Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
File:                     jDJOtM17M3hJro0yb8iZAvUDpMY.mft (raw, json)
Hash identifier:          Shl8EU5QPUssPGyAwLJnhkFDfgybAsBksHns6g5pgH8=
Subject key identifier:   E1:05:12:67:46:54:17:53:B4:3A:59:0F:52:4B:07:02:63:9E:32:67
Authority key identifier: 8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6
Certificate issuer:       /CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
Certificate serial:       019D288431B88ACF6130922DCC80D6A135DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
Manifest number:          033D
Signing time:             Thu 26 Mar 2026 05:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 05:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 05:00:45 +0000
Files and hashes:         1: jDJOtM17M3hJro0yb8iZAvUDpMY.crl (hash: Ig/oLv92UYhKS1sLiRzbRh1HsoffZRogii6Y9+qlgLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:31:b8:8a:cf:61:30:92:2d:cc:80:d6:a1:35:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c324eb4cd7b337849ae8d326fc89902f503a4c6
        Validity
            Not Before: Mar 26 05:00:45 2026 GMT
            Not After : Mar 27 05:00:45 2026 GMT
        Subject: CN=e105126746541753b43a590f524b0702639e3267
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:4d:4f:d2:41:81:a6:9a:30:40:c4:3d:0a:3a:
                    b1:a4:4b:fb:22:92:41:e0:d5:e7:7a:1d:60:06:5d:
                    00:d4:dc:01:4e:8b:11:33:db:f8:2d:e4:5a:0c:1f:
                    a7:2b:d5:5b:90:36:6f:82:e0:f1:e4:89:f2:da:bd:
                    7b:e0:c7:71:c5:89:ac:54:14:63:da:82:7c:ef:15:
                    1d:f1:31:25:2f:42:ab:d5:6f:16:a8:ea:dd:e1:1b:
                    ad:20:4d:77:f5:2f:24:3a:f5:ac:d1:3c:57:ee:d8:
                    a1:6a:ed:3d:e1:fa:ad:af:3a:26:cc:2b:ee:9e:fb:
                    6f:0f:23:af:f7:ee:51:c9:33:1b:ea:4b:53:84:27:
                    8f:d5:2d:71:59:97:bd:db:07:ed:7a:c9:53:07:a5:
                    ca:5b:20:7d:1c:70:45:61:5e:d7:01:35:5f:40:9d:
                    a2:7c:b7:6c:af:e3:dd:3d:da:e4:54:68:a9:8a:58:
                    bb:45:60:35:72:73:90:3a:96:31:32:29:56:c8:61:
                    c0:d3:28:d3:10:a4:80:8a:a7:bd:af:ef:4b:0c:04:
                    b4:9d:fa:7b:68:ad:ac:4b:25:ca:07:1c:56:b1:27:
                    80:e1:3f:aa:e9:69:c5:28:1a:a5:a7:e2:ad:a1:23:
                    b9:4e:64:6a:8f:f3:fe:47:af:b3:75:40:1d:7a:82:
                    ff:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:05:12:67:46:54:17:53:B4:3A:59:0F:52:4B:07:02:63:9E:32:67
            X509v3 Authority Key Identifier:
