Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          OBdfNIWLWyOdjymRBCGayMOgI5MbIYoaTWpEM6REvE0=
Subject key identifier:   33:E9:0E:86:1E:AE:69:D4:82:AC:0A:56:58:AE:E6:AC:8E:AB:C5:24
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       019CAAC6BE0A618C6CA3A9FC34E389C876BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0ED9
Signing time:             Sun 01 Mar 2026 19:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:17 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: 0VUbT/hM/USRynKXmmDPGfE9qxdbohR74KftUFH/H8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:be:0a:61:8c:6c:a3:a9:fc:34:e3:89:c8:76:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Mar  1 19:01:17 2026 GMT
            Not After : Mar  2 19:01:17 2026 GMT
        Subject: CN=33e90e861eae69d482ac0a5658aee6ac8eabc524
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:18:16:38:37:48:ad:cc:f0:a4:cc:95:b6:e5:
                    ff:e9:82:4d:20:2a:53:93:e2:7c:b0:1f:ac:15:63:
                    06:5e:34:24:c6:55:4b:39:fa:04:18:be:fe:9f:fb:
                    c8:99:10:70:7d:7b:ed:4a:45:3d:54:77:15:29:22:
                    13:dc:ad:6b:4b:fc:b2:c2:6f:3a:82:44:d3:5a:67:
                    69:a9:5f:1c:6f:db:b8:a7:b5:b0:c0:47:0f:0c:a6:
                    dd:08:92:5d:72:21:1e:ee:00:a2:bd:6a:b5:30:0a:
                    50:cd:76:cc:52:a4:68:c5:49:78:bf:22:1b:cf:10:
                    48:0c:4c:30:78:8b:b7:76:53:d6:f5:56:5c:85:9c:
                    9b:d7:fa:4b:ed:65:95:77:a8:2e:04:87:37:76:d3:
                    bc:2d:9a:aa:8d:f6:fa:97:3f:4f:61:39:c0:51:b5:
                    34:fc:57:86:dc:52:4a:70:9c:be:24:1d:09:d1:d7:
                    b0:82:14:4c:48:2c:e2:c3:ad:e2:16:c5:79:b7:85:
                    23:69:c3:22:90:a4:ee:8a:a7:ee:17:53:7b:8a:b1:
                    88:11:3c:f3:38:60:8d:37:22:b0:47:a5:86:ff:65:
                    87:97:09:3f:cb:e7:d9:c2:fd:09:6c:35:6e:a5:0e:
                    95:e6:b3:2d:76:68:2b:9c:a4:8b:61:d0:d9:d3:44:
                    75:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:E9:0E:86:1E:AE:69:D4:82:AC:0A:56:58:AE:E6:AC:8E:AB:C5:24
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:34:da:48:b6:aa:3d:50:48:b3:fa:60:93:e7:d1:65:25:d7:
         54:90:fe:e2:f9:0f:a9:5f:e9:70:b8:71:ed:91:48:23:5c:8b:
         ca:5d:e0:4d:08:67:12:39:8b:7e:ec:66:39:a6:40:b6:01:f0:
         ca:aa:5f:5a:2d:42:3c:66:4d:c3:72:1b:08:16:98:33:fd:9d:
         64:86:e0:c1:8a:54:1e:a4:10:b6:e1:54:51:eb:21:4f:d5:6c:
         f1:72:31:3e:f7:31:b7:95:aa:74:70:5b:6d:80:1b:3e:f8:b4:
         fc:33:a5:16:fa:38:1f:3e:b7:76:44:5a:e7:44:4b:c4:7d:85:
         99:18:04:fb:4f:27:36:fd:32:b3:bd:9e:f5:81:9c:2f:36:55:
         2b:41:20:8b:15:5d:d7:36:57:cb:9b:f6:2d:f5:66:a7:d6:f0:
         24:2b:80:2b:85:74:f7:bb:6a:70:fe:68:1d:bc:14:73:6f:0c:
         a4:13:10:dc:7c:b4:80:93:e4:6a:af:4e:60:eb:18:bc:8a:b3:
         5d:7b:b6:34:1a:a8:a2:b5:66:59:89:ef:f4:7c:e0:61:54:11:
         46:c4:ae:c4:33:42:c4:27:d1:e4:27:76:64:db:16:76:39:49:
         1d:18:d6:18:e4:94:8a:14:fb:8e:c3:78:ca:5e:8e:e7:ee:6a:
         1a:fd:2e:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxr4KYYxso6n8NOOJyHa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjYwMzAxMTkwMTE3WhcNMjYwMzAyMTkwMTE3WjAzMTEwLwYDVQQD
EygzM2U5MGU4NjFlYWU2OWQ0ODJhYzBhNTY1OGFlZTZhYzhlYWJjNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBgWODdIrczwpMyVtuX/6YJNICpT
k+J8sB+sFWMGXjQkxlVLOfoEGL7+n/vImRBwfXvtSkU9VHcVKSIT3K1rS/yywm86
gkTTWmdpqV8cb9u4p7WwwEcPDKbdCJJdciEe7gCivWq1MApQzXbMUqRoxUl4vyIb
zxBIDEwweIu3dlPW9VZchZyb1/pL7WWVd6guBIc3dtO8LZqqjfb6lz9PYTnAUbU0
/FeG3FJKcJy+JB0J0dewghRMSCziw63iFsV5t4UjacMikKTuiqfuF1N7irGIETzz
OGCNNyKwR6WG/2WHlwk/y+fZwv0JbDVupQ6V5rMtdmgrnKSLYdDZ00R11wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPpDoYermnUgqwKVliu5qyOq8UkMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABjTaSLaq
PVBIs/pgk+fRZSXXVJD+4vkPqV/pcLhx7ZFII1yLyl3gTQhnEjmLfuxmOaZAtgHw
yqpfWi1CPGZNw3IbCBaYM/2dZIbgwYpUHqQQtuFUUeshT9Vs8XIxPvcxt5WqdHBb
bYAbPvi0/DOlFvo4Hz63dkRa50RLxH2FmRgE+08nNv0ys72e9YGcLzZVK0EgixVd
1zZXy5v2LfVmp9bwJCuAK4V097tqcP5oHbwUc28MpBMQ3Hy0gJPkaq9OYOsYvIqz
XXu2NBqoorVmWYnv9HzgYVQRRsSuxDNCxCfR5Cd2ZNsWdjlJHRjWGOSUihT7jsN4
yl6O5+5qGv0uDw==
-----END CERTIFICATE-----