Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          IxGqrcPb7ACfpfmXDNrxAsEsxgKEWsxwR9SPjY2910I=
Subject key identifier:   31:98:3A:98:0E:07:DD:4C:7B:0F:8F:DE:B6:65:FD:E8:BE:D6:95:6E
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019D39AF2F03C67F07AF7A5D25FB4B0BE221
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0F23
Signing time:             Sun 29 Mar 2026 13:01:15 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:15 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:15 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: 8Vf+ppAEW15PuhdWB6yzMXDs6CYLXIR/nIBliZw3n08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:2f:03:c6:7f:07:af:7a:5d:25:fb:4b:0b:e2:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Mar 29 13:01:15 2026 GMT
            Not After : Mar 30 13:01:15 2026 GMT
        Subject: CN=31983a980e07dd4c7b0f8fdeb665fde8bed6956e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:cf:f9:b6:7f:64:e8:1d:21:63:32:a5:a6:10:
                    e9:9b:9c:0a:94:98:0c:66:3a:02:54:19:9a:bd:a3:
                    c5:c5:a1:eb:1e:42:be:50:35:ac:4d:b0:c3:73:a7:
                    68:fe:3b:79:94:ef:00:93:65:31:15:01:d0:ee:18:
                    ff:c9:98:da:0f:61:63:61:53:f9:bf:c2:f3:64:a0:
                    6e:86:12:b4:6c:9c:44:87:c6:bc:a0:c7:d5:84:94:
                    e0:b8:62:9b:e6:59:f3:90:f1:0b:13:ae:c5:2e:ae:
                    5b:28:4c:69:10:fb:fe:07:49:45:c8:df:cf:fe:f7:
                    ea:f9:90:9a:e6:8a:ce:c5:f1:33:bf:fc:68:61:43:
                    5f:3e:a9:d0:0b:6c:54:a2:a3:46:2d:36:06:9f:67:
                    cb:9e:40:31:27:1f:18:11:5c:94:aa:80:d1:03:8d:
                    f0:c0:f9:a7:57:72:01:bf:df:11:cc:fc:7d:e4:54:
                    64:bb:96:eb:47:a6:b3:70:81:f7:36:8a:d4:70:ed:
                    ee:9f:10:8b:17:97:29:c3:35:53:4e:fb:ab:24:ac:
                    54:9d:e6:0e:bb:ec:0e:b8:4a:37:0a:a5:b7:70:b6:
                    c1:79:00:cd:9c:d7:da:82:17:3a:00:d6:90:17:bd:
                    18:30:b3:4d:88:99:46:d9:f4:76:3f:09:b5:4e:98:
                    02:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:98:3A:98:0E:07:DD:4C:7B:0F:8F:DE:B6:65:FD:E8:BE:D6:95:6E
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:77:0f:7f:0f:5a:af:f8:08:f5:a6:c6:f1:c8:a4:a4:6d:42:
         a2:4a:5b:b1:b3:64:7c:37:90:e3:b4:77:df:20:7a:02:10:b3:
         b4:80:63:92:99:2b:ea:c5:1a:79:f0:16:b0:21:6c:75:8e:ae:
         ac:c7:cc:33:5b:36:d7:a4:04:0f:ec:9c:44:00:25:10:7f:9c:
         d2:f0:a7:05:a5:43:0b:56:1a:a8:6e:e3:1c:14:d9:a2:4f:a8:
         7a:4b:eb:36:83:62:60:00:dc:76:bd:77:05:4f:da:7d:03:0a:
         53:c2:9c:7f:81:3b:e7:cf:01:d1:af:aa:a6:e1:9d:9b:6b:61:
         00:84:73:d1:d8:0a:d1:69:73:1f:97:60:4e:8d:d7:f5:61:39:
         16:54:3d:1e:04:b8:3e:ed:d6:11:fd:0a:cb:6a:84:28:e1:bf:
         c6:30:0f:dc:9c:eb:81:d3:8d:bd:2b:a9:b4:da:f8:34:f8:c6:
         bd:fb:85:25:b8:4c:cd:44:b8:bb:90:89:6c:c8:ba:9a:3a:5b:
         56:81:3e:6d:7d:15:25:48:a7:6e:c4:a8:62:8a:2d:75:60:28:
         63:85:59:c4:43:81:3f:1e:54:90:9e:dc:d1:0e:67:fd:ad:57:
         df:de:67:49:5b:d4:f0:71:5a:a0:f2:f8:e0:84:25:a0:22:2c:
         ec:fe:f9:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ry8Dxn8Hr3pdJftLC+IhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjYwMzI5MTMwMTE1WhcNMjYwMzMwMTMwMTE1WjAzMTEwLwYDVQQD
EygzMTk4M2E5ODBlMDdkZDRjN2IwZjhmZGViNjY1ZmRlOGJlZDY5NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8/5tn9k6B0hYzKlphDpm5wKlJgM
ZjoCVBmavaPFxaHrHkK+UDWsTbDDc6do/jt5lO8Ak2UxFQHQ7hj/yZjaD2FjYVP5
v8LzZKBuhhK0bJxEh8a8oMfVhJTguGKb5lnzkPELE67FLq5bKExpEPv+B0lFyN/P
/vfq+ZCa5orOxfEzv/xoYUNfPqnQC2xUoqNGLTYGn2fLnkAxJx8YEVyUqoDRA43w
wPmnV3IBv98RzPx95FRku5brR6azcIH3NorUcO3unxCLF5cpwzVTTvurJKxUneYO
u+wOuEo3CqW3cLbBeQDNnNfaghc6ANaQF70YMLNNiJlG2fR2Pwm1TpgCJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGYOpgOB91Mew+P3rZl/ei+1pVuMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXcPfw9a
r/gI9abG8cikpG1CokpbsbNkfDeQ47R33yB6AhCztIBjkpkr6sUaefAWsCFsdY6u
rMfMM1s216QED+ycRAAlEH+c0vCnBaVDC1YaqG7jHBTZok+oekvrNoNiYADcdr13
BU/afQMKU8Kcf4E7588B0a+qpuGdm2thAIRz0dgK0WlzH5dgTo3X9WE5FlQ9HgS4
Pu3WEf0Ky2qEKOG/xjAP3JzrgdONvSuptNr4NPjGvfuFJbhMzUS4u5CJbMi6mjpb
VoE+bX0VJUinbsSoYootdWAoY4VZxEOBPx5UkJ7c0Q5n/a1X395nSVvU8HFaoPL4
4IQloCIs7P75KA==
-----END CERTIFICATE-----