Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
File:                     JkXNQMgEm-mprn8DM2q9P-CCr7k.mft (raw, json)
Hash identifier:          42GClP6IkZgEt3sMSUCziyRX6+28iMFBXTGFMjvu+qk=
Subject key identifier:   EC:04:51:5B:EC:D5:60:51:D2:93:2D:AF:22:02:EE:EC:85:37:62:72
Authority key identifier: 26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9
Certificate issuer:       /CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
Certificate serial:       019D2703EC99678C9F40B44428C190A4FBB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
Manifest number:          1884
Signing time:             Wed 25 Mar 2026 22:01:01 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:01 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:01 +0000
Files and hashes:         1: JkXNQMgEm-mprn8DM2q9P-CCr7k.crl (hash: hQrcJ6UfCIu55E8Bemht9Z26pti3uVo/CSNY2m4+cNs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ec:99:67:8c:9f:40:b4:44:28:c1:90:a4:fb:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2645cd40c8049be9a9ae7f03336abd3fe082afb9
        Validity
            Not Before: Mar 25 22:01:01 2026 GMT
            Not After : Mar 26 22:01:01 2026 GMT
        Subject: CN=ec04515becd56051d2932daf2202eeec85376272
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:cb:43:f3:69:b8:0e:65:9e:13:e1:a1:2f:36:
                    5b:d6:ba:a9:3b:e3:54:1f:79:3d:0c:09:58:82:8d:
                    54:56:c6:93:ea:7a:4a:9a:28:3c:e8:6b:9e:72:38:
                    80:4d:13:99:b9:42:48:9f:c5:64:1b:96:17:6c:b0:
                    1f:65:73:14:ac:6c:36:4a:76:ad:d0:da:b6:cb:8d:
                    4a:d6:96:78:24:81:ad:cd:22:b1:ff:98:dc:7e:f0:
                    8c:c9:e6:ec:8b:1e:99:3c:cb:98:dc:c3:71:e4:37:
                    e0:53:c3:31:23:c1:23:e5:4a:28:e3:29:a9:8e:c9:
                    0c:66:e3:12:5b:ee:00:4c:a8:d5:2f:3f:41:4e:92:
                    da:c9:90:5c:0e:51:24:1e:12:10:33:79:c9:d1:f2:
                    02:20:6c:6d:90:93:ec:f3:55:41:44:1d:4b:69:2e:
                    19:ce:e7:ee:af:da:2c:fa:54:fc:e0:ca:75:6c:fb:
                    31:e8:14:44:8f:3a:ec:aa:d1:e5:28:a5:05:08:f3:
                    bd:b0:4f:51:9f:6b:0d:e3:86:12:ed:1e:cf:fa:97:
                    35:1d:99:7a:01:f6:e6:8b:34:6a:1c:78:34:2a:b1:
                    d5:06:2f:3d:ae:77:07:23:cc:f3:99:2b:12:e8:06:
                    bc:e8:fb:e3:8a:7f:84:ac:db:4e:e4:7f:2c:72:a5:
                    46:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:04:51:5B:EC:D5:60:51:D2:93:2D:AF:22:02:EE:EC:85:37:62:72
            X509v3 Authority Key Identifier:
                keyid:26:45:CD:40:C8:04:9B:E9:A9:AE:7F:03:33:6A:BD:3F:E0:82:AF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkXNQMgEm-mprn8DM2q9P-CCr7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d9732b-4df9-45c6-a91e-c1149a01815f/1/JkXNQMgEm-mprn8DM2q9P-CCr7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:1c:2e:d1:54:b4:c0:52:ac:41:89:76:b6:47:ae:a8:73:c9:
         54:24:6c:73:98:1f:bc:22:78:b9:ee:da:45:97:52:a0:05:f5:
         37:ae:dd:57:3a:17:4f:40:de:3c:dc:23:fc:44:c2:d6:7a:18:
         e3:4b:ca:e9:25:b0:84:d8:c9:85:82:4b:e9:a7:20:5a:9f:da:
         14:d6:89:e2:f4:b2:5e:1d:d6:ef:f9:52:fa:0b:35:e1:af:07:
         de:ee:89:17:c6:cc:9d:f9:ee:09:05:a3:0d:83:e3:c8:c6:7d:
         9e:c9:f3:42:45:64:bb:5e:51:2f:9a:37:2c:09:31:9a:6a:6f:
         be:77:ca:a8:90:3b:ea:5c:09:2d:59:8d:96:8b:2c:61:7f:d8:
         5f:9d:36:23:80:85:63:95:37:00:cf:ed:4c:de:75:96:6d:96:
         e7:b9:d3:f7:f5:fa:d5:74:06:e5:16:83:c4:57:71:63:64:fd:
         3d:22:9c:16:2c:6a:ee:66:35:ac:86:8a:61:13:84:f0:e9:f8:
         2c:87:bf:f1:1a:6b:a2:3f:7e:3f:29:8a:2d:2a:51:46:b1:e1:
         c3:b8:5f:33:8c:a5:e4:31:98:77:87:44:05:c5:4d:77:ed:b8:
         b4:ea:d5:5b:9d:c5:68:1e:3b:71:2d:66:ef:c3:96:c4:90:9d:
         c9:5b:ac:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+yZZ4yfQLREKMGQpPu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDVjZDQwYzgwNDliZTlhOWFlN2YwMzMzNmFiZDNmZTA4
MmFmYjkwHhcNMjYwMzI1MjIwMTAxWhcNMjYwMzI2MjIwMTAxWjAzMTEwLwYDVQQD
EyhlYzA0NTE1YmVjZDU2MDUxZDI5MzJkYWYyMjAyZWVlYzg1Mzc2MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxctD82m4DmWeE+GhLzZb1rqpO+NU
H3k9DAlYgo1UVsaT6npKmig86GuecjiATROZuUJIn8VkG5YXbLAfZXMUrGw2Snat
0Nq2y41K1pZ4JIGtzSKx/5jcfvCMyebsix6ZPMuY3MNx5DfgU8MxI8Ej5Uoo4ymp
jskMZuMSW+4ATKjVLz9BTpLayZBcDlEkHhIQM3nJ0fICIGxtkJPs81VBRB1LaS4Z
zufur9os+lT84Mp1bPsx6BREjzrsqtHlKKUFCPO9sE9Rn2sN44YS7R7P+pc1HZl6
AfbmizRqHHg0KrHVBi89rncHI8zzmSsS6Aa86Pvjin+ErNtO5H8scqVGswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwEUVvs1WBR0pMtryIC7uyFN2JyMB8GA1UdIwQY
MBaAFCZFzUDIBJvpqa5/AzNqvT/ggq+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUt
YzExNDlhMDE4MTVmLzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kOTczMmItNGRmOS00NWM2LWE5MWUtYzExNDlhMDE4MTVm
LzEvSmtYTlFNZ0VtLW1wcm44RE0ycTlQLUNDcjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEBwu0VS0
wFKsQYl2tkeuqHPJVCRsc5gfvCJ4ue7aRZdSoAX1N67dVzoXT0DePNwj/ETC1noY
40vK6SWwhNjJhYJL6acgWp/aFNaJ4vSyXh3W7/lS+gs14a8H3u6JF8bMnfnuCQWj
DYPjyMZ9nsnzQkVku15RL5o3LAkxmmpvvnfKqJA76lwJLVmNlossYX/YX502I4CF
Y5U3AM/tTN51lm2W57nT9/X61XQG5RaDxFdxY2T9PSKcFixq7mY1rIaKYROE8On4
LIe/8Rproj9+PymKLSpRRrHhw7hfM4yl5DGYd4dEBcVNd+24tOrVW53FaB47cS1m
78OWxJCdyVuslg==
-----END CERTIFICATE-----