Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
File:                     JkQpgYmVnJWm1KdLdU9JlqWltlw.mft (raw, json)
Hash identifier:          tV55TkYgTdjxdyvsBpoRwkSc8pqfyHiw3bCMxI/5wuM=
Subject key identifier:   EB:A9:3B:D3:50:1B:25:CF:6B:19:CF:BE:92:24:5C:A6:6B:80:A3:6B
Authority key identifier: 26:44:29:81:89:95:9C:95:A6:D4:A7:4B:75:4F:49:96:A5:A5:B6:5C
Certificate issuer:       /CN=2644298189959c95a6d4a74b754f4996a5a5b65c
Certificate serial:       019D329A2CCA381DFFBBE555522A8EEB8EAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
Manifest number:          1888
Signing time:             Sat 28 Mar 2026 04:00:57 +0000
Manifest this update:     Sat 28 Mar 2026 04:00:57 +0000
Manifest next update:     Sun 29 Mar 2026 04:00:57 +0000
Files and hashes:         1: JkQpgYmVnJWm1KdLdU9JlqWltlw.crl (hash: kINI+Y5/8oo/GmO4Dtbj5eZ82NRJsumv+KLro2TQAXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:2c:ca:38:1d:ff:bb:e5:55:52:2a:8e:eb:8e:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2644298189959c95a6d4a74b754f4996a5a5b65c
        Validity
            Not Before: Mar 28 04:00:57 2026 GMT
            Not After : Mar 29 04:00:57 2026 GMT
        Subject: CN=eba93bd3501b25cf6b19cfbe92245ca66b80a36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c7:0c:bc:4b:2e:d0:db:ba:69:b5:d1:88:fd:
                    e7:7c:6e:95:6e:ae:0b:a4:d6:3f:02:a2:54:2a:44:
                    40:b4:ae:f6:ba:4c:e4:73:77:25:16:8d:24:6a:77:
                    f6:cd:36:33:2e:a3:b4:f3:c5:ff:43:18:1b:f7:03:
                    76:1b:eb:66:f9:4e:e3:d5:6c:c7:27:88:0c:ce:cd:
                    d7:a3:2c:13:bd:af:b3:66:10:5d:04:97:7b:93:ea:
                    bf:1d:b8:4f:6a:ea:34:79:d5:d5:71:1a:3e:96:18:
                    af:eb:b5:52:08:48:65:bf:d6:eb:85:d5:ba:4a:15:
                    07:2f:13:0f:56:1d:a3:f5:e8:2b:a7:fe:39:13:4b:
                    52:4a:e4:7c:b0:7a:29:6d:b8:30:b3:40:83:3d:6f:
                    f0:cf:4d:ac:c9:3b:83:31:92:03:c2:7d:8e:d2:9f:
                    9e:12:5e:42:d6:8f:24:0d:7b:5c:60:b1:7b:57:57:
                    f6:7f:68:bc:5e:e7:16:5a:c5:91:87:37:56:b4:b7:
                    8c:39:ad:a5:f8:e6:b7:9e:f0:08:a7:4a:2c:9f:49:
                    1e:93:22:64:3f:4f:18:15:f7:92:7b:60:b3:46:59:
                    af:70:54:30:47:69:4b:23:9c:f6:46:da:57:9d:a7:
                    a8:ff:fd:a3:c0:24:9e:61:c9:43:46:4d:49:cb:0b:
                    ed:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:A9:3B:D3:50:1B:25:CF:6B:19:CF:BE:92:24:5C:A6:6B:80:A3:6B
