Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          u1FNCaQa//DJ8OWms3998wyf6RFgMLcjfqtVX19tTWw=
Subject key identifier:   A3:4D:DC:00:C2:FD:91:71:0F:A3:19:1F:2A:05:26:D8:B8:1F:C7:14
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019D9A3DF29BF38714082E074D7076739C52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0F55
Signing time:             Fri 17 Apr 2026 07:00:44 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:44 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:44 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: urrBfCgE13O10xAIgCioLePoMxo+4eSyKFyFCqIOLhY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3d:f2:9b:f3:87:14:08:2e:07:4d:70:76:73:9c:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Apr 17 07:00:44 2026 GMT
            Not After : Apr 18 07:00:44 2026 GMT
        Subject: CN=a34ddc00c2fd91710fa3191f2a0526d8b81fc714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c5:09:0d:c7:51:a4:19:ca:c9:71:85:ea:4c:
                    96:0a:da:0f:a6:fd:c4:7c:cf:f5:9e:13:0c:51:12:
                    92:42:83:c9:11:14:36:f2:2a:9f:ab:24:00:a9:da:
                    e6:74:1b:68:64:60:fe:c7:f3:e3:7f:02:8b:88:ae:
                    89:35:b4:f2:95:6f:ea:09:fb:ff:d2:b7:5a:e1:81:
                    1f:e5:ec:0d:d5:9f:b6:34:ea:28:f3:f6:b6:16:91:
                    ab:83:bb:97:0c:09:eb:1f:7e:2b:ad:a8:4c:d9:79:
                    c2:53:49:a9:e9:dd:17:a8:59:c6:81:a5:37:60:48:
                    8a:49:da:a7:2c:a9:84:3d:d7:a5:ea:5e:23:67:c3:
                    8d:1f:31:61:f5:7c:d4:b6:6e:45:80:9a:66:62:7d:
                    4e:fb:73:37:72:9e:55:c2:65:33:32:9b:39:04:21:
                    f4:29:99:09:44:10:e7:d4:02:19:17:98:02:f4:85:
                    03:7f:34:0d:d8:9c:b1:a5:9c:80:aa:dc:38:9b:d4:
                    a8:f2:ca:0e:ff:ff:91:cb:91:00:9c:53:c4:e6:ed:
                    fd:5b:cb:14:ba:15:ec:70:6d:67:bf:f6:23:82:17:
                    7e:6b:38:3d:0d:fc:76:d8:8e:e5:c2:a5:90:16:2b:
                    d1:13:f2:23:b3:04:0b:3c:0c:25:d9:40:fb:f2:eb:
                    bc:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:4D:DC:00:C2:FD:91:71:0F:A3:19:1F:2A:05:26:D8:B8:1F:C7:14
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:0b:15:47:6a:07:82:0a:f2:dc:ff:f5:c9:12:fe:67:44:8d:
         fc:89:9d:6e:18:b3:70:1e:bc:e8:b3:98:cb:31:46:fb:e2:a2:
         05:46:c7:d0:c7:31:7b:d0:b1:ff:a1:a8:dc:b0:e1:23:e8:59:
         8e:38:fb:5f:8a:9d:0f:c8:d4:15:03:ff:c6:63:9f:e6:60:4f:
         a6:02:12:9f:b3:1b:c2:05:ca:ba:6c:c2:f5:e8:c8:c0:56:6a:
         90:08:1b:7f:14:22:12:74:df:65:bb:de:54:25:2d:c0:65:b4:
         41:81:46:62:2f:36:c7:a1:52:1e:fc:e2:e7:91:1f:8e:a6:4e:
         2c:8e:2d:f6:7b:25:77:b7:dc:34:d6:95:9c:4f:d2:46:67:4e:
         81:4d:e2:01:aa:9f:4f:1b:fd:8b:a7:a4:5c:5d:13:4d:c7:cc:
         ce:cc:2e:a4:42:be:4b:5e:d1:af:13:2f:e8:e8:47:95:c2:3e:
         f0:b8:fa:69:fc:8d:8c:cc:38:86:49:b0:85:b8:80:bf:7d:b8:
         c2:cc:4f:f0:0a:de:ec:6d:f6:94:d6:53:30:d1:d9:bf:cc:12:
         5d:0a:df:d6:c1:49:ef:c8:51:5b:53:df:7b:2e:69:d8:dc:59:
         ca:38:b3:21:b0:9b:de:37:d5:7c:e9:9f:6c:ef:4b:b5:6a:af:
         4b:e7:7f:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPfKb84cUCC4HTXB2c5xSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjYwNDE3MDcwMDQ0WhcNMjYwNDE4MDcwMDQ0WjAzMTEwLwYDVQQD
EyhhMzRkZGMwMGMyZmQ5MTcxMGZhMzE5MWYyYTA1MjZkOGI4MWZjNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8UJDcdRpBnKyXGF6kyWCtoPpv3E
fM/1nhMMURKSQoPJERQ28iqfqyQAqdrmdBtoZGD+x/PjfwKLiK6JNbTylW/qCfv/
0rda4YEf5ewN1Z+2NOoo8/a2FpGrg7uXDAnrH34rrahM2XnCU0mp6d0XqFnGgaU3
YEiKSdqnLKmEPdel6l4jZ8ONHzFh9XzUtm5FgJpmYn1O+3M3cp5VwmUzMps5BCH0
KZkJRBDn1AIZF5gC9IUDfzQN2JyxpZyAqtw4m9So8soO//+Ry5EAnFPE5u39W8sU
uhXscG1nv/Yjghd+azg9Dfx22I7lwqWQFivRE/IjswQLPAwl2UD78uu8uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNN3ADC/ZFxD6MZHyoFJti4H8cUMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQsVR2oH
ggry3P/1yRL+Z0SN/ImdbhizcB686LOYyzFG++KiBUbH0Mcxe9Cx/6Go3LDhI+hZ
jjj7X4qdD8jUFQP/xmOf5mBPpgISn7MbwgXKumzC9ejIwFZqkAgbfxQiEnTfZbve
VCUtwGW0QYFGYi82x6FSHvzi55EfjqZOLI4t9nsld7fcNNaVnE/SRmdOgU3iAaqf
Txv9i6ekXF0TTcfMzswupEK+S17RrxMv6OhHlcI+8Lj6afyNjMw4hkmwhbiAv324
wsxP8Are7G32lNZTMNHZv8wSXQrf1sFJ78hRW1Pfey5p2NxZyjizIbCb3jfVfOmf
bO9LtWqvS+d/Uw==
-----END CERTIFICATE-----