB41mw723aOzzObFLx+zX
lURwwQk7vzB7bpISXofYe5b5hc7xJ+NKDwimAKcWDzafWKqUypXleLCO8as35Sn3
+eNe1Tna6g/4bjMo7Lk1r7RnLVhso2FmEpSfA+9xlZbad1479Na6rp1Bp6xx7TB4
yD2yjaMmuOArl7kNf4wd+Tu3HQ/mly7bhAQq/CKIlcZcUvxifJTWROkqfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1015G3/3LnoK6/WvpXwFssk3PrMB8GA1UdIwQY
MBaAFCZ88fNOLwELkC3BQkVba7cybPCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgt
MDExYjQ1MWI0NWI0LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85MWJjZDgtYTFmNy00ZmIxLWIyODgtMDExYjQ1MWI0NWI0
LzEvSm56eDgwNHZBUXVRTGNGQ1JWdHJ0ekpzOEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT54U/n/W
zr4ShcqgLJ/8RwFtioBtNTYCNz+KHFqo3IFnPAcGCC9A8s3QzKMAEPQoWCdjc12C
5g0kk+vvAB7bVxcn+FfCWQS1Ej0q9MvtU049zTBKzdBh/91HX5GorrENiqoUMWI2
M+v0AyWre+2dY4sljyRRa6PCbej9W1k8Iimrbk36S4TaNh8PVTSn1YIhOmpcqoIM
vqRUG1GeFRLhm5RNmzMoKXkZYspCN80QauX5r7to0oHlPAbfOKOF6iRBFB34Jgy0
5Ht6PEJ2kunUI/Pa1i57w/ZdTjN1zuyGu2mm0IOCBw89IcyAFHqT1qgrk8VavdjQ
tLDHQ5aHTkSfRQ==
-----END CERTIFICATE-----