Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
File:                     JCsEwxmbHrlpPUMg9702HtYXBTA.mft (raw, json)
Hash identifier:          O+seI68EuHDKf+gv58iyOUzqrNJkWs3a07eC0FmeOuc=
Subject key identifier:   01:7A:E9:EB:A5:C9:DF:A6:C1:FE:63:4C:36:0C:D0:FC:EB:27:8B:BF
Authority key identifier: 24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30
Certificate issuer:       /CN=242b04c3199b1eb9693d4320f7bd361ed6170530
Certificate serial:       019D2704C9D6B97A7B5F9C2E3E077B982B34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:01:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:58 +0000
Files and hashes:         1: JCsEwxmbHrlpPUMg9702HtYXBTA.crl (hash: fDAsC9m4o4PsMofflkcEFcT+9o6/DOkLn1Q7goblBwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:c9:d6:b9:7a:7b:5f:9c:2e:3e:07:7b:98:2b:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=242b04c3199b1eb9693d4320f7bd361ed6170530
        Validity
            Not Before: Mar 25 22:01:58 2026 GMT
            Not After : Mar 26 22:01:58 2026 GMT
        Subject: CN=017ae9eba5c9dfa6c1fe634c360cd0fceb278bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:7a:43:88:f0:7a:59:82:8a:77:83:b8:ed:39:
                    f8:a1:ce:aa:8b:ad:86:5e:09:99:97:e7:7d:21:49:
                    42:82:4a:f1:30:77:ca:c7:ba:58:85:cb:cf:4f:9a:
                    fd:3d:54:e7:e3:99:01:b7:eb:8c:26:6f:4f:7a:06:
                    36:eb:73:be:41:81:8f:af:10:c5:f2:57:06:71:72:
                    97:28:40:01:2c:30:d5:53:f4:80:8b:91:ca:b5:f5:
                    ea:83:c7:0a:28:10:bc:da:3c:7b:47:9d:50:f4:8f:
                    a5:63:13:86:ec:bc:69:94:04:62:cd:75:15:32:0b:
                    1b:41:36:18:6e:8d:98:de:6a:74:f7:90:a5:8e:83:
                    22:9b:38:7b:7a:5e:8c:a1:d2:8f:63:95:10:a3:bb:
                    f7:ec:1d:ed:a7:64:84:cb:11:85:e5:e5:31:70:de:
                    57:83:20:94:83:fc:62:95:03:5a:f0:87:90:26:c3:
                    35:e5:fd:8f:4c:3b:3a:96:a7:0c:56:a8:21:a7:97:
                    46:ab:76:97:a2:f7:0c:6c:34:6a:58:ed:e4:f0:b4:
                    aa:8a:a3:b0:99:a6:51:9b:4a:01:12:28:c8:91:a7:
                    99:08:ab:45:7b:66:57:b9:a3:e8:bd:b8:79:b9:55:
                    d6:f7:da:3f:c0:ff:5a:a7:de:66:5f:77:34:14:37:
                    54:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:7A:E9:EB:A5:C9:DF:A6:C1:FE:63:4C:36:0C:D0:FC:EB:27:8B:BF
            X509v3 Authority Key Identifier:
