Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          B8mjMe0nWnBP+bP9DtAOEPCPfZVB01pPVqsVqT+T3iQ=
Subject key identifier:   2B:64:E0:8F:01:BC:34:27:90:A0:5D:E7:DB:D3:19:68:85:33:3F:9B
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       019D39AEACA526549CEBDA61C6D9FE5CC5F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          1079
Signing time:             Sun 29 Mar 2026 13:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:41 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: jt3d5sU5906ZGZBoIIO1EhPG4ym2Tj5xwkpCUFOuaZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:ac:a5:26:54:9c:eb:da:61:c6:d9:fe:5c:c5:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Mar 29 13:00:41 2026 GMT
            Not After : Mar 30 13:00:41 2026 GMT
        Subject: CN=2b64e08f01bc342790a05de7dbd3196885333f9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:77:53:ac:23:45:61:a5:74:31:6d:bc:48:ec:
                    99:19:2e:3e:e0:06:ea:9c:46:bc:2a:fe:29:d4:39:
                    9e:35:55:15:d1:d0:7a:28:fc:86:72:b1:89:d8:56:
                    56:ae:5f:c9:d6:fc:90:7c:44:68:2b:87:09:e9:76:
                    d5:34:94:23:42:e0:3d:2d:68:34:b7:ce:69:1d:f8:
                    dc:37:bf:54:3b:3c:c3:dd:8f:db:64:9c:8d:fc:62:
                    36:8e:52:d7:cd:9f:24:76:1c:d2:23:c9:df:25:4e:
                    38:8a:20:fd:19:38:7c:f2:23:49:80:c8:3d:90:b6:
                    04:02:78:32:62:8f:66:24:ca:fa:d0:11:8f:25:19:
                    85:32:3c:5b:52:48:8d:22:49:07:7d:f7:47:85:51:
                    6f:a6:1c:a2:1c:ba:dc:f8:18:23:76:9d:7e:7e:0e:
                    07:f2:ac:8d:f9:3f:23:5c:85:ce:94:b4:26:c6:1c:
                    5a:72:27:b7:4b:22:34:2c:92:76:f0:e8:98:e3:3e:
                    89:72:a4:dc:3f:2a:d2:d4:3a:df:cb:75:47:f7:ef:
                    40:69:45:16:1c:f3:e6:09:ac:f7:3b:49:26:0a:84:
                    e0:cb:12:fc:3f:77:ff:22:fc:be:87:65:a7:88:ff:
                    1a:73:7c:53:85:6e:ed:70:e5:a5:b0:48:11:ff:81:
                    44:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:64:E0:8F:01:BC:34:27:90:A0:5D:E7:DB:D3:19:68:85:33:3F:9B
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:77:66:82:a5:21:c3:2b:0f:39:da:1b:75:5d:c2:a2:4d:09:
         7a:18:93:b5:14:30:1d:c6:a1:b8:f9:f9:2e:d7:d0:ab:be:45:
         03:91:b3:bd:48:1d:ab:fc:3a:09:59:9e:d1:ca:bc:60:b7:76:
         d9:30:80:2b:02:3c:56:30:5b:81:ea:b8:9d:34:b7:ac:d1:93:
         fc:91:f9:cb:e6:60:38:ad:ab:fe:9e:5b:36:c2:91:ce:36:ec:
         71:1a:9b:3b:f3:79:be:7e:29:77:ff:dd:72:90:69:e5:41:d4:
         70:55:eb:45:e8:2e:e8:eb:6b:a3:e9:0e:88:f5:82:b4:6e:64:
         0e:8e:83:72:89:39:7b:4a:89:9e:53:b6:f3:60:31:3f:d7:64:
         83:f7:82:39:93:24:23:9c:39:b0:84:01:74:2a:4f:46:87:60:
         4b:0e:be:76:6e:8c:1b:97:c4:6d:a9:d9:5e:3a:21:b8:97:f9:
         94:f9:95:b6:97:39:fb:bd:96:c9:76:25:76:f1:aa:2b:86:07:
         d9:f2:ba:95:26:1d:c2:b5:cd:9f:d5:fc:49:61:46:f2:83:2c:
         91:59:7c:14:e1:ed:24:8f:95:0e:c9:02:ac:17:fb:5b:11:f4:
         46:f0:20:8e:d8:62:09:1f:1d:b7:5d:af:54:4a:20:2c:18:12:
         ab:d8:0f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rqylJlSc69phxtn+XMX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjYwMzI5MTMwMDQxWhcNMjYwMzMwMTMwMDQxWjAzMTEwLwYDVQQD
EygyYjY0ZTA4ZjAxYmMzNDI3OTBhMDVkZTdkYmQzMTk2ODg1MzMzZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXdTrCNFYaV0MW28SOyZGS4+4Abq
nEa8Kv4p1DmeNVUV0dB6KPyGcrGJ2FZWrl/J1vyQfERoK4cJ6XbVNJQjQuA9LWg0
t85pHfjcN79UOzzD3Y/bZJyN/GI2jlLXzZ8kdhzSI8nfJU44iiD9GTh88iNJgMg9
kLYEAngyYo9mJMr60BGPJRmFMjxbUkiNIkkHffdHhVFvphyiHLrc+Bgjdp1+fg4H
8qyN+T8jXIXOlLQmxhxacie3SyI0LJJ28OiY4z6JcqTcPyrS1Drfy3VH9+9AaUUW
HPPmCaz3O0kmCoTgyxL8P3f/Ivy+h2WniP8ac3xThW7tcOWlsEgR/4FEGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtk4I8BvDQnkKBd59vTGWiFMz+bMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATXdmgqUh
wysPOdobdV3Cok0JehiTtRQwHcahuPn5LtfQq75FA5GzvUgdq/w6CVme0cq8YLd2
2TCAKwI8VjBbgeq4nTS3rNGT/JH5y+ZgOK2r/p5bNsKRzjbscRqbO/N5vn4pd//d
cpBp5UHUcFXrRegu6Otro+kOiPWCtG5kDo6Dcok5e0qJnlO282AxP9dkg/eCOZMk
I5w5sIQBdCpPRodgSw6+dm6MG5fEbanZXjohuJf5lPmVtpc5+72WyXYldvGqK4YH
2fK6lSYdwrXNn9X8SWFG8oMskVl8FOHtJI+VDskCrBf7WxH0RvAgjthiCR8dt12v
VEogLBgSq9gPnQ==
-----END CERTIFICATE-----