Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          Kmc66/+eLv8OsuOVV8oZRnT2jqINNnGU98Itnbph77c=
Subject key identifier:   3A:81:0B:5F:F9:FB:77:0A:ED:22:E6:97:E3:C5:E4:C2:28:67:3B:C3
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019A730121B96F17A9E7F455758D8F541D6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0DB3
Signing time:             Tue 11 Nov 2025 13:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:45 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: sT0UUYJoKDLIPi6QQQLcydaZxgzaY4g5SoqwCKtMUwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:21:b9:6f:17:a9:e7:f4:55:75:8d:8f:54:1d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Nov 11 13:00:45 2025 GMT
            Not After : Nov 12 13:00:45 2025 GMT
        Subject: CN=3a810b5ff9fb770aed22e697e3c5e4c228673bc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:21:9c:ba:4b:e1:40:c9:3c:35:5f:da:12:73:
                    a5:76:12:65:e8:84:48:aa:81:e8:0c:73:f7:ba:5b:
                    bd:50:f0:0d:25:30:f1:38:90:de:bd:74:47:6a:b2:
                    38:ba:07:3d:91:5c:90:55:a3:00:07:f3:2c:a1:5f:
                    84:58:19:95:c9:70:29:1e:a1:5c:4d:87:63:c1:77:
                    0b:24:46:e7:8a:10:8f:b1:0f:cf:33:33:6d:24:0f:
                    c4:60:d9:3d:3e:5d:ab:c2:83:e7:34:ed:81:2b:35:
                    45:dd:c8:16:3f:ef:96:68:c6:e0:5f:ae:39:ce:fb:
                    92:83:52:60:36:73:6d:b3:00:c2:f1:c9:e6:06:90:
                    78:e3:8c:d4:34:07:08:d7:49:d6:9d:65:70:4a:89:
                    95:6d:76:dd:f9:a2:da:b0:ca:8e:5a:25:20:c7:68:
                    9c:f4:0d:44:d0:46:59:d3:c1:1a:8b:3d:d6:e3:0c:
                    5d:19:1f:36:37:65:ea:2a:12:91:93:cb:de:1d:af:
                    5e:0d:c4:8f:08:03:28:9d:bf:7c:28:fb:11:a5:ed:
                    35:79:56:5e:1a:ba:12:a8:a0:cf:a8:38:23:38:1b:
                    75:05:57:40:e8:bc:fc:d9:4c:d3:58:f9:8f:99:13:
                    2d:37:3c:ac:e8:3f:b4:a1:26:a5:67:b8:b0:72:bb:
                    5f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:81:0B:5F:F9:FB:77:0A:ED:22:E6:97:E3:C5:E4:C2:28:67:3B:C3
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:b0:11:29:54:b9:92:19:dd:be:e2:96:48:6d:4f:6e:aa:04:
         d9:cc:15:d2:74:a9:51:ae:d2:7c:5b:b7:dc:dd:83:ec:09:3b:
         b7:94:57:f2:af:1a:ca:83:d9:d5:b4:c9:da:69:7c:76:5d:37:
         cd:bc:06:4c:ba:fb:c0:ac:38:56:02:cb:0c:39:40:5b:ff:38:
         bb:9e:5f:04:aa:87:32:04:a5:42:aa:f6:93:5d:eb:00:33:dd:
         87:e7:3f:5f:41:26:3a:fa:aa:ca:af:85:ac:ee:42:5c:46:8e:
         af:db:f6:0d:87:95:95:c7:7e:bd:19:cb:f6:6d:cb:40:6b:7d:
         53:2b:03:fb:10:9c:33:62:9c:96:97:82:db:6e:e4:41:71:e3:
         5f:ed:cc:21:3e:fd:08:0b:ff:4b:58:c7:e1:1d:d8:d9:d8:16:
         36:1d:b8:98:42:00:64:09:f9:7a:7e:08:a6:4c:35:74:09:f9:
         7f:a5:bb:dc:44:27:78:4b:f2:5e:37:c3:ce:d8:27:29:cb:5c:
         05:29:42:68:03:2c:fb:14:cd:08:d2:1c:9b:8a:b2:46:2e:45:
         61:e2:c2:d4:e9:16:c6:9d:5e:35:3b:4d:48:69:6d:11:9c:8a:
         3d:bb:22:34:eb:04:8d:46:36:c8:5a:5e:83:03:3d:fc:83:35:
         a3:3b:67:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzASG5bxep5/RVdY2PVB1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUxMTExMTMwMDQ1WhcNMjUxMTEyMTMwMDQ1WjAzMTEwLwYDVQQD
EygzYTgxMGI1ZmY5ZmI3NzBhZWQyMmU2OTdlM2M1ZTRjMjI4NjczYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SGcukvhQMk8NV/aEnOldhJl6IRI
qoHoDHP3ulu9UPANJTDxOJDevXRHarI4ugc9kVyQVaMAB/MsoV+EWBmVyXApHqFc
TYdjwXcLJEbnihCPsQ/PMzNtJA/EYNk9Pl2rwoPnNO2BKzVF3cgWP++WaMbgX645
zvuSg1JgNnNtswDC8cnmBpB444zUNAcI10nWnWVwSomVbXbd+aLasMqOWiUgx2ic
9A1E0EZZ08Eaiz3W4wxdGR82N2XqKhKRk8veHa9eDcSPCAMonb98KPsRpe01eVZe
GroSqKDPqDgjOBt1BVdA6Lz82UzTWPmPmRMtNzys6D+0oSalZ7iwcrtf6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqBC1/5+3cK7SLml+PF5MIoZzvDMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeLARKVS5
khndvuKWSG1PbqoE2cwV0nSpUa7SfFu33N2D7Ak7t5RX8q8ayoPZ1bTJ2ml8dl03
zbwGTLr7wKw4VgLLDDlAW/84u55fBKqHMgSlQqr2k13rADPdh+c/X0EmOvqqyq+F
rO5CXEaOr9v2DYeVlcd+vRnL9m3LQGt9UysD+xCcM2KclpeC227kQXHjX+3MIT79
CAv/S1jH4R3Y2dgWNh24mEIAZAn5en4Ipkw1dAn5f6W73EQneEvyXjfDztgnKctc
BSlCaAMs+xTNCNIcm4qyRi5FYeLC1OkWxp1eNTtNSGltEZyKPbsiNOsEjUY2yFpe
gwM9/IM1oztnUw==
-----END CERTIFICATE-----