Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
File:                     JKtnE2v5kKqL6IV6aNLDmezWKZo.mft (raw, json)
Hash identifier:          JAJ63ebnKaEANHVVhvqZsP4YKhNR9DlbRywX1RNy+ZQ=
Subject key identifier:   35:15:BC:13:11:D1:EE:9D:EC:07:BC:FF:46:F4:80:48:ED:DB:ED:63
Authority key identifier: 24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A
Certificate issuer:       /CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
Certificate serial:       019D2B4E449DB5C86BCD011071C58BF4BA2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
Manifest number:          1817
Signing time:             Thu 26 Mar 2026 18:00:42 +0000
Manifest this update:     Thu 26 Mar 2026 18:00:42 +0000
Manifest next update:     Fri 27 Mar 2026 18:00:42 +0000
Files and hashes:         1: JKtnE2v5kKqL6IV6aNLDmezWKZo.crl (hash: aNh+DzKF9GKJJfrhPO4nSVtbgNlpjRazo/EoUzxHp+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:4e:44:9d:b5:c8:6b:cd:01:10:71:c5:8b:f4:ba:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24ab67136bf990aa8be8857a68d2c399ecd6299a
        Validity
            Not Before: Mar 26 18:00:42 2026 GMT
            Not After : Mar 27 18:00:42 2026 GMT
        Subject: CN=3515bc1311d1ee9dec07bcff46f48048eddbed63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:21:13:a8:61:ca:66:c5:a7:eb:ca:79:02:75:
                    21:29:b0:dc:c6:87:b4:c5:3b:c8:39:45:b2:ac:55:
                    a0:55:17:81:c9:64:b8:35:f9:6a:ac:4c:87:7b:19:
                    8a:5f:ad:b3:45:32:ce:d8:a3:10:e9:c9:8e:0d:f2:
                    b3:55:52:19:8b:f6:d9:8f:eb:3e:7d:3a:76:1c:23:
                    91:52:ae:1f:18:47:08:f9:66:ec:96:34:75:24:8a:
                    05:92:82:73:d3:c0:91:5d:aa:46:58:66:82:a4:e9:
                    e6:58:35:8d:1c:2b:60:0a:aa:b3:66:56:ce:06:09:
                    d0:18:78:13:4f:93:d3:06:79:54:6e:dd:92:bf:bc:
                    e7:26:76:21:e8:87:1f:9a:90:92:25:22:0c:c2:a1:
                    f7:61:0e:ba:ee:e7:81:48:c5:9b:06:cb:69:53:43:
                    f9:d8:f3:61:e8:90:8d:4b:8d:37:53:79:7c:47:e3:
                    05:28:14:ae:84:9b:16:56:ab:81:b9:3c:33:e2:ba:
                    38:2b:f7:72:e5:7b:dd:c6:12:d0:30:b8:6d:19:65:
                    f7:5f:4f:00:79:11:1f:32:1f:11:66:84:11:ad:ae:
                    eb:92:87:99:09:86:70:c0:b2:4e:62:8b:35:27:d2:
                    31:21:7c:ca:72:ae:b7:8a:40:31:6f:a0:01:75:8a:
                    5c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:15:BC:13:11:D1:EE:9D:EC:07:BC:FF:46:F4:80:48:ED:DB:ED:63
            X509v3 Authority Key Identifier:
