Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          LNQkZlgUD2iMn/9zuKetsCcvPBt8XBJInpVn1bckcC4=
Subject key identifier:   6B:CC:A8:28:FD:67:2E:3E:FB:4B:1B:10:0D:BC:45:4A:59:28:72:29
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       019D38664FEE3AADC6B8CD1BF1EEB191EBD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          13A3
Signing time:             Sun 29 Mar 2026 07:02:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:02 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: EYbvUOaYhNDLt3d92C4o6J/q2cbYjdmF2Vv1+0R0vM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4f:ee:3a:ad:c6:b8:cd:1b:f1:ee:b1:91:eb:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Mar 29 07:02:02 2026 GMT
            Not After : Mar 30 07:02:02 2026 GMT
        Subject: CN=6bcca828fd672e3efb4b1b100dbc454a59287229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d1:b7:5d:38:36:e5:1e:9e:6a:82:ad:aa:6a:
                    a9:67:bb:d0:90:79:ef:b2:d2:6d:d3:04:3c:0e:71:
                    c3:e6:33:dc:e5:61:c1:19:d0:22:75:82:a3:82:a0:
                    bb:50:e2:52:1c:2a:7f:c9:df:06:4a:4d:9e:dc:23:
                    fd:fe:a2:d8:d5:73:da:10:55:8c:25:d5:1a:6b:06:
                    2b:61:9d:d1:7b:5c:c2:20:a5:bd:7c:a9:be:6d:20:
                    4d:e9:41:63:ab:4d:1d:bc:c3:a2:90:fa:ca:57:1c:
                    2d:50:3c:c1:83:1c:da:64:71:28:1d:f2:93:44:a9:
                    f0:30:c2:ae:de:aa:f7:ce:a3:63:53:98:32:41:9e:
                    45:0a:32:e7:81:37:96:e7:4a:4a:79:97:9b:e9:b8:
                    d8:43:dc:2a:9c:73:ae:3a:49:14:ab:ae:f3:85:7f:
                    59:42:74:9d:8c:4f:30:29:b9:83:f4:ae:cf:b4:00:
                    91:cc:95:bc:ea:79:57:51:69:83:5e:72:d1:2e:f9:
                    a9:c9:ec:1d:61:50:56:59:dd:4c:28:29:93:8c:57:
                    a0:23:ce:17:31:a5:83:7e:0d:98:26:4d:00:f8:33:
                    f7:de:02:60:ba:99:51:7c:ee:4d:eb:83:a2:75:76:
                    0d:ed:f3:1c:f1:14:45:22:b6:61:85:10:2d:b2:ca:
                    5d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:CC:A8:28:FD:67:2E:3E:FB:4B:1B:10:0D:BC:45:4A:59:28:72:29
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:86:af:f0:db:c7:d7:66:03:f9:81:8e:01:1c:e7:f6:88:01:
         47:f7:05:2e:64:a6:4b:2a:8b:7f:51:89:a6:09:b2:4c:ba:32:
         3d:ea:32:0f:71:a5:d2:fa:4f:39:8c:63:00:55:de:04:66:f2:
         ae:a9:e9:d9:79:ca:59:6e:59:8d:df:74:88:16:9f:bb:ef:9f:
         f4:70:47:f6:1c:b6:df:c4:ef:cc:53:db:4a:ce:d7:5a:c3:eb:
         3a:4e:32:ac:44:15:77:a7:32:d2:17:df:a7:fe:8a:d3:2d:ed:
         93:6c:51:d8:2a:8a:f9:b2:05:d5:fd:a5:dc:83:16:1b:42:6d:
         e7:85:7d:5a:cc:9d:c0:4f:c2:ce:be:c2:28:09:3d:6b:7a:a7:
         ae:00:56:a9:81:1e:c4:2c:f8:b9:eb:c0:ba:65:de:3c:21:a3:
         45:ca:cf:34:92:d6:13:a7:b5:03:d4:8a:c9:eb:a2:77:c8:82:
         4d:38:bc:e9:31:dd:dc:5f:a0:f4:9b:57:70:96:0b:94:5b:fa:
         0b:70:08:d3:83:fe:13:0c:75:2f:00:9f:35:f9:57:fa:e8:3e:
         ff:88:13:0b:4e:c0:46:9f:86:f9:a0:a7:ba:04:bf:2f:82:0a:
         a6:4a:ff:96:55:ec:52:d7:cc:64:b5:44:69:68:0d:40:7d:f0:
         34:e1:98:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zk/uOq3GuM0b8e6xkevWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjYwMzI5MDcwMjAyWhcNMjYwMzMwMDcwMjAyWjAzMTEwLwYDVQQD
Eyg2YmNjYTgyOGZkNjcyZTNlZmI0YjFiMTAwZGJjNDU0YTU5Mjg3MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tG3XTg25R6eaoKtqmqpZ7vQkHnv
stJt0wQ8DnHD5jPc5WHBGdAidYKjgqC7UOJSHCp/yd8GSk2e3CP9/qLY1XPaEFWM
JdUaawYrYZ3Re1zCIKW9fKm+bSBN6UFjq00dvMOikPrKVxwtUDzBgxzaZHEoHfKT
RKnwMMKu3qr3zqNjU5gyQZ5FCjLngTeW50pKeZeb6bjYQ9wqnHOuOkkUq67zhX9Z
QnSdjE8wKbmD9K7PtACRzJW86nlXUWmDXnLRLvmpyewdYVBWWd1MKCmTjFegI84X
MaWDfg2YJk0A+DP33gJguplRfO5N64OidXYN7fMc8RRFIrZhhRAtsspdDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvMqCj9Zy4++0sbEA28RUpZKHIpMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvIav8NvH
12YD+YGOARzn9ogBR/cFLmSmSyqLf1GJpgmyTLoyPeoyD3Gl0vpPOYxjAFXeBGby
rqnp2XnKWW5Zjd90iBafu++f9HBH9hy238TvzFPbSs7XWsPrOk4yrEQVd6cy0hff
p/6K0y3tk2xR2CqK+bIF1f2l3IMWG0Jt54V9WsydwE/Czr7CKAk9a3qnrgBWqYEe
xCz4uevAumXePCGjRcrPNJLWE6e1A9SKyeuid8iCTTi86THd3F+g9JtXcJYLlFv6
C3AI04P+Ewx1LwCfNflX+ug+/4gTC07ARp+G+aCnugS/L4IKpkr/llXsUtfMZLVE
aWgNQH3wNOGYWw==
-----END CERTIFICATE-----