                keyid:24:2B:04:C3:19:9B:1E:B9:69:3D:43:20:F7:BD:36:1E:D6:17:05:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCsEwxmbHrlpPUMg9702HtYXBTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0c02c0-569c-45ea-b05b-66b67e21a82b/1/JCsEwxmbHrlpPUMg9702HtYXBTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:a1:5d:a5:c6:8a:a8:e1:26:fc:b1:27:3e:e3:d3:64:2f:e6:
         ef:09:e8:d5:99:ae:9e:b2:4d:8f:35:ca:5a:ba:d3:02:ef:a5:
         2f:58:3d:54:28:1a:b7:ba:e7:29:bb:47:c9:4e:cd:bf:54:a9:
         2d:f2:6a:f3:2c:32:20:00:db:97:fe:31:a8:a8:8f:62:5e:07:
         66:c7:37:de:42:a7:dd:21:e4:b1:a3:f2:e3:8a:50:2c:de:80:
         ea:ec:2a:5f:36:51:13:b9:3a:0b:38:18:08:73:d3:7c:dd:ea:
         53:aa:48:3a:c7:63:d0:12:3a:c6:70:db:32:60:05:30:04:bd:
         9d:78:36:a0:0c:52:47:8f:d7:36:46:6d:38:a4:2b:63:11:ed:
         78:7b:e2:72:da:a7:7e:40:76:1a:b7:3e:96:dd:4e:29:3e:ca:
         1a:dd:3b:81:da:09:32:30:33:61:6c:83:c7:a9:6c:c1:b1:13:
         63:47:93:2f:76:74:2f:db:ab:0a:44:cf:e5:df:50:3c:d1:6d:
         fb:5f:95:3d:37:80:03:a7:1c:dd:f2:19:47:24:13:3f:e4:95:
         ae:d1:51:ae:35:71:f1:b0:94:92:e9:c3:d4:83:be:cb:4c:e9:
         1d:71:40:a3:af:0b:8e:4f:d8:7c:96:76:9c:e7:69:b4:e6:14:
         d1:64:66:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMnWuXp7X5wuPgd7mCs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MmIwNGMzMTk5YjFlYjk2OTNkNDMyMGY3YmQzNjFlZDYx
NzA1MzAwHhcNMjYwMzI1MjIwMTU4WhcNMjYwMzI2MjIwMTU4WjAzMTEwLwYDVQQD
EygwMTdhZTllYmE1YzlkZmE2YzFmZTYzNGMzNjBjZDBmY2ViMjc4YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9npDiPB6WYKKd4O47Tn4oc6qi62G
XgmZl+d9IUlCgkrxMHfKx7pYhcvPT5r9PVTn45kBt+uMJm9PegY263O+QYGPrxDF
8lcGcXKXKEABLDDVU/SAi5HKtfXqg8cKKBC82jx7R51Q9I+lYxOG7LxplARizXUV
MgsbQTYYbo2Y3mp095CljoMimzh7el6ModKPY5UQo7v37B3tp2SEyxGF5eUxcN5X
gyCUg/xilQNa8IeQJsM15f2PTDs6lqcMVqghp5dGq3aXovcMbDRqWO3k8LSqiqOw
maZRm0oBEijIkaeZCKtFe2ZXuaPovbh5uVXW99o/wP9ap95mX3c0FDdU/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAF66eulyd+mwf5jTDYM0PzrJ4u/MB8GA1UdIwQY
MBaAFCQrBMMZmx65aT1DIPe9Nh7WFwUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWIt
NjZiNjdlMjFhODJiLzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wYzAyYzAtNTY5Yy00NWVhLWIwNWItNjZiNjdlMjFhODJi
LzEvSkNzRXd4bWJIcmxwUFVNZzk3MDJIdFlYQlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ6FdpcaK
qOEm/LEnPuPTZC/m7wno1ZmunrJNjzXKWrrTAu+lL1g9VCgat7rnKbtHyU7Nv1Sp
LfJq8ywyIADbl/4xqKiPYl4HZsc33kKn3SHksaPy44pQLN6A6uwqXzZRE7k6CzgY
CHPTfN3qU6pIOsdj0BI6xnDbMmAFMAS9nXg2oAxSR4/XNkZtOKQrYxHteHvictqn
fkB2Grc+lt1OKT7KGt07gdoJMjAzYWyDx6lswbETY0eTL3Z0L9urCkTP5d9QPNFt
+1+VPTeAA6cc3fIZRyQTP+SVrtFRrjVx8bCUkunD1IO+y0zpHXFAo68Ljk/YfJZ2
nOdptOYU0WRmkw==
-----END CERTIFICATE-----