Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
File:                     CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft (raw, json)
Hash identifier:          pm7MzddgM3BzohXZUQ3vMq0RyeSAcS79+58LNsFqyQg=
Subject key identifier:   68:F1:0D:F7:6C:D6:7E:88:00:98:70:2A:0C:EE:85:E5:3F:96:9E:FF
Authority key identifier: 08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0
Certificate issuer:       /CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
Certificate serial:       019D386609704FD8A8C6F6916B2D9F9CA85F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
Manifest number:          0D28
Signing time:             Sun 29 Mar 2026 07:01:44 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:44 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:44 +0000
Files and hashes:         1: CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl (hash: fgrMeiPPb2t2CW9qYlzwhDQ6S+VTW36H/vzhavmmpQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:09:70:4f:d8:a8:c6:f6:91:6b:2d:9f:9c:a8:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d27fdc90f80f80972c125bd41edb0ae8334aa0
        Validity
            Not Before: Mar 29 07:01:44 2026 GMT
            Not After : Mar 30 07:01:44 2026 GMT
        Subject: CN=68f10df76cd67e880098702a0cee85e53f969eff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:06:31:08:f0:3c:5d:bc:2e:8a:11:bc:56:2e:
                    44:ed:41:d7:69:13:6b:31:6c:41:48:45:71:4f:f2:
                    26:e4:1d:6c:e5:14:82:c1:f9:ae:62:b8:75:b7:37:
                    95:e8:28:cb:22:15:f5:89:22:4b:fa:31:59:34:d7:
                    6a:6b:3a:30:e7:f3:7a:78:4a:61:2d:e0:e7:42:d7:
                    91:45:e9:6b:31:cc:9b:c0:e7:9e:b6:36:16:f8:f4:
                    1c:14:51:de:a7:dc:80:8c:ff:44:85:e7:d5:58:d6:
                    33:bd:27:8f:a8:62:77:5f:82:20:be:98:c6:4e:c4:
                    24:2f:0c:31:52:2a:7c:c9:e9:04:7c:7b:b8:f5:42:
                    91:7c:72:f2:e4:d3:50:f6:f9:24:2c:ab:08:a4:0c:
                    c5:20:ee:fc:5c:dd:1e:f9:b4:8b:51:d7:f1:10:d1:
                    d0:50:e1:66:ef:8b:8b:3b:6a:46:39:fb:59:4d:d9:
                    d4:38:d1:33:90:60:40:49:4b:d7:0d:bb:96:14:1c:
                    34:97:d2:66:bb:7e:d8:02:94:81:60:c5:76:38:96:
                    8c:ec:a5:e5:9d:d3:f3:de:a6:13:e8:a5:e8:0c:b7:
                    a8:92:60:17:10:43:54:5f:c5:0d:03:95:c1:2c:db:
                    f3:c4:a9:29:5c:a2:b1:84:6a:86:af:7a:fa:16:1c:
                    77:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:F1:0D:F7:6C:D6:7E:88:00:98:70:2A:0C:EE:85:E5:3F:96:9E:FF
            X509v3 Authority Key Identifier:
