Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft
File:                     J2zuYEMhsPEryjZ7VMBzmqil8To.mft (raw, json)
Hash identifier:          4mEjtKc8ZYn+m8dZmG/9RJQGyEdKpcNx/PkinL46Xxg=
Subject key identifier:   C8:10:63:92:DC:35:4A:9F:18:90:6C:DB:4B:1E:89:05:4D:4F:F4:4C
Authority key identifier: 27:6C:EE:60:43:21:B0:F1:2B:CA:36:7B:54:C0:73:9A:A8:A5:F1:3A
Certificate issuer:       /CN=276cee604321b0f12bca367b54c0739aa8a5f13a
Certificate serial:       019D27043DC0F37D49C922E16A256134DD01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft
Manifest number:          11D8
Signing time:             Wed 25 Mar 2026 22:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:22 +0000
Files and hashes:         1: J2zuYEMhsPEryjZ7VMBzmqil8To.crl (hash: a3dUv3xZsYSUXPUo1nPLuiFNy2jsvPCrDtRv+awGA8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:3d:c0:f3:7d:49:c9:22:e1:6a:25:61:34:dd:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=276cee604321b0f12bca367b54c0739aa8a5f13a
        Validity
            Not Before: Mar 25 22:01:22 2026 GMT
            Not After : Mar 26 22:01:22 2026 GMT
        Subject: CN=c8106392dc354a9f18906cdb4b1e89054d4ff44c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:01:b3:cd:ed:44:de:81:85:9d:09:49:60:6e:
                    e3:98:81:b2:79:30:e9:da:87:5d:b6:c0:e2:65:cd:
                    49:c8:0f:ff:67:01:fb:46:b3:c7:8a:33:25:ed:97:
                    3b:bd:ee:60:70:90:82:53:53:e4:ac:64:90:d2:d5:
                    38:7b:0d:7d:2f:ac:a4:02:00:68:fb:3d:d4:19:6c:
                    df:b9:fb:e5:0d:cd:6b:47:71:ed:44:53:41:7b:f0:
                    6c:b3:9f:43:2c:eb:6d:10:72:34:f1:11:b3:71:f2:
                    7c:5d:ea:d3:80:d3:21:53:51:95:67:3e:ee:d0:d2:
                    d1:38:c2:fd:69:b8:67:0a:8c:d4:81:ad:b9:30:f7:
                    b5:84:af:f5:f2:ea:af:3f:d0:09:32:c0:2b:b9:f0:
                    50:c4:d4:0b:fd:a8:b0:b2:4c:5c:5d:2a:44:b2:45:
                    e2:c8:b1:ed:55:78:0a:37:cc:a5:6c:c2:4e:06:0b:
                    09:07:2d:6f:5d:c2:b7:a3:0b:0c:d5:61:af:db:7c:
                    34:63:62:97:90:5e:fa:d9:e7:7a:bf:4e:d3:ed:5b:
                    f7:6e:6b:7a:e2:d9:97:32:1c:66:2f:90:da:b0:d1:
                    c0:ae:e8:d6:53:59:b6:17:bf:fd:22:c0:87:b3:26:
                    a5:94:7c:7a:1f:b5:a6:c3:f1:6b:0b:af:23:69:06:
                    9e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:10:63:92:DC:35:4A:9F:18:90:6C:DB:4B:1E:89:05:4D:4F:F4:4C
            X509v3 Authority Key Identifier:
