Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          FdA3n/poN1iRmKEQsxTQqUVxYHmF1AqKpR7/Y84vugw=
Subject key identifier:   7B:89:AB:A0:B8:75:74:C7:72:74:F6:6D:A3:92:F4:C1:4D:34:DD:D6
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       0198D5BB935B72AD7B68E46E8B350701BD48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0CDD
Signing time:             Sat 23 Aug 2025 07:01:36 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:36 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:36 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: c9J/OHaInAgbPv2Mg4OwGaunU4yYb2QQ1cHTkxI+JDQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:93:5b:72:ad:7b:68:e4:6e:8b:35:07:01:bd:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Aug 23 07:01:36 2025 GMT
            Not After : Aug 24 07:01:36 2025 GMT
        Subject: CN=7b89aba0b87574c77274f66da392f4c14d34ddd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:15:0f:5c:98:bb:8f:a6:42:f9:6b:3b:bc:24:
                    94:6c:de:a8:98:a3:b6:a6:75:c8:5e:c0:6a:a0:a2:
                    e7:f1:30:50:64:b9:a7:f5:28:3d:ff:d0:3c:86:d5:
                    b9:02:4a:4b:88:7f:e2:3f:35:1b:bd:32:fc:a9:d5:
                    b7:ab:63:f7:65:42:8d:4b:c6:21:5c:a6:48:87:24:
                    66:8a:c3:e1:92:73:e1:d5:40:e6:8b:31:83:b6:58:
                    73:69:65:6f:91:8f:4d:0b:1f:03:f7:13:68:4c:ad:
                    f9:45:4a:c9:cd:42:b8:dc:40:84:3a:e7:31:23:db:
                    82:3a:14:fb:d7:8f:66:eb:c9:86:69:a3:d8:34:3b:
                    8d:77:a6:e2:d9:ed:04:79:64:7f:68:28:ae:f2:fd:
                    ab:d2:4a:65:9a:5e:51:79:4c:de:82:2d:c3:d7:fb:
                    c8:e5:b2:0e:89:97:2b:d5:d5:5f:40:bf:b2:de:52:
                    2c:2b:88:3d:4d:d1:d5:9b:46:3e:11:73:79:17:b0:
                    f0:1b:e2:79:48:16:d1:84:08:32:e1:17:76:69:9f:
                    98:72:80:5a:2d:a1:e2:37:86:ed:5f:ba:8b:25:e8:
                    df:3f:4e:96:8a:a6:5a:40:fd:bf:c6:0c:aa:df:e2:
                    f5:d6:56:af:72:3d:28:88:b7:9a:d2:4f:5a:6f:34:
                    d1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:89:AB:A0:B8:75:74:C7:72:74:F6:6D:A3:92:F4:C1:4D:34:DD:D6
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:05:d5:38:f2:1a:dc:cc:58:4c:c7:0e:5c:19:a1:69:0d:56:
         b1:f4:a6:06:a6:6c:71:e4:78:73:95:a5:ea:88:1a:5b:b5:9b:
         ee:76:bd:ab:9b:b2:63:da:20:e9:6f:72:be:9f:ea:2d:40:7b:
         7c:d0:b6:ae:94:84:75:ee:d1:10:6e:52:b7:3d:25:ae:19:0d:
         2c:c5:4e:b4:c6:36:4f:29:25:85:65:13:08:b1:8e:d8:6d:07:
         09:b4:f2:9f:19:99:c5:dc:08:37:92:07:e9:32:6c:ad:0b:1e:
         f3:e8:59:59:4e:ab:b1:3e:c7:99:76:e0:8e:db:d8:da:df:0a:
         c3:ff:bf:bf:69:43:d9:0f:6a:4a:ba:4c:ed:3a:6e:9a:52:d3:
         01:49:47:f5:96:1a:2a:a2:53:2c:b9:70:2b:26:34:1f:89:41:
         5c:36:2a:7f:2c:ce:af:ee:d9:62:5f:b5:03:64:6c:3a:64:0d:
         2f:69:72:87:26:9c:8f:9f:39:f1:18:28:2e:66:bd:5b:8b:b0:
         70:eb:e3:9b:8b:cb:07:6d:58:c1:bb:6a:40:88:2e:50:95:07:
         f6:1b:52:82:3b:aa:0a:a2:0b:c7:c1:72:73:a6:8d:3f:ca:11:
         82:fd:c6:da:1b:de:e1:ec:a6:e7:cf:f2:c5:a0:e1:2d:4c:bf:
         38:4d:dd:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu5Nbcq17aORuizUHAb1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwODIzMDcwMTM2WhcNMjUwODI0MDcwMTM2WjAzMTEwLwYDVQQD
Eyg3Yjg5YWJhMGI4NzU3NGM3NzI3NGY2NmRhMzkyZjRjMTRkMzRkZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBUPXJi7j6ZC+Ws7vCSUbN6omKO2
pnXIXsBqoKLn8TBQZLmn9Sg9/9A8htW5AkpLiH/iPzUbvTL8qdW3q2P3ZUKNS8Yh
XKZIhyRmisPhknPh1UDmizGDtlhzaWVvkY9NCx8D9xNoTK35RUrJzUK43ECEOucx
I9uCOhT7149m68mGaaPYNDuNd6bi2e0EeWR/aCiu8v2r0kplml5ReUzegi3D1/vI
5bIOiZcr1dVfQL+y3lIsK4g9TdHVm0Y+EXN5F7DwG+J5SBbRhAgy4Rd2aZ+YcoBa
LaHiN4btX7qLJejfP06WiqZaQP2/xgyq3+L11lavcj0oiLea0k9abzTRzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuJq6C4dXTHcnT2baOS9MFNNN3WMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwXVOPIa
3MxYTMcOXBmhaQ1WsfSmBqZsceR4c5Wl6ogaW7Wb7na9q5uyY9og6W9yvp/qLUB7
fNC2rpSEde7REG5Stz0lrhkNLMVOtMY2TyklhWUTCLGO2G0HCbTynxmZxdwIN5IH
6TJsrQse8+hZWU6rsT7HmXbgjtvY2t8Kw/+/v2lD2Q9qSrpM7TpumlLTAUlH9ZYa
KqJTLLlwKyY0H4lBXDYqfyzOr+7ZYl+1A2RsOmQNL2lyhyacj5858RgoLma9W4uw
cOvjm4vLB21YwbtqQIguUJUH9htSgjuqCqILx8Fyc6aNP8oRgv3G2hve4eym58/y
xaDhLUy/OE3dLQ==
-----END CERTIFICATE-----