Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          QuQ/DAvuLIpUXnTNAcQdBXmv/gSlPmAf609IIX6nK3A=
Subject key identifier:   CB:C9:37:D6:80:41:8E:D1:69:18:58:1B:FB:83:35:B6:6C:76:3E:4C
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01989DB9703B4BA4220C37B8F109FAB98BF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0CC0
Signing time:             Tue 12 Aug 2025 10:00:32 +0000
Manifest this update:     Tue 12 Aug 2025 10:00:32 +0000
Manifest next update:     Wed 13 Aug 2025 10:00:32 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: o3dXOrHmiStFWMknwFLlKiXXhmAFYPsW1wUswpcEpu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 10:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9d:b9:70:3b:4b:a4:22:0c:37:b8:f1:09:fa:b9:8b:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Aug 12 10:00:32 2025 GMT
            Not After : Aug 13 10:00:32 2025 GMT
        Subject: CN=cbc937d680418ed16918581bfb8335b66c763e4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:23:2b:4e:67:1a:50:08:7a:d8:19:15:d4:43:
                    50:15:06:8c:9e:58:d5:83:d1:4d:31:51:1a:f5:e4:
                    aa:42:e9:32:ba:2c:ed:ae:6d:b4:97:02:2b:bb:33:
                    fe:73:93:9d:2b:95:cf:55:af:0d:e8:16:1a:78:96:
                    70:da:d4:44:ab:19:b8:51:18:62:39:7a:ff:b1:43:
                    bf:a5:8d:6a:c5:dc:63:07:5c:71:f6:e2:d7:96:22:
                    f6:9b:6c:87:fc:0a:55:89:68:31:c8:90:b4:da:1b:
                    fd:0a:ae:a7:ae:90:00:c6:d0:13:0e:ca:e9:e5:57:
                    af:d0:0a:f7:fe:5a:71:92:38:3f:23:db:50:14:31:
                    c2:b1:f6:57:b9:da:12:64:40:50:37:18:f0:db:29:
                    8e:da:4b:59:ae:71:54:63:8a:c1:88:59:f7:30:f7:
                    03:56:f5:e2:23:6b:c6:bf:7c:be:1a:7f:54:8b:bd:
                    ef:ba:fd:78:ae:c5:cb:42:48:86:3a:f5:ae:2d:1a:
                    54:0f:7f:77:6e:a0:3a:5c:99:70:85:31:d3:97:fa:
                    f0:e3:3c:1f:6f:cf:5b:1e:ad:11:6d:b1:0f:f7:99:
                    e3:66:18:c8:8c:cb:e8:e8:1b:0c:46:cf:07:61:89:
                    bf:80:73:6e:2b:e6:38:d3:72:c0:6a:51:f5:27:41:
                    6d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:C9:37:D6:80:41:8E:D1:69:18:58:1B:FB:83:35:B6:6C:76:3E:4C
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:01:bf:8a:b0:a1:71:c7:1c:11:3c:56:c7:b4:6d:10:2b:8a:
         95:8f:6c:e3:09:68:7d:a1:e9:ae:98:14:50:fa:d5:38:e2:cb:
         a2:db:87:09:03:54:e7:6d:d3:b5:57:16:ee:53:57:08:76:2a:
         7f:7a:37:f7:a3:cd:5b:dd:4b:86:bd:ea:1d:4b:df:2d:01:77:
         40:6b:71:fc:2c:04:8d:af:37:5c:2e:d0:29:d8:78:1f:a9:8a:
         22:99:dd:2a:30:62:fd:b3:23:ca:1f:16:a1:ed:8d:2b:41:6f:
         07:50:de:25:2d:1a:63:bb:7a:89:f1:bc:84:e2:73:24:b8:31:
         7a:cc:33:1c:71:f6:86:03:ec:6c:37:b3:f7:77:aa:9e:31:9b:
         a8:c2:91:cb:e3:5c:c9:7e:42:cb:3a:ce:59:22:11:9f:8e:3d:
         55:84:a2:ff:71:21:f5:ca:b0:37:36:52:78:2e:85:c1:c6:af:
         4b:6c:8f:99:eb:fe:1e:11:b1:92:ec:b8:ae:c5:61:04:cf:e8:
         0f:ad:94:70:cd:08:b2:4b:a1:ce:80:87:2a:14:0b:49:0e:38:
         a4:80:59:4e:f6:9d:20:4a:8f:a0:80:a5:f2:b6:65:29:de:db:
         43:3a:1a:16:b0:75:c3:80:57:4a:ed:6d:1d:1e:a0:4a:1b:f0:
         37:34:e2:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiduXA7S6QiDDe48Qn6uYvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwODEyMTAwMDMyWhcNMjUwODEzMTAwMDMyWjAzMTEwLwYDVQQD
EyhjYmM5MzdkNjgwNDE4ZWQxNjkxODU4MWJmYjgzMzViNjZjNzYzZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSMrTmcaUAh62BkV1ENQFQaMnljV
g9FNMVEa9eSqQukyuiztrm20lwIruzP+c5OdK5XPVa8N6BYaeJZw2tREqxm4URhi
OXr/sUO/pY1qxdxjB1xx9uLXliL2m2yH/ApViWgxyJC02hv9Cq6nrpAAxtATDsrp
5Vev0Ar3/lpxkjg/I9tQFDHCsfZXudoSZEBQNxjw2ymO2ktZrnFUY4rBiFn3MPcD
VvXiI2vGv3y+Gn9Ui73vuv14rsXLQkiGOvWuLRpUD393bqA6XJlwhTHTl/rw4zwf
b89bHq0RbbEP95njZhjIjMvo6BsMRs8HYYm/gHNuK+Y403LAalH1J0FtKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvJN9aAQY7RaRhYG/uDNbZsdj5MMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATwG/irCh
ccccETxWx7RtECuKlY9s4wlofaHprpgUUPrVOOLLotuHCQNU523TtVcW7lNXCHYq
f3o396PNW91Lhr3qHUvfLQF3QGtx/CwEja83XC7QKdh4H6mKIpndKjBi/bMjyh8W
oe2NK0FvB1DeJS0aY7t6ifG8hOJzJLgxeswzHHH2hgPsbDez93eqnjGbqMKRy+Nc
yX5CyzrOWSIRn449VYSi/3Eh9cqwNzZSeC6FwcavS2yPmev+HhGxkuy4rsVhBM/o
D62UcM0IskuhzoCHKhQLSQ44pIBZTvadIEqPoICl8rZlKd7bQzoaFrB1w4BXSu1t
HR6gShvwNzTivQ==
-----END CERTIFICATE-----