Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          82hSEd3U54+g7PybCudx3mmpc2B2PVYRxcj2ajo9K80=
Subject key identifier:   E0:15:B0:07:B8:3B:D4:F5:AB:0A:28:19:54:60:83:AC:A2:0E:69:60
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       019CAD59EF76463180A0D5C45F01417AF2EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          135B
Signing time:             Mon 02 Mar 2026 07:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:18 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: BK3cjdILt5npAFDRb1KPytqzVnH4Eh9zoW1zT8Z3P4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ef:76:46:31:80:a0:d5:c4:5f:01:41:7a:f2:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Mar  2 07:01:18 2026 GMT
            Not After : Mar  3 07:01:18 2026 GMT
        Subject: CN=e015b007b83bd4f5ab0a2819546083aca20e6960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a3:a5:04:16:d9:84:4f:d9:c2:ac:b4:51:f7:
                    0f:f3:45:42:4b:42:65:e6:61:10:93:a3:91:c2:3d:
                    fa:f3:1a:73:ab:b7:01:32:36:ed:fc:e1:04:2f:11:
                    8a:60:d9:c4:d4:72:53:55:84:33:30:7e:42:29:c3:
                    f1:3f:8d:b2:88:48:b4:68:79:4c:6c:95:ba:14:62:
                    d4:1a:7e:4b:92:8f:7a:c5:2b:21:c3:59:3f:f6:41:
                    e3:41:8e:c1:f8:0b:42:c9:a3:d3:6a:04:e3:c2:24:
                    3c:ee:20:c2:cb:5a:90:20:6e:52:aa:cf:c7:94:cc:
                    9e:bd:21:ac:46:77:66:5d:a5:bf:d2:86:e7:0b:5d:
                    82:4c:3a:a9:fe:31:c5:df:49:76:c6:52:a8:46:de:
                    a0:2d:8e:b2:9a:0c:f7:ae:cd:4b:ad:0c:23:ab:e7:
                    47:eb:98:08:e4:0b:48:4a:37:39:29:72:7a:3f:3d:
                    f2:ad:5a:15:13:29:50:8a:08:1d:1a:cb:35:08:49:
                    46:bd:ad:18:ff:9a:99:b6:ae:bc:e7:05:cf:36:58:
                    be:c4:37:8b:31:43:f8:2a:f2:6e:a5:ec:5f:19:27:
                    cf:a5:c9:e7:bf:b7:51:81:a0:64:5b:f9:d1:f6:0b:
                    2f:2b:86:71:42:21:fb:27:00:eb:0e:80:5a:ca:49:
                    7f:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:15:B0:07:B8:3B:D4:F5:AB:0A:28:19:54:60:83:AC:A2:0E:69:60
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:61:1c:dd:8f:81:fe:a4:b3:ac:85:0d:4a:86:63:03:3a:a8:
         94:ca:52:66:fe:cb:85:f1:58:e9:72:8e:07:d8:53:43:8d:c0:
         9e:ff:c8:8a:c7:91:78:86:07:7f:ef:61:a6:ed:97:dc:d9:9d:
         69:73:c7:e1:e7:be:fc:80:bc:34:a7:0b:c7:b1:bc:8b:43:b3:
         ee:1f:e9:b9:67:4c:cf:0f:09:10:7e:7a:cc:b2:8e:3a:30:e6:
         19:3b:74:d5:e6:b5:6c:9c:9f:b6:1d:83:55:cf:1f:12:4a:e9:
         80:f2:f4:30:85:57:71:73:9f:e5:ba:f3:00:32:f2:d0:9f:ea:
         34:4c:11:a3:d6:ca:f4:d8:dd:d2:67:de:cf:4d:3a:24:53:a0:
         88:4a:1f:ce:13:1a:84:c9:31:b7:e8:d8:06:d3:f3:9d:9a:b8:
         ae:90:e8:04:6a:53:77:b5:e4:a8:2e:da:fc:2a:e0:4f:a3:4b:
         5f:62:a8:16:1d:4a:e2:4e:2a:65:53:31:9d:8b:77:83:16:62:
         1b:34:a7:89:cf:7c:63:62:4a:cb:e2:0d:91:b1:41:bf:2b:01:
         91:22:e5:7a:bd:d9:bd:6e:a9:91:39:aa:09:18:32:43:ab:39:
         62:18:51:67:8c:13:b3:6b:9b:42:13:3b:06:ff:68:b8:6e:73:
         38:0a:33:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWe92RjGAoNXEXwFBevLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjYwMzAyMDcwMTE4WhcNMjYwMzAzMDcwMTE4WjAzMTEwLwYDVQQD
EyhlMDE1YjAwN2I4M2JkNGY1YWIwYTI4MTk1NDYwODNhY2EyMGU2OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6OlBBbZhE/Zwqy0UfcP80VCS0Jl
5mEQk6ORwj368xpzq7cBMjbt/OEELxGKYNnE1HJTVYQzMH5CKcPxP42yiEi0aHlM
bJW6FGLUGn5Lko96xSshw1k/9kHjQY7B+AtCyaPTagTjwiQ87iDCy1qQIG5Sqs/H
lMyevSGsRndmXaW/0obnC12CTDqp/jHF30l2xlKoRt6gLY6ymgz3rs1LrQwjq+dH
65gI5AtISjc5KXJ6Pz3yrVoVEylQiggdGss1CElGva0Y/5qZtq685wXPNli+xDeL
MUP4KvJupexfGSfPpcnnv7dRgaBkW/nR9gsvK4ZxQiH7JwDrDoBaykl/9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAVsAe4O9T1qwooGVRgg6yiDmlgMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADGEc3Y+B
/qSzrIUNSoZjAzqolMpSZv7LhfFY6XKOB9hTQ43Anv/IiseReIYHf+9hpu2X3Nmd
aXPH4ee+/IC8NKcLx7G8i0Oz7h/puWdMzw8JEH56zLKOOjDmGTt01ea1bJyfth2D
Vc8fEkrpgPL0MIVXcXOf5brzADLy0J/qNEwRo9bK9Njd0mfez006JFOgiEofzhMa
hMkxt+jYBtPznZq4rpDoBGpTd7XkqC7a/CrgT6NLX2KoFh1K4k4qZVMxnYt3gxZi
GzSnic98Y2JKy+INkbFBvysBkSLler3ZvW6pkTmqCRgyQ6s5YhhRZ4wTs2ubQhM7
Bv9ouG5zOAoz2w==
-----END CERTIFICATE-----