Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft
File:                     JGJNNpZGiPmJxkSsIBH0Fl086wc.mft (raw, json)
Hash identifier:          3xykH/fiQtm7x5henMmIHHeioB1/AmjhblEGqz/vnBc=
Subject key identifier:   81:B2:A2:57:B7:DF:2E:B8:D0:EF:B5:F0:AA:0F:BB:7D:AF:1B:7D:79
Authority key identifier: 24:62:4D:36:96:46:88:F9:89:C6:44:AC:20:11:F4:16:5D:3C:EB:07
Certificate issuer:       /CN=24624d36964688f989c644ac2011f4165d3ceb07
Certificate serial:       019CA97D85A0CE835C8D8F54621ABC52E70E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JGJNNpZGiPmJxkSsIBH0Fl086wc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft
Manifest number:          0B9D
Signing time:             Sun 01 Mar 2026 13:01:41 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:41 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:41 +0000
Files and hashes:         1: JGJNNpZGiPmJxkSsIBH0Fl086wc.crl (hash: erLY6bDMe7y0fTQJoFkSG5tDd2y5x3AGy/2TTf+sL9E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JGJNNpZGiPmJxkSsIBH0Fl086wc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:85:a0:ce:83:5c:8d:8f:54:62:1a:bc:52:e7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24624d36964688f989c644ac2011f4165d3ceb07
        Validity
            Not Before: Mar  1 13:01:41 2026 GMT
            Not After : Mar  2 13:01:41 2026 GMT
        Subject: CN=81b2a257b7df2eb8d0efb5f0aa0fbb7daf1b7d79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:a8:c6:9d:39:c7:5b:29:af:47:c1:5f:df:7f:
                    27:2a:b8:ee:fa:18:2f:38:14:fa:bc:3b:54:53:22:
                    02:11:5d:40:df:fd:54:32:db:25:02:54:42:27:67:
                    79:64:ff:3b:d1:41:ff:67:27:45:84:e0:2e:55:62:
                    47:21:2f:5b:cb:48:81:66:d2:bc:30:12:b3:85:f7:
                    d9:20:08:45:65:d7:00:2b:c6:67:b2:f9:5a:e9:59:
                    fe:41:dd:54:5e:8d:db:79:f7:65:d5:49:e5:67:c7:
                    33:97:8c:45:19:99:36:10:12:c9:3a:58:65:c5:fa:
                    65:60:92:a0:77:e8:4b:9c:36:7d:61:76:97:7a:ba:
                    cc:b0:3c:54:a2:6a:85:05:4d:0e:b4:69:c9:ae:be:
                    77:0b:92:b3:ec:29:44:76:fd:6f:45:d2:41:b2:11:
                    fb:c5:53:11:91:77:3d:2c:e8:01:76:2a:43:75:88:
                    98:f3:57:a0:8f:04:bf:3d:a6:b1:27:e4:57:7f:ac:
                    9c:72:81:f4:90:67:c8:06:ee:e2:31:c5:04:d0:20:
                    dc:b0:df:9a:fe:e1:79:1a:3b:c1:6c:1d:0a:b3:bd:
                    ac:01:48:9a:d4:ce:3f:26:04:6b:6a:1d:2a:11:eb:
                    9d:f8:04:76:82:86:88:8f:e3:58:d9:e6:ec:08:1f:
                    d5:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:B2:A2:57:B7:DF:2E:B8:D0:EF:B5:F0:AA:0F:BB:7D:AF:1B:7D:79
            X509v3 Authority Key Identifier:
