Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
File:                     JQou0RQnyhZIM4Ur1JydtT1j5js.mft (raw, json)
Hash identifier:          vzG4Fy/LIJB+eUwuo9bkupvhqjaFsbcCiwucatPiXh4=
Subject key identifier:   AB:B4:A9:94:2E:25:09:62:65:4F:02:05:43:07:64:43:B1:97:DE:DD
Authority key identifier: 25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B
Certificate issuer:       /CN=250a2ed11427ca164833852bd49c9db53d63e63b
Certificate serial:       019D2816633F7977F5DAAF32D213CE27A74C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
Manifest number:          0423
Signing time:             Thu 26 Mar 2026 03:00:48 +0000
Manifest this update:     Thu 26 Mar 2026 03:00:48 +0000
Manifest next update:     Fri 27 Mar 2026 03:00:48 +0000
Files and hashes:         1: JQou0RQnyhZIM4Ur1JydtT1j5js.crl (hash: K6lJJE3+sPVuyLrLsTWNXRVkpeIrwVaqopUlnvq+UoI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:63:3f:79:77:f5:da:af:32:d2:13:ce:27:a7:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=250a2ed11427ca164833852bd49c9db53d63e63b
        Validity
            Not Before: Mar 26 03:00:48 2026 GMT
            Not After : Mar 27 03:00:48 2026 GMT
        Subject: CN=abb4a9942e250962654f020543076443b197dedd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2d:a6:ec:58:35:9e:4a:a4:f0:aa:43:02:aa:
                    c5:6d:d5:87:60:cc:69:45:8c:62:8d:de:c6:84:f6:
                    62:e7:8a:e0:1b:c6:5e:89:e2:f2:9c:9e:94:e0:4a:
                    9a:c5:43:0b:51:89:67:98:76:92:30:8d:93:3f:f7:
                    5e:5f:2d:0c:15:7a:f2:22:5b:d4:8f:f2:93:86:75:
                    9f:cd:85:28:ba:7d:d0:d1:6b:fe:db:c4:e7:50:f1:
                    12:3f:52:b5:60:5b:25:80:9a:23:40:e8:e7:ec:9d:
                    31:3a:8e:1f:d2:be:b5:19:be:fe:c0:bd:8e:31:ad:
                    9f:9e:5d:9d:82:bf:b2:ff:0e:ff:36:07:03:b7:e5:
                    b3:db:ed:65:5c:cf:c4:64:e6:a7:9d:1e:0b:2b:54:
                    e9:c6:10:72:a4:f2:ef:1d:b4:d0:74:4d:49:71:1f:
                    19:63:88:b2:fb:23:90:90:d2:4b:4f:56:ad:7e:f7:
                    5b:e1:b0:0e:27:74:d6:79:e9:20:6c:79:8d:c0:0b:
                    88:7e:fe:7d:2b:95:c9:68:30:0e:c0:bd:dc:4e:24:
                    3b:56:66:12:84:ad:96:30:cf:85:2d:72:c0:14:c5:
                    e8:fc:d8:09:fe:95:25:57:22:03:af:3a:8a:77:c8:
                    a8:7b:72:e6:cc:fa:62:5e:5b:1b:02:c1:ef:f4:66:
                    8d:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:B4:A9:94:2E:25:09:62:65:4F:02:05:43:07:64:43:B1:97:DE:DD
            X509v3 Authority Key Identifier:
                keyid:25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:31:29:91:84:58:43:89:f3:da:fa:2b:ac:bd:e8:4f:e8:30:
         59:29:81:f4:ac:24:4b:8f:6a:29:05:34:4f:22:51:b0:65:60:
         e6:70:ee:9f:5f:c3:1a:28:f2:f1:59:ee:4b:e1:42:d6:db:c4:
         09:e2:c9:31:e4:aa:86:c5:71:0b:bd:84:7f:25:f2:a8:f1:74:
         53:d8:fb:17:45:a6:2c:d4:5a:a3:56:0b:f1:be:a3:ca:ad:c2:
         ba:56:56:67:2c:03:a9:46:39:07:45:0d:9b:9b:ac:05:33:0e:
         c5:61:20:ea:e2:9b:e3:97:6c:08:e6:76:60:6f:db:bf:9f:83:
         1b:cc:e3:51:19:a7:7f:4a:58:a2:9a:93:c4:ce:d8:9d:69:9e:
         a8:d8:1a:e1:31:d2:b3:3c:0d:db:ed:3e:5d:16:b1:b0:4e:77:
         8e:24:23:ae:26:c8:ed:f0:4f:6c:f4:3e:7b:f1:46:be:f3:51:
         33:68:ce:f6:60:ad:4c:c7:ca:4b:a0:70:cf:58:01:99:f4:c9:
         3b:4a:f1:5c:85:53:be:79:93:16:e0:8e:6a:da:63:b1:b7:3e:
         8c:2f:e6:2e:e2:76:73:c9:7e:3b:e5:d1:77:a1:2d:89:90:83:
         aa:88:95:43:66:9b:ae:c9:29:c0:a9:9b:a9:30:ad:ab:3e:14:
         7d:b7:e1:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFmM/eXf12q8y0hPOJ6dMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGEyZWQxMTQyN2NhMTY0ODMzODUyYmQ0OWM5ZGI1M2Q2
M2U2M2IwHhcNMjYwMzI2MDMwMDQ4WhcNMjYwMzI3MDMwMDQ4WjAzMTEwLwYDVQQD
EyhhYmI0YTk5NDJlMjUwOTYyNjU0ZjAyMDU0MzA3NjQ0M2IxOTdkZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC2m7Fg1nkqk8KpDAqrFbdWHYMxp
RYxijd7GhPZi54rgG8ZeieLynJ6U4EqaxUMLUYlnmHaSMI2TP/deXy0MFXryIlvU
j/KThnWfzYUoun3Q0Wv+28TnUPESP1K1YFslgJojQOjn7J0xOo4f0r61Gb7+wL2O
Ma2fnl2dgr+y/w7/NgcDt+Wz2+1lXM/EZOannR4LK1TpxhBypPLvHbTQdE1JcR8Z
Y4iy+yOQkNJLT1atfvdb4bAOJ3TWeekgbHmNwAuIfv59K5XJaDAOwL3cTiQ7VmYS
hK2WMM+FLXLAFMXo/NgJ/pUlVyIDrzqKd8ioe3LmzPpiXlsbAsHv9GaNHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKu0qZQuJQliZU8CBUMHZEOxl97dMB8GA1UdIwQY
MBaAFCUKLtEUJ8oWSDOFK9ScnbU9Y+Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEt
NTVjNjVjNDE1YjM2LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEtNTVjNjVjNDE1YjM2
LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApzEpkYRY
Q4nz2vorrL3oT+gwWSmB9KwkS49qKQU0TyJRsGVg5nDun1/DGijy8VnuS+FC1tvE
CeLJMeSqhsVxC72EfyXyqPF0U9j7F0WmLNRao1YL8b6jyq3CulZWZywDqUY5B0UN
m5usBTMOxWEg6uKb45dsCOZ2YG/bv5+DG8zjURmnf0pYopqTxM7YnWmeqNga4THS
szwN2+0+XRaxsE53jiQjribI7fBPbPQ+e/FGvvNRM2jO9mCtTMfKS6Bwz1gBmfTJ
O0rxXIVTvnmTFuCOatpjsbc+jC/mLuJ2c8l+O+XRd6EtiZCDqoiVQ2abrskpwKmb
qTCtqz4UfbfhAQ==
-----END CERTIFICATE-----