Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          +yIfhyVQONuT64jPwdllc0HwkHJiU2O1mDsmD387L/M=
Subject key identifier:   7F:41:CA:5B:3A:C8:BA:0F:C9:37:91:95:93:9D:C3:A8:51:D2:BD:CE
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       019DA52FC885786CB99119DC08AA9A610EA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0C9C
Signing time:             Sun 19 Apr 2026 10:01:05 +0000
Manifest this update:     Sun 19 Apr 2026 10:01:05 +0000
Manifest next update:     Mon 20 Apr 2026 10:01:05 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: iTb4M4U9SzVp+ewYfptxPv/IugTJeiyg4N5G2dOX/P0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a5:2f:c8:85:78:6c:b9:91:19:dc:08:aa:9a:61:0e:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Apr 19 10:01:05 2026 GMT
            Not After : Apr 20 10:01:05 2026 GMT
        Subject: CN=7f41ca5b3ac8ba0fc9379195939dc3a851d2bdce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:6b:81:50:70:b0:8a:e0:ab:b0:1c:da:ef:26:
                    00:48:4b:f1:49:a5:d1:4a:28:e0:d8:f4:35:da:28:
                    75:6a:fa:fa:47:1c:d4:95:f6:02:bb:fd:f0:aa:86:
                    de:7b:37:2e:6a:b3:a1:f8:1d:d0:04:ab:8b:be:5a:
                    2a:7f:9a:61:b4:8f:eb:a6:bb:72:82:92:3e:7d:6c:
                    7a:ec:04:3a:f1:54:ab:3c:a6:f5:19:c4:00:81:bf:
                    9a:15:a8:0e:84:16:df:c4:52:b3:54:3a:69:40:ba:
                    0b:99:0a:84:6a:57:d5:80:0f:91:2d:43:8f:a2:e6:
                    05:56:33:11:50:71:a8:cf:c6:26:f9:6b:a2:41:6d:
                    23:67:ae:b9:fe:05:6e:aa:e3:bc:db:1e:c5:8b:28:
                    8e:82:07:10:54:8b:fe:04:5a:e9:d5:b2:dd:df:03:
                    9f:57:95:4d:ab:18:6c:85:27:b8:2e:0a:2a:46:1a:
                    3c:16:4e:02:b2:29:74:9b:58:d3:a2:7c:80:62:5c:
                    17:48:fd:96:a8:aa:06:8a:e9:d8:36:91:a6:d8:74:
                    25:c3:46:c1:9b:35:1c:8c:88:71:44:89:9c:9e:6c:
                    5e:2d:0f:a1:0b:82:54:83:9b:39:db:ee:fe:02:7b:
                    8e:19:c6:bd:0e:21:01:b8:3c:71:88:ba:69:58:f4:
                    3c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:41:CA:5B:3A:C8:BA:0F:C9:37:91:95:93:9D:C3:A8:51:D2:BD:CE
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:aa:0e:88:84:65:49:3c:ec:a6:42:3a:05:7a:f6:e5:39:6e:
         e3:f0:d4:de:ec:60:3c:a4:33:c2:6d:9a:7e:55:18:36:d5:e3:
         5d:ec:8a:f4:00:97:df:a5:62:38:ca:b4:48:8d:b3:b9:d6:86:
         53:c3:53:e5:7c:f5:f3:98:55:13:e4:9e:9d:73:b4:7b:91:c8:
         0e:d1:f7:a4:71:f9:9c:c4:d2:da:58:bf:97:a6:78:90:37:2d:
         d8:73:e5:60:8c:74:2f:a5:e2:a4:76:c6:23:88:1d:a5:d5:5a:
         f3:ef:ea:b7:34:8f:49:48:a9:6f:81:14:9e:4e:65:70:a3:c3:
         1c:f8:32:dd:2a:cd:be:16:11:c0:86:63:51:8e:40:fb:b4:93:
         02:72:a8:e8:64:fc:c3:38:d4:ee:70:de:51:db:74:eb:15:3d:
         01:25:01:2f:76:b6:cf:ba:85:ef:d9:ac:67:87:98:3a:86:13:
         08:89:3e:1f:94:a0:76:91:50:ea:38:40:2f:48:6e:a8:82:6f:
         cd:47:fb:d5:93:43:61:89:62:3e:e3:fe:81:c1:f5:e0:63:b7:
         8b:96:36:23:be:32:a4:08:77:bc:72:46:0d:b8:f7:27:f8:4b:
         3c:93:df:be:5f:ea:86:fc:97:8a:81:d8:3d:51:a9:93:85:4c:
         05:79:14:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lL8iFeGy5kRncCKqaYQ6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjYwNDE5MTAwMTA1WhcNMjYwNDIwMTAwMTA1WjAzMTEwLwYDVQQD
Eyg3ZjQxY2E1YjNhYzhiYTBmYzkzNzkxOTU5MzlkYzNhODUxZDJiZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWuBUHCwiuCrsBza7yYASEvxSaXR
Sijg2PQ12ih1avr6RxzUlfYCu/3wqobeezcuarOh+B3QBKuLvloqf5phtI/rprty
gpI+fWx67AQ68VSrPKb1GcQAgb+aFagOhBbfxFKzVDppQLoLmQqEalfVgA+RLUOP
ouYFVjMRUHGoz8Ym+WuiQW0jZ665/gVuquO82x7FiyiOggcQVIv+BFrp1bLd3wOf
V5VNqxhshSe4LgoqRho8Fk4Csil0m1jTonyAYlwXSP2WqKoGiunYNpGm2HQlw0bB
mzUcjIhxRImcnmxeLQ+hC4JUg5s52+7+AnuOGca9DiEBuDxxiLppWPQ8mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9Byls6yLoPyTeRlZOdw6hR0r3OMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlKoOiIRl
STzspkI6BXr25Tlu4/DU3uxgPKQzwm2aflUYNtXjXeyK9ACX36ViOMq0SI2zudaG
U8NT5Xz185hVE+SenXO0e5HIDtH3pHH5nMTS2li/l6Z4kDct2HPlYIx0L6XipHbG
I4gdpdVa8+/qtzSPSUipb4EUnk5lcKPDHPgy3SrNvhYRwIZjUY5A+7STAnKo6GT8
wzjU7nDeUdt06xU9ASUBL3a2z7qF79msZ4eYOoYTCIk+H5SgdpFQ6jhAL0huqIJv
zUf71ZNDYYliPuP+gcH14GO3i5Y2I74ypAh3vHJGDbj3J/hLPJPfvl/qhvyXioHY
PVGpk4VMBXkUWg==
-----END CERTIFICATE-----