Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          zcn2j88c9b22+drIZDqgEMLhOhJqaRtkBzGf9G3xfsQ=
Subject key identifier:   4E:0F:B0:56:55:70:58:CD:5B:CF:63:F3:F6:F4:35:46:D2:96:3F:14
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       019CAA215D1B0B8CB971CAB0348BAF5D05B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          09E5
Signing time:             Sun 01 Mar 2026 16:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:39 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: 9d2YZPacAPliiEHKqq0FN14EK+2KuXQ2itHq8kPo694=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:5d:1b:0b:8c:b9:71:ca:b0:34:8b:af:5d:05:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Mar  1 16:00:39 2026 GMT
            Not After : Mar  2 16:00:39 2026 GMT
        Subject: CN=4e0fb056557058cd5bcf63f3f6f43546d2963f14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:52:be:12:02:64:ed:bf:f7:c6:49:4e:7f:e6:
                    d1:85:16:e0:f4:9f:4e:6a:b2:8e:5f:b4:9a:32:28:
                    3a:10:fd:be:97:32:9f:7e:2c:4d:5f:78:32:25:ed:
                    41:0e:8e:a1:80:fd:04:a2:87:fb:21:72:91:04:10:
                    6d:65:8a:16:0e:34:1a:d7:6e:9e:49:02:76:d8:9b:
                    45:f7:8f:2d:5a:69:31:6e:0c:30:63:0f:3c:3b:c9:
                    72:43:e4:c8:87:05:35:9b:fe:3f:8d:08:36:16:11:
                    78:12:e9:b5:d3:f0:28:72:aa:7c:d5:16:7c:90:5f:
                    90:8b:26:cf:c8:73:c3:47:ec:23:23:67:ff:02:a5:
                    3a:be:08:75:5d:37:28:3d:cd:01:63:d8:4b:62:14:
                    78:f4:4f:b9:b7:06:75:5d:2f:a4:f6:c6:6c:3f:d8:
                    46:d1:2c:36:1b:0e:ff:2a:dc:af:8a:cd:4b:59:a9:
                    4e:ad:9d:da:6b:ec:70:5e:14:16:97:6e:bf:2d:f3:
                    68:2b:67:d3:f8:aa:f7:c6:3b:ca:df:43:98:02:20:
                    60:90:2e:ff:e8:bf:cd:98:f8:a7:bb:9a:38:2c:a0:
                    a5:80:4a:0a:b7:dd:b5:ef:79:4d:fc:91:ee:41:3e:
                    68:0a:65:49:06:1d:8b:a4:fc:dc:c4:96:1f:c1:53:
                    26:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:0F:B0:56:55:70:58:CD:5B:CF:63:F3:F6:F4:35:46:D2:96:3F:14
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:a8:0b:51:41:b9:d0:83:55:0f:65:aa:24:27:e3:12:14:6c:
         5f:16:2b:d4:78:d8:98:01:2b:0f:f7:45:15:7e:6b:56:60:18:
         97:3d:77:d0:57:8a:ec:4c:8c:d5:67:2c:45:7c:d7:bf:2d:18:
         d1:1f:a0:6b:35:1c:71:94:9d:f6:92:2b:30:85:36:fd:27:ab:
         0b:47:5f:c4:e3:77:d4:32:bd:39:a8:f6:0c:d2:00:88:9b:b5:
         c1:43:2a:5c:ce:a7:f0:9b:7e:55:0d:41:18:d5:31:31:63:cf:
         67:b5:30:d3:a1:31:f7:30:4f:a5:d7:05:32:cd:9a:0d:1f:86:
         dd:16:a5:dc:ca:8f:8d:a9:53:a0:c9:2d:4e:65:56:cd:06:42:
         00:90:2c:b6:46:9e:96:34:c8:2d:a6:b0:8e:9c:3b:27:cc:89:
         db:ef:a6:7c:02:3c:60:ca:22:42:ec:82:72:eb:45:71:ff:5d:
         ae:4b:e5:a0:b2:35:df:b6:1b:2b:a2:13:c7:86:e1:ae:62:49:
         a6:5c:91:ee:4b:15:50:5c:7e:03:f0:d7:43:b4:a6:0a:4b:be:
         8f:ac:a5:63:dc:de:d3:ea:b7:40:8d:a3:11:6a:c3:1f:01:3f:
         61:a8:33:f4:13:82:70:65:db:ea:1b:55:7d:ff:c8:dd:ad:95:
         ba:ea:fc:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIV0bC4y5ccqwNIuvXQW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjYwMzAxMTYwMDM5WhcNMjYwMzAyMTYwMDM5WjAzMTEwLwYDVQQD
Eyg0ZTBmYjA1NjU1NzA1OGNkNWJjZjYzZjNmNmY0MzU0NmQyOTYzZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1K+EgJk7b/3xklOf+bRhRbg9J9O
arKOX7SaMig6EP2+lzKffixNX3gyJe1BDo6hgP0Eoof7IXKRBBBtZYoWDjQa126e
SQJ22JtF948tWmkxbgwwYw88O8lyQ+TIhwU1m/4/jQg2FhF4Eum10/Aocqp81RZ8
kF+QiybPyHPDR+wjI2f/AqU6vgh1XTcoPc0BY9hLYhR49E+5twZ1XS+k9sZsP9hG
0Sw2Gw7/Ktyvis1LWalOrZ3aa+xwXhQWl26/LfNoK2fT+Kr3xjvK30OYAiBgkC7/
6L/NmPinu5o4LKClgEoKt92173lN/JHuQT5oCmVJBh2LpPzcxJYfwVMmqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4PsFZVcFjNW89j8/b0NUbSlj8UMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACagLUUG5
0INVD2WqJCfjEhRsXxYr1HjYmAErD/dFFX5rVmAYlz130FeK7EyM1WcsRXzXvy0Y
0R+gazUccZSd9pIrMIU2/SerC0dfxON31DK9Oaj2DNIAiJu1wUMqXM6n8Jt+VQ1B
GNUxMWPPZ7Uw06Ex9zBPpdcFMs2aDR+G3Ral3MqPjalToMktTmVWzQZCAJAstkae
ljTILaawjpw7J8yJ2++mfAI8YMoiQuyCcutFcf9drkvloLI137YbK6ITx4bhrmJJ
plyR7ksVUFx+A/DXQ7SmCku+j6ylY9ze0+q3QI2jEWrDHwE/Yagz9BOCcGXb6htV
ff/I3a2Vuur8jA==
-----END CERTIFICATE-----