Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          n3mqbQdarW7KlLTNsncofyyq3jalVvT4aDaSUKn1pTk=
Subject key identifier:   A7:9E:8C:63:D2:BF:45:0F:79:D7:34:1C:D7:0D:75:92:83:1C:F9:EC
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       019D2816864478D692C56DDB4F3D3B90652A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          15C2
Signing time:             Thu 26 Mar 2026 03:00:57 +0000
Manifest this update:     Thu 26 Mar 2026 03:00:57 +0000
Manifest next update:     Fri 27 Mar 2026 03:00:57 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: NaUDrTqDjiRuCT1hfwOk3jLdAqEgxP7iDYPWVYGveZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:86:44:78:d6:92:c5:6d:db:4f:3d:3b:90:65:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: Mar 26 03:00:57 2026 GMT
            Not After : Mar 27 03:00:57 2026 GMT
        Subject: CN=a79e8c63d2bf450f79d7341cd70d7592831cf9ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4f:e3:4c:f4:d6:bc:31:a0:61:eb:83:c0:fb:
                    ad:27:7f:bd:69:c6:e3:7f:01:28:6c:20:27:00:c4:
                    4c:7e:7a:66:1f:d5:c8:4c:7a:91:08:da:0e:fe:76:
                    f8:ec:ab:1d:2a:c9:fb:d4:13:98:66:c8:67:5f:8d:
                    8f:81:74:07:4f:c1:64:a8:a9:1f:a3:dd:4b:21:ac:
                    17:be:91:c6:35:2e:40:35:1f:d2:40:35:d0:0a:cb:
                    24:21:1c:66:56:10:05:17:61:d0:64:c3:15:22:5e:
                    18:4c:ac:82:79:05:97:14:8e:39:ef:88:e5:3d:07:
                    13:c2:cd:d8:98:3c:47:6d:d9:25:fe:bb:89:fb:f8:
                    b5:2d:d7:61:db:ba:65:d5:a2:3f:1f:2b:01:40:0e:
                    45:30:87:87:d5:df:0e:2b:b0:50:d0:24:3a:a1:27:
                    ea:b1:82:f9:b0:e5:87:30:c7:7b:e7:f4:d6:8e:85:
                    97:d8:53:0f:02:b6:a0:4d:b5:ec:8f:42:e3:d2:18:
                    83:d3:f7:5e:a7:0a:27:e8:a3:27:af:32:a8:1a:4d:
                    24:9d:dd:e8:59:a5:cc:d8:c7:23:03:cf:46:58:36:
                    53:be:9c:a6:ed:e4:1b:fe:50:d0:de:0e:39:61:52:
                    f4:fb:bf:90:42:1e:07:56:ad:b4:2c:c4:61:95:2e:
                    ff:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:9E:8C:63:D2:BF:45:0F:79:D7:34:1C:D7:0D:75:92:83:1C:F9:EC
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:3a:6d:8a:c6:b2:9c:e7:89:dc:2a:0b:f0:2c:eb:1c:a7:d4:
         eb:1c:00:53:36:32:42:fc:aa:a1:d4:c5:12:85:03:3d:0e:81:
         88:f9:c0:48:8f:b9:07:3e:c6:8f:35:42:90:4a:8a:d9:ca:c0:
         7d:c9:e7:83:f9:b2:62:54:2a:33:18:04:19:a9:dc:e6:8f:66:
         13:a8:e8:ab:f8:ca:f3:43:78:af:d7:92:e5:aa:6a:a2:0a:d9:
         21:2b:da:1f:df:0d:e8:b9:8a:e6:13:ff:f8:4c:03:72:c7:40:
         4f:e6:87:36:4b:77:5b:4e:ee:48:a3:b0:a3:d2:01:75:a5:56:
         ce:86:6d:b3:07:38:f2:93:37:c8:87:8b:61:78:18:22:5e:88:
         b5:2b:43:59:e6:29:d1:45:74:e1:66:e7:d3:95:c9:0a:27:57:
         2c:06:d2:04:31:74:d3:87:52:b1:5c:72:cf:49:4a:63:c2:93:
         b7:66:97:25:3f:08:40:25:7e:56:a5:0f:e0:88:11:34:c4:bb:
         4a:57:a6:62:89:82:28:53:9e:5b:2e:f9:ed:a5:d6:5b:58:f4:
         5a:35:6b:b7:c0:bb:53:af:6b:2b:fa:84:8d:0e:15:dc:08:60:
         c4:0a:a8:c9:ad:7d:c0:13:8a:7e:4b:02:d8:6f:94:8e:39:57:
         9b:d8:af:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFoZEeNaSxW3bTz07kGUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjYwMzI2MDMwMDU3WhcNMjYwMzI3MDMwMDU3WjAzMTEwLwYDVQQD
EyhhNzllOGM2M2QyYmY0NTBmNzlkNzM0MWNkNzBkNzU5MjgzMWNmOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0/jTPTWvDGgYeuDwPutJ3+9acbj
fwEobCAnAMRMfnpmH9XITHqRCNoO/nb47KsdKsn71BOYZshnX42PgXQHT8FkqKkf
o91LIawXvpHGNS5ANR/SQDXQCsskIRxmVhAFF2HQZMMVIl4YTKyCeQWXFI4574jl
PQcTws3YmDxHbdkl/ruJ+/i1Lddh27pl1aI/HysBQA5FMIeH1d8OK7BQ0CQ6oSfq
sYL5sOWHMMd75/TWjoWX2FMPAragTbXsj0Lj0hiD0/depwon6KMnrzKoGk0knd3o
WaXM2McjA89GWDZTvpym7eQb/lDQ3g45YVL0+7+QQh4HVq20LMRhlS7/TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeejGPSv0UPedc0HNcNdZKDHPnsMB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADDptisay
nOeJ3CoL8CzrHKfU6xwAUzYyQvyqodTFEoUDPQ6BiPnASI+5Bz7GjzVCkEqK2crA
fcnng/myYlQqMxgEGanc5o9mE6joq/jK80N4r9eS5apqogrZISvaH98N6LmK5hP/
+EwDcsdAT+aHNkt3W07uSKOwo9IBdaVWzoZtswc48pM3yIeLYXgYIl6ItStDWeYp
0UV04Wbn05XJCidXLAbSBDF004dSsVxyz0lKY8KTt2aXJT8IQCV+VqUP4IgRNMS7
SlemYomCKFOeWy757aXWW1j0WjVrt8C7U69rK/qEjQ4V3AhgxAqoya19wBOKfksC
2G+UjjlXm9ivOw==
-----END CERTIFICATE-----