Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          rt7BwHsdnn8pOt7FW/B3KwiHBGMzY0o1xnga2s/zs0c=
Subject key identifier:   B9:BD:41:99:71:86:B3:B6:A7:3E:2A:40:91:CC:29:0E:59:5E:40:B3
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       019D386628975D522ABBF886633C55686A3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          15CE
Signing time:             Sun 29 Mar 2026 07:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:52 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: NV2lU0Bf2JhV9f+OpE3R9DElw4VBhl0Ojwp5xA4fo6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:28:97:5d:52:2a:bb:f8:86:63:3c:55:68:6a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Mar 29 07:01:52 2026 GMT
            Not After : Mar 30 07:01:52 2026 GMT
        Subject: CN=b9bd41997186b3b6a73e2a4091cc290e595e40b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:f7:18:4f:6a:14:b5:48:af:58:3f:0a:e8:58:
                    6e:d3:93:90:2b:4e:d3:df:ad:62:08:30:d1:fa:73:
                    01:f0:26:3e:29:e3:13:4c:54:e8:a0:72:aa:eb:ea:
                    72:7b:78:6f:22:71:ac:fa:3f:95:d8:b9:e0:cf:75:
                    6c:ba:67:8c:72:48:67:34:6b:a0:24:8f:5a:c5:ce:
                    c7:81:90:77:72:fc:9f:15:f5:38:5f:d6:ab:c9:1b:
                    84:b7:34:e2:4c:09:c5:df:da:b3:d3:32:b4:a2:0b:
                    46:41:1b:1e:29:79:a5:2c:29:ce:f5:83:73:c4:94:
                    e9:e9:8c:09:71:89:20:47:5a:d3:63:7f:ca:ed:25:
                    0b:09:59:bd:82:13:45:9f:d7:d7:4f:2d:8d:98:a3:
                    35:50:e5:ff:c8:85:3a:aa:00:c4:62:1b:94:0f:1a:
                    07:14:97:bc:a5:04:63:20:5e:ce:3b:8c:c7:34:31:
                    87:4d:6c:fe:db:d0:c4:61:8e:4c:14:52:ab:dd:09:
                    d9:3b:9d:4a:27:61:a9:f1:ee:a9:5a:6c:10:08:dc:
                    31:0a:03:08:b7:65:2a:cc:ef:5f:5d:73:51:85:38:
                    d0:87:10:82:91:af:c3:99:c5:4e:ce:d5:91:b1:97:
                    ca:f2:ae:7b:27:d8:80:2f:60:b9:78:cd:79:2b:26:
                    da:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:BD:41:99:71:86:B3:B6:A7:3E:2A:40:91:CC:29:0E:59:5E:40:B3
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:ea:68:94:be:b6:be:34:dd:44:f1:dd:be:8f:cb:38:4d:b6:
         17:1e:da:35:16:6b:4f:2a:fe:d3:51:bb:ba:fa:ce:89:2a:79:
         64:72:13:37:63:b4:00:98:6a:98:65:dd:27:a5:e5:33:f7:81:
         6f:e4:ec:01:23:63:fd:9e:3d:17:cb:7f:4e:8b:05:15:56:c8:
         02:ad:ee:4a:19:43:cc:6a:06:de:c1:7f:34:3c:ab:f6:c7:8e:
         34:ce:c7:48:75:61:b0:3d:c3:dd:43:64:0f:f6:c7:a2:d3:41:
         51:f0:51:39:9b:49:12:67:71:fe:1b:e7:de:f0:4b:9e:cf:1f:
         b2:ca:c5:25:10:54:31:f8:2e:50:57:aa:e1:f7:f8:a6:f0:01:
         aa:f6:a8:7b:96:01:9e:0d:6f:20:51:d1:9d:c1:28:48:a4:55:
         95:52:01:b4:42:89:b4:5f:6b:92:d1:68:be:53:43:f2:61:45:
         58:5b:49:f3:55:84:0a:ff:ca:54:d5:0b:19:68:56:c1:77:f7:
         a2:20:c9:df:94:d0:6e:a6:91:2f:30:99:10:c1:28:f9:3a:f8:
         18:7c:5e:2b:ae:b4:f0:fe:e7:c1:44:7d:81:8a:57:1d:13:a4:
         cc:86:73:c3:65:df:b8:56:28:84:c4:10:35:38:d0:63:bd:72:
         a7:97:3d:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiiXXVIqu/iGYzxVaGo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjYwMzI5MDcwMTUyWhcNMjYwMzMwMDcwMTUyWjAzMTEwLwYDVQQD
EyhiOWJkNDE5OTcxODZiM2I2YTczZTJhNDA5MWNjMjkwZTU5NWU0MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fcYT2oUtUivWD8K6Fhu05OQK07T
361iCDDR+nMB8CY+KeMTTFTooHKq6+pye3hvInGs+j+V2Lngz3VsumeMckhnNGug
JI9axc7HgZB3cvyfFfU4X9aryRuEtzTiTAnF39qz0zK0ogtGQRseKXmlLCnO9YNz
xJTp6YwJcYkgR1rTY3/K7SULCVm9ghNFn9fXTy2NmKM1UOX/yIU6qgDEYhuUDxoH
FJe8pQRjIF7OO4zHNDGHTWz+29DEYY5MFFKr3QnZO51KJ2Gp8e6pWmwQCNwxCgMI
t2UqzO9fXXNRhTjQhxCCka/DmcVOztWRsZfK8q57J9iAL2C5eM15Kyba7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLm9QZlxhrO2pz4qQJHMKQ5ZXkCzMB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo+polL62
vjTdRPHdvo/LOE22Fx7aNRZrTyr+01G7uvrOiSp5ZHITN2O0AJhqmGXdJ6XlM/eB
b+TsASNj/Z49F8t/TosFFVbIAq3uShlDzGoG3sF/NDyr9seONM7HSHVhsD3D3UNk
D/bHotNBUfBROZtJEmdx/hvn3vBLns8fssrFJRBUMfguUFeq4ff4pvABqvaoe5YB
ng1vIFHRncEoSKRVlVIBtEKJtF9rktFovlND8mFFWFtJ81WECv/KVNULGWhWwXf3
oiDJ35TQbqaRLzCZEMEo+Tr4GHxeK6608P7nwUR9gYpXHROkzIZzw2XfuFYohMQQ
NTjQY71yp5c94g==
-----END CERTIFICATE-----