Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          0obEGAhFNIyOdg5iTUs3vO/8kEc52Lm/7hq2kPNklgs=
Subject key identifier:   B0:75:38:76:C3:C4:FA:71:CB:64:94:99:4D:DA:E8:5C:B9:69:0D:D8
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019D2A3B9AB18319978A0E81ACFFEF49A935
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0F1B
Signing time:             Thu 26 Mar 2026 13:00:42 +0000
Manifest this update:     Thu 26 Mar 2026 13:00:42 +0000
Manifest next update:     Fri 27 Mar 2026 13:00:42 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: 8oSy0Os18u907BvBPpv49hD3AvaY7BKwNbo9YMIgMtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3b:9a:b1:83:19:97:8a:0e:81:ac:ff:ef:49:a9:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Mar 26 13:00:42 2026 GMT
            Not After : Mar 27 13:00:42 2026 GMT
        Subject: CN=b0753876c3c4fa71cb6494994ddae85cb9690dd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:26:e3:38:e5:57:73:9c:01:26:b1:43:e5:7e:
                    d3:e3:ba:e8:d3:91:28:ce:2d:35:16:25:57:a5:ce:
                    70:0e:1e:c6:3b:f8:1a:7e:62:45:57:5b:0e:9e:38:
                    65:6c:42:3c:21:e4:c4:1f:61:f4:c3:5c:1c:57:f0:
                    c1:d9:54:92:14:31:38:d5:7a:6e:14:56:84:73:eb:
                    84:b4:e3:8b:83:48:18:7b:cf:65:0c:ea:78:26:2d:
                    97:17:04:2d:bb:8d:39:24:a7:fc:84:44:79:8b:39:
                    d0:2a:cf:83:e2:b0:29:61:bb:11:7e:09:a8:fe:81:
                    2a:49:96:94:2b:c0:fe:24:11:84:bb:81:8e:4e:b9:
                    37:49:50:e7:4b:6a:12:0b:96:59:ea:88:b3:78:27:
                    c2:a8:91:3b:90:20:e0:f2:95:a5:0f:6a:7e:9b:15:
                    ba:83:69:ce:ad:5e:93:c2:8f:f3:0d:7b:e8:96:00:
                    68:b4:df:c1:33:9e:89:23:ec:b0:3b:66:47:53:69:
                    dd:e7:66:6c:0a:f3:93:a7:d3:11:be:63:2a:f8:4d:
                    77:81:9f:ce:97:8c:85:aa:87:c1:4a:4b:46:87:62:
                    cf:2f:e1:99:66:e8:04:25:ad:06:8e:6f:ff:60:c1:
                    2d:7e:c8:84:2c:95:4a:48:f9:c1:56:30:29:a8:18:
                    9e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:75:38:76:C3:C4:FA:71:CB:64:94:99:4D:DA:E8:5C:B9:69:0D:D8
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:e8:fc:0d:26:d4:07:8a:05:66:2d:d8:47:8a:38:a7:73:dc:
         d0:96:29:6c:c7:9a:eb:53:d0:7b:fe:09:ad:33:d2:55:0d:4c:
         84:ec:1f:bf:f3:8f:d9:1e:54:34:d5:5b:cc:4e:49:ae:77:fe:
         14:22:e3:e5:98:4a:7c:03:ac:7d:e3:99:51:80:70:d9:62:af:
         4f:57:8a:5b:e3:c5:ee:4e:c7:de:83:f4:ce:99:23:10:d9:0b:
         91:75:46:7f:b5:6c:19:31:7c:42:50:4f:e4:c3:2a:ef:70:fc:
         e5:11:ac:95:a0:c5:60:fa:dd:7e:88:97:7e:b7:02:b2:84:9a:
         c2:8b:fd:e2:12:8c:b0:6d:97:c7:5d:37:5d:8d:7f:3c:aa:17:
         b9:fe:b3:d2:9b:64:85:00:81:4b:5d:f8:64:e2:55:a5:71:11:
         82:98:80:ae:80:8f:55:df:27:25:07:e0:28:8c:a9:7f:1c:99:
         6a:f1:f5:f6:09:f2:00:1f:94:27:c3:8e:05:20:50:fb:37:9b:
         80:d5:9e:9f:9b:cd:d0:a0:6b:4e:da:ec:90:97:a1:c6:9b:39:
         41:0a:0f:93:10:a8:6c:df:5f:c8:7e:b0:a3:6d:03:cc:f3:5d:
         e3:d4:8b:ac:34:8c:91:7b:53:05:38:b0:05:77:ea:5a:8d:66:
         90:3c:1e:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO5qxgxmXig6BrP/vSak1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjYwMzI2MTMwMDQyWhcNMjYwMzI3MTMwMDQyWjAzMTEwLwYDVQQD
EyhiMDc1Mzg3NmMzYzRmYTcxY2I2NDk0OTk0ZGRhZTg1Y2I5NjkwZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCbjOOVXc5wBJrFD5X7T47ro05Eo
zi01FiVXpc5wDh7GO/gafmJFV1sOnjhlbEI8IeTEH2H0w1wcV/DB2VSSFDE41Xpu
FFaEc+uEtOOLg0gYe89lDOp4Ji2XFwQtu405JKf8hER5iznQKs+D4rApYbsRfgmo
/oEqSZaUK8D+JBGEu4GOTrk3SVDnS2oSC5ZZ6oizeCfCqJE7kCDg8pWlD2p+mxW6
g2nOrV6Two/zDXvolgBotN/BM56JI+ywO2ZHU2nd52ZsCvOTp9MRvmMq+E13gZ/O
l4yFqofBSktGh2LPL+GZZugEJa0Gjm//YMEtfsiELJVKSPnBVjApqBieuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLB1OHbDxPpxy2SUmU3a6Fy5aQ3YMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+j8DSbU
B4oFZi3YR4o4p3Pc0JYpbMea61PQe/4JrTPSVQ1MhOwfv/OP2R5UNNVbzE5Jrnf+
FCLj5ZhKfAOsfeOZUYBw2WKvT1eKW+PF7k7H3oP0zpkjENkLkXVGf7VsGTF8QlBP
5MMq73D85RGslaDFYPrdfoiXfrcCsoSawov94hKMsG2Xx103XY1/PKoXuf6z0ptk
hQCBS134ZOJVpXERgpiAroCPVd8nJQfgKIypfxyZavH19gnyAB+UJ8OOBSBQ+zeb
gNWen5vN0KBrTtrskJehxps5QQoPkxCobN9fyH6wo20DzPNd49SLrDSMkXtTBTiw
BXfqWo1mkDwe2w==
-----END CERTIFICATE-----