                keyid:27:6C:EE:60:43:21:B0:F1:2B:CA:36:7B:54:C0:73:9A:A8:A5:F1:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:3f:f2:e4:2c:bf:b1:d9:7d:4d:83:71:87:b5:32:a3:48:20:
         90:7a:3a:e1:71:b7:5e:2d:57:c3:1b:21:49:1a:d2:96:e4:ef:
         73:da:2b:2e:c7:5d:bd:ae:87:e6:81:12:e8:46:14:96:57:43:
         9f:dd:8a:be:88:31:45:6d:5c:ca:c7:8d:9d:ae:84:56:05:10:
         da:e1:20:4b:89:85:c2:9d:b5:08:6d:b4:f0:c6:40:97:78:30:
         9e:b0:5e:e1:14:44:e7:bc:dc:46:ff:2b:21:28:d0:53:2d:90:
         a2:57:8f:9f:4f:68:84:7b:2c:f5:a8:fc:34:dc:45:b3:dd:18:
         4f:65:9e:6e:2c:35:04:e7:fd:39:7d:eb:79:5b:b2:db:15:0a:
         33:16:68:5b:79:62:c4:18:d1:e0:59:00:1c:e3:95:8b:ff:ca:
         d1:ea:f1:15:8e:4d:06:fa:14:71:58:dd:73:36:57:e5:c3:2b:
         28:90:39:ae:9c:16:52:a5:e2:1b:6d:f5:90:69:e5:20:df:69:
         8f:1e:10:9d:80:e5:ff:ca:77:e4:71:11:fc:c8:10:b1:1a:97:
         15:10:62:ff:86:d5:a1:d3:72:94:d2:ed:a9:74:90:57:74:e6:
         38:96:70:09:6f:13:fc:dd:b2:b1:58:ba:ed:56:83:86:5f:21:
         78:21:d8:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBD3A831JySLhaiVhNN0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NmNlZTYwNDMyMWIwZjEyYmNhMzY3YjU0YzA3MzlhYThh
NWYxM2EwHhcNMjYwMzI1MjIwMTIyWhcNMjYwMzI2MjIwMTIyWjAzMTEwLwYDVQQD
EyhjODEwNjM5MmRjMzU0YTlmMTg5MDZjZGI0YjFlODkwNTRkNGZmNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwGzze1E3oGFnQlJYG7jmIGyeTDp
2oddtsDiZc1JyA//ZwH7RrPHijMl7Zc7ve5gcJCCU1PkrGSQ0tU4ew19L6ykAgBo
+z3UGWzfufvlDc1rR3HtRFNBe/Bss59DLOttEHI08RGzcfJ8XerTgNMhU1GVZz7u
0NLROML9abhnCozUga25MPe1hK/18uqvP9AJMsArufBQxNQL/aiwskxcXSpEskXi
yLHtVXgKN8ylbMJOBgsJBy1vXcK3owsM1WGv23w0Y2KXkF762ed6v07T7Vv3bmt6
4tmXMhxmL5DasNHArujWU1m2F7/9IsCHsyallHx6H7Wmw/FrC68jaQaeeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgQY5LcNUqfGJBs20seiQVNT/RMMB8GA1UdIwQY
MBaAFCds7mBDIbDxK8o2e1TAc5qopfE6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hNTk5NTUtODZjZi00NjU1LWExZjgt
MjU4OTU0YjRmZTVhLzEvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hNTk5NTUtODZjZi00NjU1LWExZjgtMjU4OTU0YjRmZTVh
LzEvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASz/y5Cy/
sdl9TYNxh7Uyo0ggkHo64XG3Xi1XwxshSRrSluTvc9orLsddva6H5oES6EYUlldD
n92KvogxRW1cyseNna6EVgUQ2uEgS4mFwp21CG208MZAl3gwnrBe4RRE57zcRv8r
ISjQUy2QolePn09ohHss9aj8NNxFs90YT2Webiw1BOf9OX3reVuy2xUKMxZoW3li
xBjR4FkAHOOVi//K0erxFY5NBvoUcVjdczZX5cMrKJA5rpwWUqXiG231kGnlIN9p
jx4QnYDl/8p35HER/MgQsRqXFRBi/4bVodNylNLtqXSQV3TmOJZwCW8T/N2ysVi6
7VaDhl8heCHYnQ==
-----END CERTIFICATE-----