Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft
File:                     JcUDXdNt8HSfTWKZyPy-1hVcARc.mft (raw, json)
Hash identifier:          16DyY2kPi0s7FaKUlliM7j0swo4F5xpj1Rj+Z5OOi2A=
Subject key identifier:   40:EF:E7:A6:26:91:17:AE:B3:AC:7E:69:B2:56:26:F4:65:06:E3:B5
Authority key identifier: 25:C5:03:5D:D3:6D:F0:74:9F:4D:62:99:C8:FC:BE:D6:15:5C:01:17
Certificate issuer:       /CN=25c5035dd36df0749f4d6299c8fcbed6155c0117
Certificate serial:       019CAB6B08778AD1839309F8078ED894FC3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JcUDXdNt8HSfTWKZyPy-1hVcARc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:00:44 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:44 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:44 +0000
Files and hashes:         1: JcUDXdNt8HSfTWKZyPy-1hVcARc.crl (hash: m53itVGY2E+o8VXeh/1/ONi3MG+w0KCoAISG2FtzGH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JcUDXdNt8HSfTWKZyPy-1hVcARc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:08:77:8a:d1:83:93:09:f8:07:8e:d8:94:fc:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25c5035dd36df0749f4d6299c8fcbed6155c0117
        Validity
            Not Before: Mar  1 22:00:44 2026 GMT
            Not After : Mar  2 22:00:44 2026 GMT
        Subject: CN=40efe7a6269117aeb3ac7e69b25626f46506e3b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b8:5f:08:fc:86:01:7d:ac:f0:09:cd:1b:3c:
                    be:d5:e7:b6:1e:81:a4:b4:f6:a1:a6:5b:c3:45:d3:
                    0f:61:73:a5:1c:14:0a:ac:b7:bf:56:3c:08:81:06:
                    54:af:df:4f:0b:c3:6e:e9:13:94:be:d3:fd:87:7f:
                    bc:b8:28:18:4e:8b:99:d5:30:f2:1f:15:c6:0d:6a:
                    94:b4:20:57:d5:31:86:df:88:01:fd:ff:3a:3a:28:
                    b7:04:15:82:7d:c1:96:fd:c0:2a:3c:5c:ce:4a:f1:
                    d2:15:2a:68:5e:31:74:47:68:71:02:89:1f:b5:f2:
                    14:25:8a:ae:25:6c:34:f0:97:51:52:a4:c6:c1:6c:
                    64:8c:49:93:1a:1c:88:b5:b4:b1:b7:ec:68:d2:ce:
                    65:0a:ad:e1:18:63:77:a1:20:15:2a:7f:8b:6e:d0:
                    b5:ed:c9:f9:6d:12:65:36:13:4d:49:8e:04:b9:de:
                    0b:43:8f:0e:00:57:98:29:bc:07:c4:6c:f6:73:ba:
                    94:88:8c:b6:97:35:bf:77:fd:e9:a8:07:68:1e:7d:
                    7e:c7:31:f2:5a:cb:a4:eb:81:bd:2e:a5:20:7d:a3:
                    45:0d:65:b8:22:0a:aa:26:a3:a3:87:90:d6:a1:5c:
                    c5:b0:fe:4b:57:99:e0:b6:3b:71:4d:c5:2e:67:32:
                    ba:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:EF:E7:A6:26:91:17:AE:B3:AC:7E:69:B2:56:26:F4:65:06:E3:B5
            X509v3 Authority Key Identifier:
                keyid:25:C5:03:5D:D3:6D:F0:74:9F:4D:62:99:C8:FC:BE:D6:15:5C:01:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JcUDXdNt8HSfTWKZyPy-1hVcARc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/809cd5-f23f-4720-8c64-59eb384e0967/1/JcUDXdNt8HSfTWKZyPy-1hVcARc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:f4:a6:0a:4c:a4:b4:2b:8c:a5:05:70:84:fd:51:b4:0c:e2:
         ba:05:fc:37:1d:22:2c:92:28:e6:71:e1:d9:be:48:bd:23:1e:
         fb:61:6f:b3:73:47:a0:8b:a3:ed:3b:3e:ed:7d:9b:06:63:fe:
         d5:75:2a:b0:72:cb:45:2f:bd:3e:ee:4e:a6:73:85:af:be:40:
         72:fe:b3:83:ad:b8:fe:00:b9:52:07:c7:86:c7:3f:b7:a0:69:
         8f:ce:89:f7:b5:ee:b8:21:dc:7f:46:86:50:2a:b3:1a:52:0a:
         9b:61:79:64:bf:d3:b9:29:a6:df:1e:b2:32:e7:bb:8b:ad:18:
         0f:f1:12:6d:d4:76:ae:20:cf:e6:8e:b8:e4:90:09:13:d0:1d:
         15:2d:00:41:04:13:71:bf:48:1f:08:32:ed:94:90:e1:e2:cc:
         a4:54:6a:9e:2a:a6:74:24:ed:5f:6f:34:84:a6:fc:47:58:36:
         7e:23:b0:e7:c8:43:aa:2e:bb:f3:94:bb:23:d7:e8:80:ac:95:
         da:eb:57:49:42:99:79:3d:be:25:1d:4f:4e:38:66:f4:59:d6:
         04:69:ce:bc:12:9c:e0:e1:af:a4:94:6d:c7:ce:9f:ac:4e:65:
         ba:24:57:3c:8e:3f:15:1f:dc:0c:6f:9c:eb:fe:30:7e:32:29:
         92:79:74:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawh3itGDkwn4B47YlPw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YzUwMzVkZDM2ZGYwNzQ5ZjRkNjI5OWM4ZmNiZWQ2MTU1
YzAxMTcwHhcNMjYwMzAxMjIwMDQ0WhcNMjYwMzAyMjIwMDQ0WjAzMTEwLwYDVQQD
Eyg0MGVmZTdhNjI2OTExN2FlYjNhYzdlNjliMjU2MjZmNDY1MDZlM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrhfCPyGAX2s8AnNGzy+1ee2HoGk
tPahplvDRdMPYXOlHBQKrLe/VjwIgQZUr99PC8Nu6ROUvtP9h3+8uCgYTouZ1TDy
HxXGDWqUtCBX1TGG34gB/f86Oii3BBWCfcGW/cAqPFzOSvHSFSpoXjF0R2hxAokf
tfIUJYquJWw08JdRUqTGwWxkjEmTGhyItbSxt+xo0s5lCq3hGGN3oSAVKn+LbtC1
7cn5bRJlNhNNSY4Eud4LQ48OAFeYKbwHxGz2c7qUiIy2lzW/d/3pqAdoHn1+xzHy
Wsuk64G9LqUgfaNFDWW4IgqqJqOjh5DWoVzFsP5LV5ngtjtxTcUuZzK6SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDv56YmkReus6x+abJWJvRlBuO1MB8GA1UdIwQY
MBaAFCXFA13TbfB0n01imcj8vtYVXAEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmNVRFhkTnQ4SFNmVFdLWnlQeS0xaFZjQVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy84MDljZDUtZjIzZi00NzIwLThjNjQt
NTllYjM4NGUwOTY3LzEvSmNVRFhkTnQ4SFNmVFdLWnlQeS0xaFZjQVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy84MDljZDUtZjIzZi00NzIwLThjNjQtNTllYjM4NGUwOTY3
LzEvSmNVRFhkTnQ4SFNmVFdLWnlQeS0xaFZjQVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/SmCkyk
tCuMpQVwhP1RtAziugX8Nx0iLJIo5nHh2b5IvSMe+2Fvs3NHoIuj7Ts+7X2bBmP+
1XUqsHLLRS+9Pu5OpnOFr75Acv6zg624/gC5UgfHhsc/t6Bpj86J97XuuCHcf0aG
UCqzGlIKm2F5ZL/TuSmm3x6yMue7i60YD/ESbdR2riDP5o645JAJE9AdFS0AQQQT
cb9IHwgy7ZSQ4eLMpFRqniqmdCTtX280hKb8R1g2fiOw58hDqi6785S7I9fogKyV
2utXSUKZeT2+JR1PTjhm9FnWBGnOvBKc4OGvpJRtx86frE5luiRXPI4/FR/cDG+c
6/4wfjIpknl06A==
-----END CERTIFICATE-----