Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
File:                     jmcNnjgoGVjuocw46s67vcM4HTY.mft (raw, json)
Hash identifier:          CuAeiRxSudL8UVONCm+SFcR3sJc4/OO0o/moQimV76M=
Subject key identifier:   15:09:C8:6F:4A:AC:3E:DF:61:8D:91:BA:06:36:E5:C0:EC:32:AF:90
Authority key identifier: 8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36
Certificate issuer:       /CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
Certificate serial:       019D3865D113D04EF078B6E7D05B1A9C8CFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
Manifest number:          0D69
Signing time:             Sun 29 Mar 2026 07:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:29 +0000
Files and hashes:         1: jmcNnjgoGVjuocw46s67vcM4HTY.crl (hash: sOfWaK2DeUqq5CzVtpMQJi/+k0i6YjBgEReSioSRoxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:d1:13:d0:4e:f0:78:b6:e7:d0:5b:1a:9c:8c:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e670d9e38281958eea1cc38eacebbbdc3381d36
        Validity
            Not Before: Mar 29 07:01:29 2026 GMT
            Not After : Mar 30 07:01:29 2026 GMT
        Subject: CN=1509c86f4aac3edf618d91ba0636e5c0ec32af90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:20:d9:8c:96:3c:97:4d:9c:90:57:6c:22:c8:
                    14:bb:62:19:0f:8f:1b:b1:0c:13:11:a0:c1:d5:ba:
                    62:a0:40:28:41:96:ae:93:f8:29:bb:96:29:c5:73:
                    0e:fc:1e:9f:a4:88:77:a6:ef:69:a3:b8:8b:15:48:
                    c5:25:16:8d:d7:0d:1d:5a:73:3e:bc:f4:ab:05:8e:
                    92:b9:e0:ca:a9:34:6a:d0:6b:ec:81:92:79:20:c5:
                    c3:ec:5c:43:c7:f8:d2:78:58:dd:af:fe:87:dd:61:
                    45:51:ca:fc:29:54:41:3b:ab:65:45:64:10:21:86:
                    9d:71:ab:99:34:b2:04:d8:48:42:7c:36:5e:67:87:
                    32:21:ef:b1:f4:2d:52:7f:63:4e:e0:f3:7c:a6:1c:
                    2e:43:8d:1d:80:c4:84:cc:55:98:0c:d0:ee:ae:01:
                    94:74:fa:27:2f:81:2b:18:0c:a6:ea:2d:6c:8e:ac:
                    87:79:19:2a:cc:43:7a:d0:94:b4:7c:af:f1:12:d0:
                    ea:38:d5:86:dc:b8:14:1b:f8:bd:13:d8:bb:e3:35:
                    26:57:a3:34:8f:fe:23:02:7e:4e:af:0d:78:1f:9d:
                    f6:d5:25:86:95:34:38:b5:1c:3f:e8:df:1c:41:72:
                    1b:db:50:d0:1e:a5:85:fe:dd:79:1d:90:2a:6e:2e:
                    d6:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:09:C8:6F:4A:AC:3E:DF:61:8D:91:BA:06:36:E5:C0:EC:32:AF:90
            X509v3 Authority Key Identifier:
                keyid:8E:67:0D:9E:38:28:19:58:EE:A1:CC:38:EA:CE:BB:BD:C3:38:1D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmcNnjgoGVjuocw46s67vcM4HTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5a1cad-0c65-4800-8865-cca9df6e19e3/1/jmcNnjgoGVjuocw46s67vcM4HTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:ed:d5:b1:34:a8:c4:5b:c6:40:31:be:ec:1e:9c:3b:5e:d4:
         eb:5c:fe:db:34:98:35:95:28:a6:06:18:42:f0:cc:31:7e:04:
         82:18:f7:4b:6b:a7:94:55:25:fc:09:fd:b5:a2:43:2f:a9:c0:
         c9:bf:a3:ad:4e:1b:43:19:5b:0e:a5:b7:11:90:29:c7:dd:e5:
         df:9d:ce:20:85:05:11:39:a8:09:47:b3:63:17:44:5b:40:d4:
         75:43:ae:2e:02:60:be:05:c6:37:d6:f0:54:04:11:7e:98:b9:
         34:f7:84:2b:73:31:55:ae:77:e1:db:d3:39:00:78:8a:00:2c:
         9b:c5:9c:fc:a8:8d:9a:2a:96:ad:6d:e6:1e:b9:16:e8:79:80:
         10:1f:ae:98:d3:cf:a8:9f:77:7e:c3:6a:a6:f3:72:1a:28:bb:
         d2:02:3f:45:ef:b2:6c:d7:8e:2a:35:a5:e1:9b:e1:31:7b:e6:
         fb:59:c3:a8:2e:77:14:8e:77:75:37:a1:d2:cb:59:a4:ef:25:
         79:a5:54:54:b8:6f:0b:7f:23:06:bd:d9:82:47:a9:6c:48:6e:
         2d:dc:7a:69:af:18:75:6e:17:d9:72:08:52:38:4b:10:96:ea:
         b5:3a:d7:9e:8c:7e:bf:5f:5c:11:40:1d:6c:5e:ab:6b:47:dc:
         97:0d:ca:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdET0E7weLbn0FsanIz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjcwZDllMzgyODE5NThlZWExY2MzOGVhY2ViYmJkYzMz
ODFkMzYwHhcNMjYwMzI5MDcwMTI5WhcNMjYwMzMwMDcwMTI5WjAzMTEwLwYDVQQD
EygxNTA5Yzg2ZjRhYWMzZWRmNjE4ZDkxYmEwNjM2ZTVjMGVjMzJhZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyDZjJY8l02ckFdsIsgUu2IZD48b
sQwTEaDB1bpioEAoQZauk/gpu5YpxXMO/B6fpIh3pu9po7iLFUjFJRaN1w0dWnM+
vPSrBY6SueDKqTRq0GvsgZJ5IMXD7FxDx/jSeFjdr/6H3WFFUcr8KVRBO6tlRWQQ
IYadcauZNLIE2EhCfDZeZ4cyIe+x9C1Sf2NO4PN8phwuQ40dgMSEzFWYDNDurgGU
dPonL4ErGAym6i1sjqyHeRkqzEN60JS0fK/xEtDqONWG3LgUG/i9E9i74zUmV6M0
j/4jAn5Orw14H5321SWGlTQ4tRw/6N8cQXIb21DQHqWF/t15HZAqbi7WewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUJyG9KrD7fYY2RugY25cDsMq+QMB8GA1UdIwQY
MBaAFI5nDZ44KBlY7qHMOOrOu73DOB02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUt
Y2NhOWRmNmUxOWUzLzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81YTFjYWQtMGM2NS00ODAwLTg4NjUtY2NhOWRmNmUxOWUz
LzEvam1jTm5qZ29HVmp1b2N3NDZzNjd2Y000SFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe+3VsTSo
xFvGQDG+7B6cO17U61z+2zSYNZUopgYYQvDMMX4Eghj3S2unlFUl/An9taJDL6nA
yb+jrU4bQxlbDqW3EZApx93l353OIIUFETmoCUezYxdEW0DUdUOuLgJgvgXGN9bw
VAQRfpi5NPeEK3MxVa534dvTOQB4igAsm8Wc/KiNmiqWrW3mHrkW6HmAEB+umNPP
qJ93fsNqpvNyGii70gI/Re+ybNeOKjWl4ZvhMXvm+1nDqC53FI53dTeh0stZpO8l
eaVUVLhvC38jBr3ZgkepbEhuLdx6aa8YdW4X2XIIUjhLEJbqtTrXnox+v19cEUAd
bF6ra0fclw3KpA==
-----END CERTIFICATE-----