                keyid:24:62:4D:36:96:46:88:F9:89:C6:44:AC:20:11:F4:16:5D:3C:EB:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JGJNNpZGiPmJxkSsIBH0Fl086wc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/739291-2d5c-4c1d-9079-027e8c09146b/1/JGJNNpZGiPmJxkSsIBH0Fl086wc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:ff:a4:82:83:86:c3:51:27:a2:fa:2f:15:0a:33:a1:dd:bd:
         45:3e:a0:38:69:b8:76:39:8e:5a:85:d0:6a:16:07:0b:e7:6b:
         8a:a4:97:8f:ca:76:48:2d:1a:70:8b:6b:79:a1:34:ea:0d:a5:
         6b:7b:10:14:b3:50:0b:4f:f7:04:c5:46:21:59:eb:13:0d:36:
         36:d3:c8:fd:89:40:14:56:fe:ba:46:03:d1:a5:0f:fb:06:89:
         74:55:99:c7:23:54:9f:5c:0d:2a:55:47:8b:1f:01:cd:01:ea:
         d4:c6:b4:1d:14:ac:50:7b:1c:0b:80:be:a5:8f:81:74:d1:e5:
         df:48:70:98:5c:c6:4d:93:50:15:8b:bc:e1:aa:2c:b6:b6:c8:
         d8:58:d0:a3:73:91:e6:56:e0:ca:07:fc:1c:7c:11:1c:8d:27:
         34:57:4b:c2:74:8e:57:20:2a:c0:77:86:d9:f7:d4:9c:d5:e5:
         df:30:de:95:36:d0:2d:42:2c:7d:06:30:41:8b:98:51:1a:17:
         24:c1:8c:af:85:ca:e5:6a:5f:cc:1d:62:c4:e0:31:d9:e5:50:
         f4:d7:4a:6e:f0:69:ce:42:63:e5:1e:61:08:b4:9b:9b:af:d1:
         b2:54:85:f2:5f:a0:9c:ba:ec:bb:8a:07:d9:d6:94:a9:be:8a:
         90:f5:4c:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfYWgzoNcjY9UYhq8UucOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NjI0ZDM2OTY0Njg4Zjk4OWM2NDRhYzIwMTFmNDE2NWQz
Y2ViMDcwHhcNMjYwMzAxMTMwMTQxWhcNMjYwMzAyMTMwMTQxWjAzMTEwLwYDVQQD
Eyg4MWIyYTI1N2I3ZGYyZWI4ZDBlZmI1ZjBhYTBmYmI3ZGFmMWI3ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKjGnTnHWymvR8Ff338nKrju+hgv
OBT6vDtUUyICEV1A3/1UMtslAlRCJ2d5ZP870UH/ZydFhOAuVWJHIS9by0iBZtK8
MBKzhffZIAhFZdcAK8Znsvla6Vn+Qd1UXo3befdl1UnlZ8czl4xFGZk2EBLJOlhl
xfplYJKgd+hLnDZ9YXaXerrMsDxUomqFBU0OtGnJrr53C5Kz7ClEdv1vRdJBshH7
xVMRkXc9LOgBdipDdYiY81egjwS/PaaxJ+RXf6yccoH0kGfIBu7iMcUE0CDcsN+a
/uF5GjvBbB0Ks72sAUia1M4/JgRrah0qEeud+AR2goaIj+NY2ebsCB/VAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGyole33y640O+18KoPu32vG315MB8GA1UdIwQY
MBaAFCRiTTaWRoj5icZErCAR9BZdPOsHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkdKTk5wWkdpUG1KeGtTc0lCSDBGbDA4NndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83MzkyOTEtMmQ1Yy00YzFkLTkwNzkt
MDI3ZThjMDkxNDZiLzEvSkdKTk5wWkdpUG1KeGtTc0lCSDBGbDA4NndjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83MzkyOTEtMmQ1Yy00YzFkLTkwNzktMDI3ZThjMDkxNDZi
LzEvSkdKTk5wWkdpUG1KeGtTc0lCSDBGbDA4NndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOv+kgoOG
w1EnovovFQozod29RT6gOGm4djmOWoXQahYHC+driqSXj8p2SC0acItreaE06g2l
a3sQFLNQC0/3BMVGIVnrEw02NtPI/YlAFFb+ukYD0aUP+waJdFWZxyNUn1wNKlVH
ix8BzQHq1Ma0HRSsUHscC4C+pY+BdNHl30hwmFzGTZNQFYu84aostrbI2FjQo3OR
5lbgygf8HHwRHI0nNFdLwnSOVyAqwHeG2ffUnNXl3zDelTbQLUIsfQYwQYuYURoX
JMGMr4XK5WpfzB1ixOAx2eVQ9NdKbvBpzkJj5R5hCLSbm6/RslSF8l+gnLrsu4oH
2daUqb6KkPVM0w==
-----END CERTIFICATE-----