Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
File:                     JchJyqV3LJi4E8E7TzD85PSNLa4.mft (raw, json)
Hash identifier:          y460jy1e1ONDKwdNHg8NqNCRbLqARY+WWD2SEUWsYbM=
Subject key identifier:   87:07:58:10:40:65:49:0B:67:79:75:78:2B:F7:EE:44:C0:75:8E:2A
Authority key identifier: 25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE
Certificate issuer:       /CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
Certificate serial:       019CAA219056A97555F32FEDE229BB76AC8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
Manifest number:          0C1A
Signing time:             Sun 01 Mar 2026 16:00:52 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:52 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:52 +0000
Files and hashes:         1: JchJyqV3LJi4E8E7TzD85PSNLa4.crl (hash: eE5IW1vVPG0peqR05PcBHtq+GbNDHqPtIaGVyNcA3Lk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:90:56:a9:75:55:f3:2f:ed:e2:29:bb:76:ac:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c849caa5772c98b813c13b4f30fce4f48d2dae
        Validity
            Not Before: Mar  1 16:00:52 2026 GMT
            Not After : Mar  2 16:00:52 2026 GMT
        Subject: CN=870758104065490b677975782bf7ee44c0758e2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:44:bc:94:86:8b:06:ca:d7:84:2c:0f:a7:3a:
                    cc:63:e5:72:05:ba:a7:ad:42:49:91:6c:13:f7:99:
                    59:19:3d:68:1e:7e:8c:e7:a4:38:94:7d:be:00:64:
                    5f:cf:bb:ea:cf:39:3d:e1:1d:6e:b9:53:63:3f:f6:
                    71:6a:16:69:1f:95:f5:b0:19:9d:47:3f:b6:34:34:
                    82:fd:10:32:65:d7:0a:f4:cc:a5:e1:7a:29:32:cf:
                    c1:1f:67:af:31:2d:5e:62:9f:95:02:d3:41:53:a7:
                    27:d5:80:96:94:45:45:8c:87:4d:f2:cb:da:70:1b:
                    ad:a3:88:fc:18:fd:3d:15:89:6c:25:0b:42:38:47:
                    fb:21:7c:3b:7f:e1:83:86:c3:49:b3:55:e3:84:bb:
                    0d:c8:a9:8e:25:13:7f:b2:82:ce:a5:76:cc:29:56:
                    a7:29:2a:d0:0c:62:bc:ef:91:21:67:24:a8:72:35:
                    e7:fa:4c:5d:9a:1b:18:08:0c:12:67:fc:49:cc:76:
                    22:cb:7b:f9:cf:3f:08:46:09:8e:b7:e9:89:be:73:
                    d9:b8:db:f7:73:cf:e8:27:2e:99:1b:8d:a2:97:1b:
                    57:0d:68:8e:83:ed:27:be:48:5e:85:9d:86:3b:2c:
                    b9:d7:8e:56:9e:bd:17:66:9c:38:f0:db:21:13:90:
                    3f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:07:58:10:40:65:49:0B:67:79:75:78:2B:F7:EE:44:C0:75:8E:2A
            X509v3 Authority Key Identifier:
