Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          OF5b/DWjEr5ke1IJGM7xs4mwAa2k5zGIMQmnwuB4zWA=
Subject key identifier:   58:57:90:F2:1D:E0:52:92:F0:1B:73:14:3A:63:F6:D6:41:BD:75:92
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       019D390989B0056ECF7E219EA891954AE4D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0C64
Signing time:             Sun 29 Mar 2026 10:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:19 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: X/y5YUQd6D+1rVf9D2wvjawT+hQJpFaS32y1OLwunrA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:89:b0:05:6e:cf:7e:21:9e:a8:91:95:4a:e4:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Mar 29 10:00:19 2026 GMT
            Not After : Mar 30 10:00:19 2026 GMT
        Subject: CN=585790f21de05292f01b73143a63f6d641bd7592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2a:9e:85:04:72:95:9c:fe:c8:f5:5b:3e:cd:
                    ae:ae:ee:36:b5:5f:24:87:aa:c6:74:cb:19:cd:6a:
                    08:aa:01:45:31:57:b7:25:3d:be:29:03:9d:e1:1d:
                    38:6c:25:ca:af:db:a7:b5:0c:17:a6:7f:1f:14:89:
                    3e:91:4a:87:47:15:9d:17:cf:d1:ca:6b:1b:2c:31:
                    10:cb:e7:58:01:aa:47:3b:95:ae:bb:1e:87:86:92:
                    86:6d:1b:cd:c3:16:5e:4a:66:e5:46:6b:92:06:ce:
                    94:f0:23:d8:75:9c:2e:67:cf:ea:c7:db:88:fe:c1:
                    47:c8:23:a6:99:8e:4a:7c:f3:a2:13:f3:f6:97:5e:
                    97:ba:1f:f7:a7:4b:ac:3c:6f:5a:7a:0e:c4:9b:d3:
                    f4:3e:31:43:d2:c3:9e:6f:6d:77:57:23:f1:d4:ea:
                    34:47:f9:ff:a5:fb:c3:56:4c:f1:f4:4d:90:d4:d2:
                    92:a3:f3:bb:c8:4f:c8:d4:91:a8:88:2e:fa:11:1c:
                    ca:55:76:81:31:7e:15:16:ed:e4:50:b1:e5:11:3f:
                    40:b7:71:9b:2c:28:89:c1:52:18:17:83:a1:29:36:
                    d7:4f:7f:08:4c:a6:88:9a:cd:56:f8:32:4d:ac:4d:
                    48:a1:3c:02:bc:46:a4:4e:3a:69:d2:17:64:f7:22:
                    6b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:57:90:F2:1D:E0:52:92:F0:1B:73:14:3A:63:F6:D6:41:BD:75:92
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:ab:80:ec:6e:43:93:ee:ea:07:2b:77:af:12:75:83:b5:e3:
         b3:3d:b0:65:94:3b:03:94:99:58:b0:e5:21:ef:95:78:85:72:
         c5:8c:0a:3e:8a:7c:53:9a:74:43:66:3f:7f:01:46:ed:80:9f:
         6d:42:07:cb:99:2a:ea:39:84:16:7b:d6:5d:10:1a:9f:c4:df:
         6a:d1:50:44:8c:e1:42:12:30:e1:15:b8:8e:cc:12:7f:b1:b7:
         da:7c:68:41:a4:a9:d0:d0:cf:0f:e5:6e:93:d5:04:82:70:ef:
         42:47:b0:42:53:4a:3c:5c:43:c6:22:c9:20:59:91:a8:5e:fa:
         df:1b:3b:b1:0a:77:c5:8e:b3:d6:42:87:50:1d:4b:95:ee:d4:
         15:93:36:8d:24:0f:5f:6e:e2:45:0a:6e:4b:ee:95:72:1e:58:
         fe:87:18:58:ea:5e:9c:97:70:ad:31:60:a5:eb:12:a7:7b:61:
         ad:a5:b6:86:93:20:aa:e2:e8:fd:2a:6b:e4:4e:ef:50:40:f0:
         52:a6:22:b1:f4:79:f5:a2:e5:a9:1e:b1:ee:17:82:d0:b3:ff:
         0b:e5:71:5c:c8:ab:c3:38:15:71:d3:39:ae:3e:d9:2e:56:e3:
         0c:aa:73:09:80:68:44:2d:06:9a:01:6d:69:7b:90:60:02:b2:
         7a:36:62:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYmwBW7PfiGeqJGVSuTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjYwMzI5MTAwMDE5WhcNMjYwMzMwMTAwMDE5WjAzMTEwLwYDVQQD
Eyg1ODU3OTBmMjFkZTA1MjkyZjAxYjczMTQzYTYzZjZkNjQxYmQ3NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiqehQRylZz+yPVbPs2uru42tV8k
h6rGdMsZzWoIqgFFMVe3JT2+KQOd4R04bCXKr9untQwXpn8fFIk+kUqHRxWdF8/R
ymsbLDEQy+dYAapHO5Wuux6HhpKGbRvNwxZeSmblRmuSBs6U8CPYdZwuZ8/qx9uI
/sFHyCOmmY5KfPOiE/P2l16Xuh/3p0usPG9aeg7Em9P0PjFD0sOeb213VyPx1Oo0
R/n/pfvDVkzx9E2Q1NKSo/O7yE/I1JGoiC76ERzKVXaBMX4VFu3kULHlET9At3Gb
LCiJwVIYF4OhKTbXT38ITKaIms1W+DJNrE1IoTwCvEakTjpp0hdk9yJrBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhXkPId4FKS8BtzFDpj9tZBvXWSMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeKuA7G5D
k+7qByt3rxJ1g7Xjsz2wZZQ7A5SZWLDlIe+VeIVyxYwKPop8U5p0Q2Y/fwFG7YCf
bUIHy5kq6jmEFnvWXRAan8TfatFQRIzhQhIw4RW4jswSf7G32nxoQaSp0NDPD+Vu
k9UEgnDvQkewQlNKPFxDxiLJIFmRqF763xs7sQp3xY6z1kKHUB1Lle7UFZM2jSQP
X27iRQpuS+6Vch5Y/ocYWOpenJdwrTFgpesSp3thraW2hpMgquLo/Spr5E7vUEDw
UqYisfR59aLlqR6x7heC0LP/C+VxXMirwzgVcdM5rj7ZLlbjDKpzCYBoRC0GmgFt
aXuQYAKyejZirQ==
-----END CERTIFICATE-----