Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          6EJTO6fzRtbPLLJgUKzPeG/qy7MwoGA2crFCBQOvM9o=
Subject key identifier:   74:1B:18:28:17:62:63:F0:E9:AC:F3:10:F1:8E:7F:63:D7:22:1A:62
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019922FABC847147E5FC2433AC8A119B863C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0D05
Signing time:             Sun 07 Sep 2025 07:01:21 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:21 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:21 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: Kh2BMukW3Fb47WDRq2YJByMpEUDTfpdTP7Ex054u++g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:bc:84:71:47:e5:fc:24:33:ac:8a:11:9b:86:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Sep  7 07:01:21 2025 GMT
            Not After : Sep  8 07:01:21 2025 GMT
        Subject: CN=741b1828176263f0e9acf310f18e7f63d7221a62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e9:e6:22:5a:cc:27:c1:6f:3a:31:8d:2e:94:
                    6f:23:4d:20:d0:e1:7f:c4:93:04:b8:7a:d0:da:37:
                    6d:41:63:35:92:d4:ee:d2:4f:b0:2f:69:92:ce:d1:
                    1c:2e:98:2f:58:ad:ca:99:d9:b2:4a:11:dc:41:8e:
                    8a:e0:ee:2c:6b:68:a0:8b:2e:7c:ae:e8:1e:9b:2a:
                    68:f9:39:40:77:4f:08:e8:23:d6:ed:0b:de:09:0e:
                    61:c1:f5:8d:ee:47:73:e0:0b:3c:d0:d2:8f:46:0b:
                    73:e0:67:2d:23:81:a6:c0:6f:5c:40:f3:22:e2:b2:
                    f0:79:4e:ae:a3:85:19:d9:b5:5d:98:71:a8:4b:19:
                    33:02:e1:fa:35:f9:5c:6c:77:a5:4e:67:57:0c:80:
                    95:a0:19:14:53:52:25:3c:4b:53:59:b7:2f:cf:1e:
                    dd:cd:61:76:3f:9f:b3:b3:73:af:c7:ae:c9:61:8d:
                    06:99:16:9b:ed:0d:5a:f8:f3:b6:3c:55:a5:e3:f8:
                    73:87:c4:5d:f0:13:d3:bb:da:0d:78:60:1e:3c:f3:
                    62:ce:bb:54:b2:a7:d5:f5:dd:dd:da:bf:b8:4f:b7:
                    0c:8f:b1:71:6e:07:b0:e0:e3:3a:22:8f:2b:d8:a7:
                    e9:1d:81:ed:d2:62:d2:ad:5d:66:c2:e9:60:19:32:
                    c1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:1B:18:28:17:62:63:F0:E9:AC:F3:10:F1:8E:7F:63:D7:22:1A:62
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:ae:92:b8:47:59:d4:af:36:b2:16:b3:5c:b5:8e:38:6f:be:
         b1:8e:d1:80:70:37:9d:f4:f8:f5:59:ca:93:f7:19:6d:6d:0a:
         fe:6d:a8:ff:ea:c3:ef:25:c0:61:0b:3a:96:d0:3e:6e:ce:33:
         e0:65:a0:b3:60:4e:ca:92:b7:69:26:d5:b2:42:0b:f0:b7:d8:
         7f:20:a2:e0:22:1d:04:92:26:d0:82:f5:00:57:55:17:61:be:
         9b:d2:bb:70:5d:b9:83:01:94:a0:6a:f3:13:8a:31:a5:48:f6:
         3a:36:91:ab:28:71:18:72:60:40:a9:b3:d9:d5:66:c1:18:2a:
         eb:8c:54:19:90:97:b2:f5:0b:95:9c:1e:a8:67:ba:1f:41:02:
         f4:33:17:6f:4c:e3:cf:b8:f0:87:a3:ae:2d:b5:37:86:ab:46:
         16:64:d7:5f:dd:e7:2c:f4:77:76:b3:da:0f:67:10:8c:27:a8:
         bd:83:8a:24:dd:cd:08:7c:e3:d7:b2:b9:18:d6:ba:09:af:92:
         77:e2:4e:19:e4:64:1b:b1:ec:36:f5:a5:4e:67:75:c7:d3:54:
         bd:14:f3:e9:e2:28:04:5e:79:be:22:71:4c:8b:b5:52:58:5c:
         35:31:02:67:62:c8:0a:89:8d:c7:af:83:b1:57:b3:42:2e:5b:
         5f:26:ba:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+ryEcUfl/CQzrIoRm4Y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwOTA3MDcwMTIxWhcNMjUwOTA4MDcwMTIxWjAzMTEwLwYDVQQD
Eyg3NDFiMTgyODE3NjI2M2YwZTlhY2YzMTBmMThlN2Y2M2Q3MjIxYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+nmIlrMJ8FvOjGNLpRvI00g0OF/
xJMEuHrQ2jdtQWM1ktTu0k+wL2mSztEcLpgvWK3KmdmyShHcQY6K4O4sa2igiy58
rugemypo+TlAd08I6CPW7QveCQ5hwfWN7kdz4As80NKPRgtz4GctI4GmwG9cQPMi
4rLweU6uo4UZ2bVdmHGoSxkzAuH6NflcbHelTmdXDICVoBkUU1IlPEtTWbcvzx7d
zWF2P5+zs3Ovx67JYY0GmRab7Q1a+PO2PFWl4/hzh8Rd8BPTu9oNeGAePPNizrtU
sqfV9d3d2r+4T7cMj7Fxbgew4OM6Io8r2KfpHYHt0mLSrV1mwulgGTLBmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQbGCgXYmPw6azzEPGOf2PXIhpiMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGq6SuEdZ
1K82shazXLWOOG++sY7RgHA3nfT49VnKk/cZbW0K/m2o/+rD7yXAYQs6ltA+bs4z
4GWgs2BOypK3aSbVskIL8LfYfyCi4CIdBJIm0IL1AFdVF2G+m9K7cF25gwGUoGrz
E4oxpUj2OjaRqyhxGHJgQKmz2dVmwRgq64xUGZCXsvULlZweqGe6H0EC9DMXb0zj
z7jwh6OuLbU3hqtGFmTXX93nLPR3drPaD2cQjCeovYOKJN3NCHzj17K5GNa6Ca+S
d+JOGeRkG7HsNvWlTmd1x9NUvRTz6eIoBF55viJxTIu1UlhcNTECZ2LIComNx6+D
sVezQi5bXya60Q==
-----END CERTIFICATE-----