Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          cuGIeI5g17oHZ9236ydEeP4vcNSEBOR4T8iTDkK5zNo=
Subject key identifier:   EA:2C:15:A4:DF:1B:7F:D0:3C:91:88:E1:0B:C2:6D:D9:0D:7B:96:8B
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       019CAB6B9804F32A6324BFC1AC60A55065BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          0CEA
Signing time:             Sun 01 Mar 2026 22:01:20 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:20 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:20 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: v/6c7xibFnEX4d2OSK0qTP7+ZAWlDLkncRodWedBvQk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:98:04:f3:2a:63:24:bf:c1:ac:60:a5:50:65:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: Mar  1 22:01:20 2026 GMT
            Not After : Mar  2 22:01:20 2026 GMT
        Subject: CN=ea2c15a4df1b7fd03c9188e10bc26dd90d7b968b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:1c:f2:60:2c:a7:0f:61:a1:a6:e2:9b:23:d7:
                    69:72:b5:f1:38:54:87:d2:b8:09:a5:fa:5c:b2:e3:
                    47:84:ec:83:d3:01:b1:70:d7:9c:e2:21:d1:2c:28:
                    06:f5:c5:73:e2:1e:48:9a:00:e1:c4:13:39:d2:2e:
                    08:ce:3e:b0:a6:d3:ed:c2:0b:7e:80:63:09:ea:73:
                    7a:6d:98:a6:e3:23:cc:f9:34:f5:14:e9:75:61:1b:
                    f9:1f:04:ae:47:57:24:21:6d:c8:cb:41:cc:a1:4d:
                    4f:01:f9:df:16:6d:62:ac:42:db:da:56:5f:c5:db:
                    ac:8e:dd:f7:ae:5f:69:b7:15:aa:dd:ec:1c:ce:ec:
                    a3:24:eb:d5:f0:33:96:ad:b3:d2:39:31:27:6b:c7:
                    99:73:5e:df:b5:2b:ca:61:14:65:58:c5:c4:38:62:
                    ac:d3:31:c8:fc:16:c7:16:07:c0:38:0f:1f:67:3a:
                    95:a7:b6:20:d3:c0:e8:59:40:c7:d6:5e:e4:32:49:
                    44:40:06:b2:4b:24:6f:1b:32:6f:9e:77:a3:fb:bc:
                    02:bb:0d:af:17:c4:d0:d7:9b:55:6d:d3:6b:c2:2c:
                    a4:45:ab:df:25:6e:3e:ae:4a:b2:e4:27:d4:3c:da:
                    13:77:0a:b4:c7:97:64:28:1d:28:65:d1:e4:c8:7a:
                    84:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:2C:15:A4:DF:1B:7F:D0:3C:91:88:E1:0B:C2:6D:D9:0D:7B:96:8B
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:e5:73:6f:6f:d4:c2:2b:c7:71:c4:16:bc:8d:96:33:ec:4d:
         db:66:e2:ee:61:21:cf:cc:78:ef:df:17:b7:97:3f:4a:b0:78:
         59:6d:f9:d7:dc:f7:0a:fa:df:45:b2:6c:46:72:4c:ad:a3:1e:
         99:0a:23:e4:35:31:73:fc:8d:51:9d:c6:0b:d6:05:54:5e:8d:
         75:0d:9f:25:50:fa:c8:e7:30:4c:e5:85:78:83:2a:de:78:34:
         e0:8f:e6:7a:7a:42:7a:0c:2d:c7:dc:7f:da:0f:dd:15:e0:16:
         a3:a3:77:4f:47:5e:97:b8:9b:2b:59:1c:4a:89:cb:d5:07:15:
         1c:08:cc:43:9e:94:de:31:3b:8c:6e:47:77:fd:82:8b:b2:53:
         22:5f:37:af:56:9d:0f:13:55:c2:64:a3:28:6c:b6:c1:ca:b9:
         a1:1a:e1:bd:b0:16:ac:27:19:62:24:26:0e:11:4f:fa:9f:f3:
         86:28:a8:38:49:a4:03:aa:03:48:d2:e9:cc:d8:56:3e:1c:e5:
         98:be:c4:d3:f9:78:68:b7:db:94:24:da:a6:0c:9f:52:53:5c:
         6c:ac:46:ac:6f:43:ab:c4:0a:42:57:aa:cd:10:71:f0:5f:41:
         d6:53:bb:a2:e8:a0:49:0a:51:b5:80:d4:f7:95:15:b2:5f:59:
         05:2d:43:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5gE8ypjJL/BrGClUGW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjYwMzAxMjIwMTIwWhcNMjYwMzAyMjIwMTIwWjAzMTEwLwYDVQQD
EyhlYTJjMTVhNGRmMWI3ZmQwM2M5MTg4ZTEwYmMyNmRkOTBkN2I5NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBzyYCynD2GhpuKbI9dpcrXxOFSH
0rgJpfpcsuNHhOyD0wGxcNec4iHRLCgG9cVz4h5ImgDhxBM50i4Izj6wptPtwgt+
gGMJ6nN6bZim4yPM+TT1FOl1YRv5HwSuR1ckIW3Iy0HMoU1PAfnfFm1irELb2lZf
xdusjt33rl9ptxWq3ewczuyjJOvV8DOWrbPSOTEna8eZc17ftSvKYRRlWMXEOGKs
0zHI/BbHFgfAOA8fZzqVp7Yg08DoWUDH1l7kMklEQAaySyRvGzJvnnej+7wCuw2v
F8TQ15tVbdNrwiykRavfJW4+rkqy5CfUPNoTdwq0x5dkKB0oZdHkyHqE9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOosFaTfG3/QPJGI4QvCbdkNe5aLMB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhuVzb2/U
wivHccQWvI2WM+xN22bi7mEhz8x4798Xt5c/SrB4WW3519z3CvrfRbJsRnJMraMe
mQoj5DUxc/yNUZ3GC9YFVF6NdQ2fJVD6yOcwTOWFeIMq3ng04I/menpCegwtx9x/
2g/dFeAWo6N3T0del7ibK1kcSonL1QcVHAjMQ56U3jE7jG5Hd/2Ci7JTIl83r1ad
DxNVwmSjKGy2wcq5oRrhvbAWrCcZYiQmDhFP+p/zhiioOEmkA6oDSNLpzNhWPhzl
mL7E0/l4aLfblCTapgyfUlNcbKxGrG9Dq8QKQleqzRBx8F9B1lO7ouigSQpRtYDU
95UVsl9ZBS1DOQ==
-----END CERTIFICATE-----