Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
File:                     jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft (raw, json)
Hash identifier:          +SoqOcm8ZEFGAhcHQkglO/BK4J9cu4MDF1r4n699sCk=
Subject key identifier:   11:F6:84:BC:6E:72:D3:E0:F8:9E:C0:6D:70:E5:34:A5:20:6D:6B:D4
Authority key identifier: 8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91
Certificate issuer:       /CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
Certificate serial:       019D386693EF560ADB51A7C0B7E7B2EBEBA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
Manifest number:          0AA9
Signing time:             Sun 29 Mar 2026 07:02:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:19 +0000
Files and hashes:         1: jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl (hash: 8l7LYD7pHBo/Kgu3BBghcPsb6Gu6rwMXUDiK2+I8AVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:93:ef:56:0a:db:51:a7:c0:b7:e7:b2:eb:eb:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c57dcc7e52f58b342b70c83daa21a106ac59291
        Validity
            Not Before: Mar 29 07:02:19 2026 GMT
            Not After : Mar 30 07:02:19 2026 GMT
        Subject: CN=11f684bc6e72d3e0f89ec06d70e534a5206d6bd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a6:ae:3c:78:ff:d0:d0:dc:53:d0:f1:85:4c:
                    2a:07:a2:1f:b4:2a:c5:b8:51:24:19:2c:bd:7c:c1:
                    8e:32:e9:ee:b2:47:05:13:07:5d:53:30:2a:f7:81:
                    41:90:4a:61:ac:99:ad:79:61:9a:ae:d5:59:be:be:
                    68:15:cb:75:46:15:7b:73:00:fa:ec:de:be:31:84:
                    a6:6b:77:f9:26:b1:68:d0:af:1b:d6:17:05:81:df:
                    0c:53:26:1b:65:3e:1e:3f:dc:64:8d:5b:c8:85:a8:
                    40:48:b7:f1:14:e8:6d:31:c1:28:f7:83:70:4d:fc:
                    e2:44:f2:14:11:d8:23:4e:00:ad:f3:7b:f1:c3:76:
                    91:e2:01:e3:98:73:35:fd:2a:95:dc:73:b4:fb:3e:
                    87:a8:12:67:79:ad:c0:d6:c2:ea:ee:1f:ef:fd:5c:
                    e4:49:45:99:20:8d:5d:1d:fd:fb:4a:b2:14:7f:96:
                    b6:90:9b:de:6c:0b:6b:9b:3e:2a:54:cc:fd:46:11:
                    e5:7d:8a:a2:9d:02:75:a8:da:e3:8f:8b:30:10:7d:
                    b7:0e:25:08:e2:88:2c:52:62:01:08:ca:09:83:10:
                    f3:05:c2:c8:a9:38:6d:d8:ac:99:95:6e:99:23:32:
                    60:ef:ac:64:63:8d:c9:ce:56:13:68:5f:cd:ba:28:
                    5a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:F6:84:BC:6E:72:D3:E0:F8:9E:C0:6D:70:E5:34:A5:20:6D:6B:D4
            X509v3 Authority Key Identifier:
                keyid:8C:57:DC:C7:E5:2F:58:B3:42:B7:0C:83:DA:A2:1A:10:6A:C5:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFfcx-UvWLNCtwyD2qIaEGrFkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e83399-0a14-42ac-9fd6-41306c27d6f0/1/jFfcx-UvWLNCtwyD2qIaEGrFkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:7a:12:71:fd:c1:1b:c9:1c:27:04:4d:a3:0d:86:cc:c3:a2:
         e5:5a:c3:a9:67:22:a2:1b:52:2d:7f:2d:7d:ab:d2:a7:43:30:
         77:e5:7f:04:df:aa:34:5a:46:0b:29:20:31:c8:93:1d:6b:02:
         84:cb:a2:72:59:fe:6c:cc:a4:c1:90:b9:72:56:ff:e1:3f:de:
         f9:f0:b4:32:3b:01:91:8f:4a:e4:90:43:ff:66:b1:67:2f:4d:
         55:a5:74:9b:08:e6:7e:7f:09:22:ab:d8:c1:8c:d1:bb:3b:0d:
         09:c9:25:6b:4e:2b:e0:cf:26:b4:35:7b:e5:38:e6:d5:d8:03:
         69:71:4b:26:2e:78:fe:3e:c4:06:d6:90:28:de:ad:fa:30:d0:
         fc:93:f0:dd:ab:a6:55:46:69:9e:77:1f:23:88:52:3b:64:63:
         ed:e4:0a:17:8b:5e:81:0b:cd:9b:f8:a7:75:a4:02:22:00:9f:
         b1:d3:71:17:c0:04:40:df:d2:2d:9d:50:f9:52:68:da:32:98:
         02:24:17:31:8f:84:3b:a0:78:9b:e5:80:26:23:04:f5:97:23:
         2d:1d:b4:6f:34:ab:7f:91:7c:4e:c8:94:c2:48:c4:18:f0:df:
         fc:b7:46:57:fb:ec:f8:e2:52:42:08:68:87:8d:97:0d:f7:25:
         af:0c:c4:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpPvVgrbUafAt+ey6+ukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTdkY2M3ZTUyZjU4YjM0MmI3MGM4M2RhYTIxYTEwNmFj
NTkyOTEwHhcNMjYwMzI5MDcwMjE5WhcNMjYwMzMwMDcwMjE5WjAzMTEwLwYDVQQD
EygxMWY2ODRiYzZlNzJkM2UwZjg5ZWMwNmQ3MGU1MzRhNTIwNmQ2YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKauPHj/0NDcU9DxhUwqB6IftCrF
uFEkGSy9fMGOMunuskcFEwddUzAq94FBkEphrJmteWGartVZvr5oFct1RhV7cwD6
7N6+MYSma3f5JrFo0K8b1hcFgd8MUyYbZT4eP9xkjVvIhahASLfxFOhtMcEo94Nw
TfziRPIUEdgjTgCt83vxw3aR4gHjmHM1/SqV3HO0+z6HqBJnea3A1sLq7h/v/Vzk
SUWZII1dHf37SrIUf5a2kJvebAtrmz4qVMz9RhHlfYqinQJ1qNrjj4swEH23DiUI
4ogsUmIBCMoJgxDzBcLIqTht2KyZlW6ZIzJg76xkY43JzlYTaF/NuihaywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBH2hLxuctPg+J7AbXDlNKUgbWvUMB8GA1UdIwQY
MBaAFIxX3MflL1izQrcMg9qiGhBqxZKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYt
NDEzMDZjMjdkNmYwLzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lODMzOTktMGExNC00MmFjLTlmZDYtNDEzMDZjMjdkNmYw
LzEvakZmY3gtVXZXTE5DdHd5RDJxSWFFR3JGa3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGHoScf3B
G8kcJwRNow2GzMOi5VrDqWciohtSLX8tfavSp0Mwd+V/BN+qNFpGCykgMciTHWsC
hMuicln+bMykwZC5clb/4T/e+fC0MjsBkY9K5JBD/2axZy9NVaV0mwjmfn8JIqvY
wYzRuzsNCckla04r4M8mtDV75Tjm1dgDaXFLJi54/j7EBtaQKN6t+jDQ/JPw3aum
VUZpnncfI4hSO2Rj7eQKF4tegQvNm/indaQCIgCfsdNxF8AEQN/SLZ1Q+VJo2jKY
AiQXMY+EO6B4m+WAJiME9ZcjLR20bzSrf5F8TsiUwkjEGPDf/LdGV/vs+OJSQgho
h42XDfclrwzEnQ==
-----END CERTIFICATE-----