Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          861OnfUXo6oG/brK0Mg3mi1rCrGpMvjqjUqCYzM4vvM=
Subject key identifier:   46:5A:E2:89:85:14:C8:49:2F:17:51:E3:15:F9:E7:B0:E4:EB:F3:58
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019D394157AFF8353D186A5CFD0AD10499EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          07EC
Signing time:             Sun 29 Mar 2026 11:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:16 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: OY79m76UyhpC0yb4QAsaggwMeQ9CzUNiZSwVu1kU+cs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:57:af:f8:35:3d:18:6a:5c:fd:0a:d1:04:99:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Mar 29 11:01:16 2026 GMT
            Not After : Mar 30 11:01:16 2026 GMT
        Subject: CN=465ae2898514c8492f1751e315f9e7b0e4ebf358
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f0:6d:29:8f:02:65:d9:42:b1:5b:7f:35:73:
                    64:f8:d1:ce:b2:d1:30:ec:d8:64:7e:ac:7f:dd:18:
                    be:e4:b7:00:36:a1:06:b4:0f:7c:4a:21:19:f1:80:
                    b0:de:4b:39:92:9d:e4:b1:20:da:11:fa:da:5b:a9:
                    b9:38:1e:52:b0:56:72:be:bb:2a:ee:ad:b3:bc:34:
                    17:01:e9:67:b8:9f:a7:94:81:f9:33:11:f2:29:ce:
                    91:93:6f:b0:2a:f3:93:5b:b0:57:04:a4:78:15:dc:
                    b3:ab:f1:a4:53:d2:d8:e5:6c:13:51:e0:4c:f5:21:
                    33:ce:a4:57:4e:4c:21:2a:e3:e8:36:27:10:67:9a:
                    c4:c9:5e:0f:5a:c3:44:23:44:88:c3:59:fb:36:b2:
                    9b:9c:68:d7:6f:63:09:97:c9:95:76:9a:e0:08:90:
                    de:86:85:a4:dd:5b:8b:dc:62:34:3e:19:0c:f0:cf:
                    34:f6:31:a5:6b:21:e7:c3:13:2a:7a:4f:fc:2d:1a:
                    fa:24:13:46:c1:c5:62:e4:4e:ad:6c:42:f0:e2:7b:
                    b5:20:08:49:a7:74:0d:3b:f6:f8:40:fc:d5:a5:89:
                    92:ae:a3:34:a1:1a:96:7b:41:5a:a3:53:45:a3:b4:
                    fa:0a:eb:c9:17:d6:6a:73:77:6e:ce:94:e9:de:a1:
                    4a:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:5A:E2:89:85:14:C8:49:2F:17:51:E3:15:F9:E7:B0:E4:EB:F3:58
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:91:f6:9a:ba:e0:15:b9:e4:b5:eb:cb:a8:2e:d1:55:02:0c:
         58:e6:48:4a:7a:c2:65:9e:de:49:cd:be:93:3d:40:ec:14:1f:
         16:22:84:74:b8:c0:3d:ad:eb:51:3a:8b:8e:21:1c:a8:c5:11:
         fb:26:51:69:f5:2c:b4:73:d7:11:e8:c8:60:fb:2e:5a:42:5a:
         c6:93:21:55:fb:ef:3e:92:a3:81:46:be:c1:65:b0:78:69:da:
         02:7f:8f:70:63:49:a9:ff:01:04:70:23:09:8e:1d:da:50:29:
         07:f7:69:9a:87:db:5f:a6:46:9c:b1:f4:91:6a:3d:88:50:ef:
         9f:f3:90:1e:34:61:f9:45:40:ec:b7:eb:bb:68:84:bc:ca:fb:
         31:5c:c9:e6:15:b1:3d:2b:78:98:8e:80:59:09:75:7d:5a:79:
         b4:a2:6c:65:82:a6:13:d3:28:c9:98:bf:05:11:3b:22:72:95:
         96:84:1c:4f:98:d0:ec:08:18:62:5f:ef:49:01:fe:c1:4a:95:
         5d:1b:3a:60:8a:fb:1e:31:5f:61:a3:b7:4c:b6:b2:01:dd:83:
         9c:da:7c:aa:2d:1e:49:24:43:ce:d5:7b:02:be:7d:b6:05:28:
         30:c0:98:7f:3a:00:d8:b3:91:31:ca:9d:0a:66:fe:01:a7:af:
         a5:d8:30:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QVev+DU9GGpc/QrRBJnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjYwMzI5MTEwMTE2WhcNMjYwMzMwMTEwMTE2WjAzMTEwLwYDVQQD
Eyg0NjVhZTI4OTg1MTRjODQ5MmYxNzUxZTMxNWY5ZTdiMGU0ZWJmMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfBtKY8CZdlCsVt/NXNk+NHOstEw
7Nhkfqx/3Ri+5LcANqEGtA98SiEZ8YCw3ks5kp3ksSDaEfraW6m5OB5SsFZyvrsq
7q2zvDQXAelnuJ+nlIH5MxHyKc6Rk2+wKvOTW7BXBKR4Fdyzq/GkU9LY5WwTUeBM
9SEzzqRXTkwhKuPoNicQZ5rEyV4PWsNEI0SIw1n7NrKbnGjXb2MJl8mVdprgCJDe
hoWk3VuL3GI0PhkM8M809jGlayHnwxMqek/8LRr6JBNGwcVi5E6tbELw4nu1IAhJ
p3QNO/b4QPzVpYmSrqM0oRqWe0Fao1NFo7T6CuvJF9Zqc3duzpTp3qFKtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZa4omFFMhJLxdR4xX557Dk6/NYMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnpH2mrrg
FbnktevLqC7RVQIMWOZISnrCZZ7eSc2+kz1A7BQfFiKEdLjAPa3rUTqLjiEcqMUR
+yZRafUstHPXEejIYPsuWkJaxpMhVfvvPpKjgUa+wWWweGnaAn+PcGNJqf8BBHAj
CY4d2lApB/dpmofbX6ZGnLH0kWo9iFDvn/OQHjRh+UVA7Lfru2iEvMr7MVzJ5hWx
PSt4mI6AWQl1fVp5tKJsZYKmE9MoyZi/BRE7InKVloQcT5jQ7AgYYl/vSQH+wUqV
XRs6YIr7HjFfYaO3TLayAd2DnNp8qi0eSSRDztV7Ar59tgUoMMCYfzoA2LORMcqd
Cmb+Aaevpdgwfg==
-----END CERTIFICATE-----