                keyid:25:C8:49:CA:A5:77:2C:98:B8:13:C1:3B:4F:30:FC:E4:F4:8D:2D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JchJyqV3LJi4E8E7TzD85PSNLa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8544a0-ae46-4da2-ad2d-e893b13b2c9f/1/JchJyqV3LJi4E8E7TzD85PSNLa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:72:f9:ef:02:7f:8a:6c:87:6d:05:2b:f6:04:2a:20:74:22:
         0b:45:c0:2d:a0:54:42:1d:40:6b:20:dd:4e:93:66:df:0c:3e:
         54:2e:c7:85:b9:95:f4:c7:d3:4b:85:4a:f9:bc:ad:1f:15:be:
         74:ce:75:2a:14:04:e0:83:73:6d:fb:00:6e:82:71:20:72:2e:
         db:e7:ae:44:93:3e:8a:66:ca:a8:57:fd:28:fc:17:f5:23:52:
         b1:0f:fc:c5:f4:f6:06:c2:45:7b:12:73:10:aa:33:dd:78:02:
         f1:a6:f7:45:01:e3:1b:b6:79:93:43:04:d0:ff:96:ff:a1:d5:
         2b:03:b5:d3:e5:58:ab:63:22:1f:d6:07:77:ed:ef:79:8b:7b:
         71:83:e1:b0:13:4a:d4:28:97:2f:49:1a:a3:38:e8:45:3d:b1:
         b9:a5:5f:0f:62:a6:33:35:f1:73:3a:11:21:9a:19:0f:39:7f:
         54:ef:43:fb:d0:24:d5:bd:3f:94:17:7b:31:21:8a:e3:de:36:
         44:3c:ed:80:5c:37:70:a2:5a:8d:6a:5a:67:46:35:3c:4f:47:
         b7:2f:b1:90:0d:a7:8e:3c:d3:74:6b:82:ea:f5:d8:c2:9f:c8:
         09:dd:b4:c7:08:f8:bd:a2:c4:6b:ba:ec:74:80:0c:bd:12:a3:
         80:0c:0b:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIZBWqXVV8y/t4im7dqyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Yzg0OWNhYTU3NzJjOThiODEzYzEzYjRmMzBmY2U0ZjQ4
ZDJkYWUwHhcNMjYwMzAxMTYwMDUyWhcNMjYwMzAyMTYwMDUyWjAzMTEwLwYDVQQD
Eyg4NzA3NTgxMDQwNjU0OTBiNjc3OTc1NzgyYmY3ZWU0NGMwNzU4ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUS8lIaLBsrXhCwPpzrMY+VyBbqn
rUJJkWwT95lZGT1oHn6M56Q4lH2+AGRfz7vqzzk94R1uuVNjP/ZxahZpH5X1sBmd
Rz+2NDSC/RAyZdcK9Myl4XopMs/BH2evMS1eYp+VAtNBU6cn1YCWlEVFjIdN8sva
cButo4j8GP09FYlsJQtCOEf7IXw7f+GDhsNJs1XjhLsNyKmOJRN/soLOpXbMKVan
KSrQDGK875EhZySocjXn+kxdmhsYCAwSZ/xJzHYiy3v5zz8IRgmOt+mJvnPZuNv3
c8/oJy6ZG42ilxtXDWiOg+0nvkhehZ2GOyy5145Wnr0XZpw48NshE5A/lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcHWBBAZUkLZ3l1eCv37kTAdY4qMB8GA1UdIwQY
MBaAFCXIScqldyyYuBPBO08w/OT0jS2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQt
ZTg5M2IxM2IyYzlmLzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84NTQ0YTAtYWU0Ni00ZGEyLWFkMmQtZTg5M2IxM2IyYzlm
LzEvSmNoSnlxVjNMSmk0RThFN1R6RDg1UFNOTGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXL57wJ/
imyHbQUr9gQqIHQiC0XALaBUQh1AayDdTpNm3ww+VC7HhbmV9MfTS4VK+bytHxW+
dM51KhQE4INzbfsAboJxIHIu2+euRJM+imbKqFf9KPwX9SNSsQ/8xfT2BsJFexJz
EKoz3XgC8ab3RQHjG7Z5k0ME0P+W/6HVKwO10+VYq2MiH9YHd+3veYt7cYPhsBNK
1CiXL0kaozjoRT2xuaVfD2KmMzXxczoRIZoZDzl/VO9D+9Ak1b0/lBd7MSGK4942
RDztgFw3cKJajWpaZ0Y1PE9Hty+xkA2njjzTdGuC6vXYwp/ICd20xwj4vaLEa7rs
dIAMvRKjgAwLrA==
-----END CERTIFICATE-----