            X509v3 Authority Key Identifier:
                keyid:26:44:29:81:89:95:9C:95:A6:D4:A7:4B:75:4F:49:96:A5:A5:B6:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:fc:d7:46:69:ff:1d:7f:2e:cc:5a:9f:e0:35:9f:08:1d:a6:
         5f:8c:55:53:eb:82:87:78:2e:08:1e:37:23:aa:c5:2d:cd:a0:
         d1:02:57:d5:18:79:08:4b:24:90:da:9b:c8:2a:f8:25:1e:48:
         09:3c:7b:9e:1b:e9:41:3b:d4:b5:46:03:e3:57:f9:5e:59:bf:
         60:4e:9d:68:e7:e0:be:c5:64:f4:9e:db:b3:1e:9d:4b:00:fb:
         d3:f6:da:79:90:ca:39:8e:4a:36:c5:60:e2:f1:e4:8a:2f:b5:
         c1:94:71:aa:72:15:9c:30:2b:69:65:c6:07:e2:b9:07:d2:8e:
         57:2c:97:8e:89:98:f0:de:83:b1:5a:84:54:23:7a:a6:69:af:
         00:cc:3d:cf:43:3e:d8:69:6a:59:90:b7:26:13:e7:ee:7f:09:
         2b:62:fc:da:5b:4d:02:d6:dd:71:19:d6:e7:29:36:e1:67:32:
         c8:5d:80:e1:a4:a2:54:da:49:38:53:36:ba:3e:59:24:5d:be:
         3c:42:08:43:98:10:39:6e:c7:f6:5f:53:13:a4:b1:bd:5c:67:
         de:fb:84:f2:86:27:41:f0:fd:53:27:08:77:b1:6a:f9:0a:c6:
         d9:7c:50:9d:7a:7d:ee:e4:c7:81:b7:5e:38:6c:d3:d4:70:f7:
         5f:93:57:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymizKOB3/u+VVUiqO646tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDQyOTgxODk5NTljOTVhNmQ0YTc0Yjc1NGY0OTk2YTVh
NWI2NWMwHhcNMjYwMzI4MDQwMDU3WhcNMjYwMzI5MDQwMDU3WjAzMTEwLwYDVQQD
EyhlYmE5M2JkMzUwMWIyNWNmNmIxOWNmYmU5MjI0NWNhNjZiODBhMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8cMvEsu0Nu6abXRiP3nfG6Vbq4L
pNY/AqJUKkRAtK72ukzkc3clFo0kanf2zTYzLqO088X/Qxgb9wN2G+tm+U7j1WzH
J4gMzs3XoywTva+zZhBdBJd7k+q/HbhPauo0edXVcRo+lhiv67VSCEhlv9brhdW6
ShUHLxMPVh2j9egrp/45E0tSSuR8sHopbbgws0CDPW/wz02syTuDMZIDwn2O0p+e
El5C1o8kDXtcYLF7V1f2f2i8XucWWsWRhzdWtLeMOa2l+Oa3nvAIp0osn0kekyJk
P08YFfeSe2CzRlmvcFQwR2lLI5z2RtpXnaeo//2jwCSeYclDRk1JywvtpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOupO9NQGyXPaxnPvpIkXKZrgKNrMB8GA1UdIwQY
MBaAFCZEKYGJlZyVptSnS3VPSZalpbZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZDE0ZDAtYmU4Yi00MTcwLTlmZDgt
MDdjZDRhMDYxYzgwLzEvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZDE0ZDAtYmU4Yi00MTcwLTlmZDgtMDdjZDRhMDYxYzgw
LzEvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfzXRmn/
HX8uzFqf4DWfCB2mX4xVU+uCh3guCB43I6rFLc2g0QJX1Rh5CEskkNqbyCr4JR5I
CTx7nhvpQTvUtUYD41f5Xlm/YE6daOfgvsVk9J7bsx6dSwD70/baeZDKOY5KNsVg
4vHkii+1wZRxqnIVnDAraWXGB+K5B9KOVyyXjomY8N6DsVqEVCN6pmmvAMw9z0M+
2GlqWZC3JhPn7n8JK2L82ltNAtbdcRnW5yk24WcyyF2A4aSiVNpJOFM2uj5ZJF2+
PEIIQ5gQOW7H9l9TE6SxvVxn3vuE8oYnQfD9UycId7Fq+QrG2XxQnXp97uTHgbde
OGzT1HD3X5NXpA==
-----END CERTIFICATE-----