Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          71CW+ymGQM3YDWU1JGaJpfJUECjenJDp+zsLY7m3o/s=
Subject key identifier:   5A:D9:3E:22:A3:35:1E:3F:0C:A4:C9:7D:9D:14:26:41:5F:46:2F:74
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       019D3909CE0B9ED49B26D872CD6F6C541402
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          0A2F
Signing time:             Sun 29 Mar 2026 10:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:36 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: UE1f2mXY0/dQhF+NU/IzhEcsE5O+xIeaBqkCTFGHmLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:ce:0b:9e:d4:9b:26:d8:72:cd:6f:6c:54:14:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Mar 29 10:00:36 2026 GMT
            Not After : Mar 30 10:00:36 2026 GMT
        Subject: CN=5ad93e22a3351e3f0ca4c97d9d1426415f462f74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4b:aa:47:d7:ef:2d:8f:88:ac:df:da:fe:bf:
                    43:c3:7e:cd:86:6c:7c:97:f4:4f:06:54:38:cc:0d:
                    0e:8f:54:9e:d2:ca:75:42:66:c8:e6:55:c3:bf:7d:
                    8d:85:0d:9e:ad:0c:84:d0:0c:22:91:fd:b0:e8:82:
                    48:b9:ee:80:41:f6:3e:4f:e3:b0:60:03:a6:5a:9f:
                    1b:24:10:98:28:53:11:2f:f7:23:60:d1:c7:77:6b:
                    86:0e:63:fe:60:34:41:92:3a:a8:a5:00:ff:9a:a0:
                    26:6e:b2:57:c6:92:88:9e:ba:3e:55:3b:31:a9:0a:
                    b5:5d:d6:5b:49:49:70:6f:e3:dc:74:c8:5a:5a:be:
                    8e:b4:f7:0d:b5:bc:d8:7c:69:9c:c1:11:12:01:85:
                    89:a8:ef:ae:55:b0:49:6f:11:1a:ae:dd:53:2e:4b:
                    60:c8:f4:e8:c9:3a:ee:65:f0:ad:08:7c:e2:64:29:
                    6e:08:95:61:f5:dd:15:18:94:ff:7a:bc:13:27:28:
                    88:39:e2:3b:bb:c9:c1:7c:ad:e5:cf:15:46:9a:98:
                    fc:ae:21:3f:63:b4:20:63:78:64:a1:21:6e:67:c9:
                    15:c7:66:1f:99:e8:98:68:b7:f3:f8:98:7d:f8:35:
                    d9:3c:d8:93:84:06:19:34:2b:62:3e:85:1b:4c:cf:
                    21:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:D9:3E:22:A3:35:1E:3F:0C:A4:C9:7D:9D:14:26:41:5F:46:2F:74
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e4:74:27:d2:bd:de:28:4f:74:66:4c:c3:37:35:1d:00:37:
         1f:92:ae:75:48:60:54:5b:c3:98:14:6f:91:79:9d:42:2b:bf:
         f6:fc:e6:ec:1e:40:dd:d8:58:6c:60:f0:bf:b2:62:e1:aa:4e:
         6e:f3:e8:d1:5e:1e:d3:72:bd:7a:1a:62:15:17:58:fb:4d:5b:
         9a:16:e5:a4:9e:d8:11:ab:72:39:e6:87:61:6d:00:37:3c:3e:
         d7:be:6c:28:cd:72:e9:3e:28:08:f2:36:53:87:ae:e2:d4:69:
         6e:c4:c6:d2:9c:df:96:20:6b:c7:40:bf:fb:97:42:4e:d5:70:
         55:6d:ad:45:5b:b0:29:8b:22:9e:8c:aa:d9:a4:1a:8a:b1:a4:
         50:ce:ee:c6:af:72:8c:ee:fb:4b:6d:25:71:55:03:b0:cc:d0:
         eb:aa:07:05:9e:51:53:48:40:c0:85:47:71:54:e4:90:59:9a:
         48:8d:52:44:ee:6d:b7:31:a1:f1:1e:5a:72:0d:4b:2e:89:32:
         ba:35:a2:55:10:53:80:69:3c:c4:d7:55:79:ef:dc:eb:71:17:
         6c:49:3c:7a:7a:0d:72:86:20:03:76:79:3d:1b:9c:95:bf:22:
         f7:ee:e7:4c:90:47:33:9e:e3:ad:d2:c3:1f:59:d2:cd:84:ed:
         f2:11:39:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cc4LntSbJthyzW9sVBQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjYwMzI5MTAwMDM2WhcNMjYwMzMwMTAwMDM2WjAzMTEwLwYDVQQD
Eyg1YWQ5M2UyMmEzMzUxZTNmMGNhNGM5N2Q5ZDE0MjY0MTVmNDYyZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUuqR9fvLY+IrN/a/r9Dw37Nhmx8
l/RPBlQ4zA0Oj1Se0sp1QmbI5lXDv32NhQ2erQyE0Awikf2w6IJIue6AQfY+T+Ow
YAOmWp8bJBCYKFMRL/cjYNHHd2uGDmP+YDRBkjqopQD/mqAmbrJXxpKInro+VTsx
qQq1XdZbSUlwb+PcdMhaWr6OtPcNtbzYfGmcwRESAYWJqO+uVbBJbxEart1TLktg
yPToyTruZfCtCHziZCluCJVh9d0VGJT/erwTJyiIOeI7u8nBfK3lzxVGmpj8riE/
Y7QgY3hkoSFuZ8kVx2YfmeiYaLfz+Jh9+DXZPNiThAYZNCtiPoUbTM8hDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrZPiKjNR4/DKTJfZ0UJkFfRi90MB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuR0J9K9
3ihPdGZMwzc1HQA3H5KudUhgVFvDmBRvkXmdQiu/9vzm7B5A3dhYbGDwv7Ji4apO
bvPo0V4e03K9ehpiFRdY+01bmhblpJ7YEatyOeaHYW0ANzw+175sKM1y6T4oCPI2
U4eu4tRpbsTG0pzfliBrx0C/+5dCTtVwVW2tRVuwKYsinoyq2aQairGkUM7uxq9y
jO77S20lcVUDsMzQ66oHBZ5RU0hAwIVHcVTkkFmaSI1SRO5ttzGh8R5acg1LLoky
ujWiVRBTgGk8xNdVee/c63EXbEk8enoNcoYgA3Z5PRuclb8i9+7nTJBHM57jrdLD
H1nSzYTt8hE5zg==
-----END CERTIFICATE-----