                keyid:8C:32:4E:B4:CD:7B:33:78:49:AE:8D:32:6F:C8:99:02:F5:03:A4:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDJOtM17M3hJro0yb8iZAvUDpMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bf293-5f0a-47e7-9874-139636b1e263/1/jDJOtM17M3hJro0yb8iZAvUDpMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:fb:f1:14:e9:51:d9:a1:0d:d5:90:67:46:38:dd:d8:3b:79:
         83:e2:46:b6:73:10:9a:16:35:ae:9c:27:ee:44:47:c9:09:0a:
         76:ce:47:a5:87:5a:ef:5c:79:e4:ea:2f:8d:05:6d:b1:2f:17:
         d2:a6:ff:a8:1a:29:56:56:c3:0f:2e:1e:ff:25:80:92:5c:17:
         6b:9e:15:e4:64:59:57:ae:95:85:3b:d6:7c:19:8b:69:52:e6:
         67:65:20:e6:7b:2c:13:c8:c1:32:2b:2c:32:69:2e:86:7a:83:
         0c:32:55:79:02:a8:4e:ce:d3:25:a1:2c:60:86:16:b7:ad:4c:
         67:09:89:8c:92:87:04:11:fb:b3:ce:17:16:53:8b:57:d9:92:
         fc:13:3a:4b:22:ba:2c:32:44:12:c2:50:15:a3:7c:98:a2:aa:
         9c:8f:50:97:4e:b8:12:ac:a4:58:5a:7b:8d:36:00:85:85:27:
         13:00:42:51:e5:bc:cb:f5:4f:6f:8d:11:e5:ad:ef:d9:1e:54:
         b2:ff:af:31:7b:b2:f8:bc:5f:64:e0:19:0c:b9:cf:51:75:ae:
         85:42:0a:17:02:a4:5b:83:a6:9c:2c:e3:b5:e7:9b:50:30:6d:
         4e:ec:b9:de:af:42:58:39:75:2a:17:02:b7:d5:bb:dd:a8:84:
         b8:27:86:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohDG4is9hMJItzIDWoTXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzI0ZWI0Y2Q3YjMzNzg0OWFlOGQzMjZmYzg5OTAyZjUw
M2E0YzYwHhcNMjYwMzI2MDUwMDQ1WhcNMjYwMzI3MDUwMDQ1WjAzMTEwLwYDVQQD
EyhlMTA1MTI2NzQ2NTQxNzUzYjQzYTU5MGY1MjRiMDcwMjYzOWUzMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu01P0kGBppowQMQ9CjqxpEv7IpJB
4NXneh1gBl0A1NwBTosRM9v4LeRaDB+nK9VbkDZvguDx5Iny2r174MdxxYmsVBRj
2oJ87xUd8TElL0Kr1W8WqOrd4RutIE139S8kOvWs0TxX7tihau094fqtrzomzCvu
nvtvDyOv9+5RyTMb6ktThCeP1S1xWZe92wfteslTB6XKWyB9HHBFYV7XATVfQJ2i
fLdsr+PdPdrkVGipili7RWA1cnOQOpYxMilWyGHA0yjTEKSAiqe9r+9LDAS0nfp7
aK2sSyXKBxxWsSeA4T+q6WnFKBqlp+KtoSO5TmRqj/P+R6+zdUAdeoL/NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEFEmdGVBdTtDpZD1JLBwJjnjJnMB8GA1UdIwQY
MBaAFIwyTrTNezN4Sa6NMm/ImQL1A6TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQt
MTM5NjM2YjFlMjYzLzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yYmYyOTMtNWYwYS00N2U3LTk4NzQtMTM5NjM2YjFlMjYz
LzEvakRKT3RNMTdNM2hKcm8weWI4aVpBdlVEcE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAvvxFOlR
2aEN1ZBnRjjd2Dt5g+JGtnMQmhY1rpwn7kRHyQkKds5HpYda71x55OovjQVtsS8X
0qb/qBopVlbDDy4e/yWAklwXa54V5GRZV66VhTvWfBmLaVLmZ2Ug5nssE8jBMiss
MmkuhnqDDDJVeQKoTs7TJaEsYIYWt61MZwmJjJKHBBH7s84XFlOLV9mS/BM6SyK6
LDJEEsJQFaN8mKKqnI9Ql064EqykWFp7jTYAhYUnEwBCUeW8y/VPb40R5a3v2R5U
sv+vMXuy+LxfZOAZDLnPUXWuhUIKFwKkW4OmnCzjteebUDBtTuy53q9CWDl1KhcC
t9W73aiEuCeGPg==
-----END CERTIFICATE-----