                keyid:24:AB:67:13:6B:F9:90:AA:8B:E8:85:7A:68:D2:C3:99:EC:D6:29:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKtnE2v5kKqL6IV6aNLDmezWKZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/088521-2398-457b-b1e3-dd3360393391/1/JKtnE2v5kKqL6IV6aNLDmezWKZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:07:b3:24:34:9d:cb:dc:c0:11:5e:d4:8b:18:ed:a6:22:ac:
         cf:fb:f7:8d:0e:89:ca:cd:a7:90:35:6d:83:a3:0a:30:43:d2:
         6a:e2:77:c6:b4:bc:07:48:14:49:a5:8f:9b:a4:e4:ce:51:73:
         18:31:9a:be:58:ca:fc:06:cc:ec:86:85:16:23:b8:e4:7c:45:
         ea:bb:36:86:4b:b9:47:2e:45:80:55:dd:c1:25:ff:7b:d9:35:
         76:b0:1d:d1:7b:b1:a9:29:b2:af:2c:aa:d8:f2:41:e0:0a:bc:
         3e:54:cd:03:0a:e3:19:5c:d9:84:32:95:79:ba:b6:f3:96:1e:
         97:64:1f:4d:74:1b:0d:44:5a:c4:de:68:d3:6b:5b:e7:a0:7f:
         9f:d3:43:5e:a1:0f:90:54:94:ba:e0:af:e2:7e:89:bc:77:5a:
         a6:56:86:37:b4:40:29:2d:33:91:3d:97:2e:f6:3f:ab:4e:29:
         3e:05:42:9c:3a:52:18:79:18:45:2b:73:d2:51:99:f0:e4:fb:
         64:f3:13:24:4a:41:56:85:2b:47:90:8d:a0:69:07:ee:8d:50:
         e3:eb:36:61:bc:6b:d1:b9:ed:9d:db:57:cc:23:cc:79:76:85:
         d4:4c:e2:89:94:38:9e:3a:0f:fe:3d:d4:ce:75:d5:54:ef:cc:
         4d:6a:4d:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTkSdtchrzQEQccWL9LoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YWI2NzEzNmJmOTkwYWE4YmU4ODU3YTY4ZDJjMzk5ZWNk
NjI5OWEwHhcNMjYwMzI2MTgwMDQyWhcNMjYwMzI3MTgwMDQyWjAzMTEwLwYDVQQD
EygzNTE1YmMxMzExZDFlZTlkZWMwN2JjZmY0NmY0ODA0OGVkZGJlZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSETqGHKZsWn68p5AnUhKbDcxoe0
xTvIOUWyrFWgVReByWS4NflqrEyHexmKX62zRTLO2KMQ6cmODfKzVVIZi/bZj+s+
fTp2HCORUq4fGEcI+WbsljR1JIoFkoJz08CRXapGWGaCpOnmWDWNHCtgCqqzZlbO
BgnQGHgTT5PTBnlUbt2Sv7znJnYh6IcfmpCSJSIMwqH3YQ667ueBSMWbBstpU0P5
2PNh6JCNS403U3l8R+MFKBSuhJsWVquBuTwz4ro4K/dy5XvdxhLQMLhtGWX3X08A
eREfMh8RZoQRra7rkoeZCYZwwLJOYos1J9IxIXzKcq63ikAxb6ABdYpclwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUVvBMR0e6d7Ae8/0b0gEjt2+1jMB8GA1UdIwQY
MBaAFCSrZxNr+ZCqi+iFemjSw5ns1imaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMt
ZGQzMzYwMzkzMzkxLzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wODg1MjEtMjM5OC00NTdiLWIxZTMtZGQzMzYwMzkzMzkx
LzEvSkt0bkUydjVrS3FMNklWNmFOTERtZXpXS1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAezJDSd
y9zAEV7UixjtpiKsz/v3jQ6Jys2nkDVtg6MKMEPSauJ3xrS8B0gUSaWPm6TkzlFz
GDGavljK/AbM7IaFFiO45HxF6rs2hku5Ry5FgFXdwSX/e9k1drAd0XuxqSmyryyq
2PJB4Aq8PlTNAwrjGVzZhDKVebq285Yel2QfTXQbDURaxN5o02tb56B/n9NDXqEP
kFSUuuCv4n6JvHdaplaGN7RAKS0zkT2XLvY/q04pPgVCnDpSGHkYRStz0lGZ8OT7
ZPMTJEpBVoUrR5CNoGkH7o1Q4+s2Ybxr0bntndtXzCPMeXaF1EziiZQ4njoP/j3U
znXVVO/MTWpNgw==
-----END CERTIFICATE-----