Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          zARA2kwxbWI3TpJHkcrFtejp/309lVHj8GWJLqD4/tw=
Subject key identifier:   DB:B4:97:09:F7:FE:08:3D:AE:62:21:4C:12:09:78:CE:62:A4:E5:61
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       0199FD3469855DF7B819A94EA6DB6683130C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0D76
Signing time:             Sun 19 Oct 2025 16:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:34 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: A/TnSEDYAB8t5Lv4KSeCfQu3AiSYEPZ7+Fr+W0sJ5U4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:69:85:5d:f7:b8:19:a9:4e:a6:db:66:83:13:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Oct 19 16:01:34 2025 GMT
            Not After : Oct 20 16:01:34 2025 GMT
        Subject: CN=dbb49709f7fe083dae62214c120978ce62a4e561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:79:72:c9:98:9d:62:3f:7e:13:00:6f:99:c9:
                    78:c3:a8:aa:d0:55:25:30:87:35:ef:48:38:20:bb:
                    a4:ad:87:49:eb:d1:7c:d4:39:75:e7:04:b5:7c:f7:
                    3b:b6:c4:bc:21:01:e7:90:33:60:7f:9c:09:d7:80:
                    dd:ed:1b:c9:58:93:9c:8e:d8:67:3b:17:0b:ab:02:
                    1b:d4:5f:0e:af:3c:e1:bb:3d:96:53:b7:a1:2c:17:
                    0a:ed:99:a9:0f:a8:8c:d6:5b:81:0f:6c:6b:31:a6:
                    1f:d3:74:25:83:a1:06:de:13:f0:60:eb:da:0a:bc:
                    4c:5d:76:ce:98:92:c1:20:d9:75:c1:42:8e:38:bb:
                    b9:11:f3:eb:f3:cd:aa:18:ec:40:d6:c5:02:c0:76:
                    71:09:92:77:ed:c5:82:3c:b2:ae:16:cd:73:de:e3:
                    68:ba:de:d3:68:0c:84:dc:06:87:c4:fd:a2:a4:ae:
                    d7:8f:6e:db:5f:ac:3b:33:5d:f2:3d:11:a0:72:12:
                    98:79:81:22:c9:8a:4e:45:3c:21:60:70:63:2f:3d:
                    b8:83:81:9e:fd:aa:dc:92:c0:50:e3:95:85:3f:4b:
                    9a:4d:af:e6:fe:50:b5:d6:fb:88:cd:f5:6e:40:cf:
                    5a:bf:c8:e6:46:70:bd:31:5d:06:1c:89:f9:67:e4:
                    9f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:B4:97:09:F7:FE:08:3D:AE:62:21:4C:12:09:78:CE:62:A4:E5:61
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:91:52:3e:71:8c:7f:a9:d2:a4:2f:5f:b6:0d:74:0e:e0:26:
         56:09:85:5b:ba:35:ba:fa:2e:92:8c:e6:6d:9f:dd:37:a6:14:
         ac:58:e2:2a:f5:41:c1:d2:71:6c:46:a3:bd:0b:03:80:29:4e:
         ae:1d:b8:af:18:b0:a6:f0:b8:65:78:5b:b4:ec:97:3c:63:da:
         5b:35:7a:9d:f8:c3:ce:01:41:02:0a:10:5e:81:e8:c9:57:d4:
         52:18:43:e7:14:34:a8:9a:20:d0:5e:2b:c6:9b:c7:9f:f2:f0:
         d8:df:a0:4a:7d:a4:d1:a1:6b:b5:66:e6:87:4c:c2:47:f0:f4:
         c7:29:42:9d:5a:c9:3b:82:26:50:4f:be:48:33:04:d5:21:fe:
         e3:3e:2a:b5:9b:da:b3:51:67:16:16:93:c1:5d:ab:a5:4a:e6:
         13:e4:4b:fe:06:1a:ec:fb:6d:04:df:bb:0f:82:35:89:82:10:
         d3:ed:90:9f:6d:94:1e:51:e1:54:40:32:4e:b8:7f:1a:a8:f2:
         97:a8:e0:84:99:92:be:48:5c:2c:7d:62:16:87:c5:c3:9e:17:
         5e:d2:3e:e6:e3:24:f7:87:73:48:bd:02:32:0e:16:03:6a:72:
         fc:ac:40:9a:c6:7c:43:7f:18:f6:e0:da:75:61:07:10:9f:cd:
         3d:08:9f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NGmFXfe4GalOpttmgxMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUxMDE5MTYwMTM0WhcNMjUxMDIwMTYwMTM0WjAzMTEwLwYDVQQD
EyhkYmI0OTcwOWY3ZmUwODNkYWU2MjIxNGMxMjA5NzhjZTYyYTRlNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXlyyZidYj9+EwBvmcl4w6iq0FUl
MIc170g4ILukrYdJ69F81Dl15wS1fPc7tsS8IQHnkDNgf5wJ14Dd7RvJWJOcjthn
OxcLqwIb1F8Orzzhuz2WU7ehLBcK7ZmpD6iM1luBD2xrMaYf03Qlg6EG3hPwYOva
CrxMXXbOmJLBINl1wUKOOLu5EfPr882qGOxA1sUCwHZxCZJ37cWCPLKuFs1z3uNo
ut7TaAyE3AaHxP2ipK7Xj27bX6w7M13yPRGgchKYeYEiyYpORTwhYHBjLz24g4Ge
/arcksBQ45WFP0uaTa/m/lC11vuIzfVuQM9av8jmRnC9MV0GHIn5Z+SfMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNu0lwn3/gg9rmIhTBIJeM5ipOVhMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpFSPnGM
f6nSpC9ftg10DuAmVgmFW7o1uvoukozmbZ/dN6YUrFjiKvVBwdJxbEajvQsDgClO
rh24rxiwpvC4ZXhbtOyXPGPaWzV6nfjDzgFBAgoQXoHoyVfUUhhD5xQ0qJog0F4r
xpvHn/Lw2N+gSn2k0aFrtWbmh0zCR/D0xylCnVrJO4ImUE++SDME1SH+4z4qtZva
s1FnFhaTwV2rpUrmE+RL/gYa7PttBN+7D4I1iYIQ0+2Qn22UHlHhVEAyTrh/Gqjy
l6jghJmSvkhcLH1iFofFw54XXtI+5uMk94dzSL0CMg4WA2py/KxAmsZ8Q38Y9uDa
dWEHEJ/NPQifnQ==
-----END CERTIFICATE-----