                keyid:08:D2:7F:DC:90:F8:0F:80:97:2C:12:5B:D4:1E:DB:0A:E8:33:4A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNJ_3JD4D4CXLBJb1B7bCugzSqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662dbe-5937-46fa-8d96-910541155fef/1/CNJ_3JD4D4CXLBJb1B7bCugzSqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:6c:5a:52:00:0c:c8:20:eb:94:23:92:21:8c:37:30:6a:f2:
         db:e1:be:94:a2:3d:ad:0b:74:91:5d:6f:ec:a1:3d:c8:dd:d2:
         91:58:8c:c3:1c:e7:06:17:db:fb:5b:18:11:80:91:d1:ce:dd:
         46:27:82:7d:13:8d:a0:71:0d:5e:97:a9:0c:b5:87:8e:54:a7:
         9b:30:2d:54:3c:a2:74:46:00:56:0d:88:a9:e6:d1:c8:db:50:
         a3:5b:27:f2:bc:6e:14:2f:7a:a9:48:04:6f:eb:34:88:a3:81:
         5a:f5:19:18:b7:58:94:d8:7d:a4:fc:10:ef:58:99:33:e7:5f:
         29:11:c8:af:c7:2c:35:4a:2c:10:8c:24:91:ff:44:e3:96:f6:
         58:4c:56:b1:cd:02:71:df:a7:9b:f7:b7:a2:b3:d1:d8:46:8b:
         c7:59:6d:2f:e6:33:f8:c6:21:32:f3:1c:59:22:b4:b2:2d:2e:
         2f:4b:93:98:b5:a2:27:54:a1:c9:45:9c:e4:43:c4:c9:c9:5e:
         9e:7e:82:cc:88:38:24:10:b4:22:40:bf:ca:49:5d:2f:37:c5:
         6e:e9:4e:6d:f9:d2:6f:48:d8:3f:39:40:a3:04:66:9e:1a:4e:
         df:7b:b5:49:d9:a5:d3:e8:76:71:2c:6a:29:ab:56:5e:70:46:
         3f:29:f8:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZglwT9ioxvaRay2fnKhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDI3ZmRjOTBmODBmODA5NzJjMTI1YmQ0MWVkYjBhZTgz
MzRhYTAwHhcNMjYwMzI5MDcwMTQ0WhcNMjYwMzMwMDcwMTQ0WjAzMTEwLwYDVQQD
Eyg2OGYxMGRmNzZjZDY3ZTg4MDA5ODcwMmEwY2VlODVlNTNmOTY5ZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwYxCPA8XbwuihG8Vi5E7UHXaRNr
MWxBSEVxT/Im5B1s5RSCwfmuYrh1tzeV6CjLIhX1iSJL+jFZNNdqazow5/N6eEph
LeDnQteRRelrMcybwOeetjYW+PQcFFHep9yAjP9EhefVWNYzvSePqGJ3X4IgvpjG
TsQkLwwxUip8yekEfHu49UKRfHLy5NNQ9vkkLKsIpAzFIO78XN0e+bSLUdfxENHQ
UOFm74uLO2pGOftZTdnUONEzkGBASUvXDbuWFBw0l9Jmu37YApSBYMV2OJaM7KXl
ndPz3qYT6KXoDLeokmAXEENUX8UNA5XBLNvzxKkpXKKxhGqGr3r6Fhx3UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjxDfds1n6IAJhwKgzuheU/lp7/MB8GA1UdIwQY
MBaAFAjSf9yQ+A+AlywSW9Qe2wroM0qgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYt
OTEwNTQxMTU1ZmVmLzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82NjJkYmUtNTkzNy00NmZhLThkOTYtOTEwNTQxMTU1ZmVm
LzEvQ05KXzNKRDRENENYTEJKYjFCN2JDdWd6U3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2xaUgAM
yCDrlCOSIYw3MGry2+G+lKI9rQt0kV1v7KE9yN3SkViMwxznBhfb+1sYEYCR0c7d
RieCfRONoHENXpepDLWHjlSnmzAtVDyidEYAVg2IqebRyNtQo1sn8rxuFC96qUgE
b+s0iKOBWvUZGLdYlNh9pPwQ71iZM+dfKRHIr8csNUosEIwkkf9E45b2WExWsc0C
cd+nm/e3orPR2EaLx1ltL+Yz+MYhMvMcWSK0si0uL0uTmLWiJ1ShyUWc5EPEycle
nn6CzIg4JBC0IkC/ykldLzfFbulObfnSb0jYPzlAowRmnhpO33u1Sdml0+h2cSxq
KatWXnBGPyn4Vw==
-----END CERTIFICATE-----