Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
File:                     qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft (raw, json)
Hash identifier:          k8Umyk/8YmZ2iG5u0TRfSKVLBp6I00Aayrm6sxHg+gU=
Subject key identifier:   25:0D:FE:C0:BC:7C:B5:C3:CC:1D:DA:7D:AD:EA:F4:93:A3:6D:54:97
Authority key identifier: A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23
Certificate issuer:       /CN=a948d011edb8cd33e66767880ca4ab3061d9c523
Certificate serial:       019D3789418618C9B2FB5DE02CB9A70E7C6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
Manifest number:          05A6
Signing time:             Sun 29 Mar 2026 03:00:35 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:35 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:35 +0000
Files and hashes:         1: qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl (hash: arYyGk243avs1aODbRwOMahsPj5VAJdYAf9um6hyi88=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:41:86:18:c9:b2:fb:5d:e0:2c:b9:a7:0e:7c:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a948d011edb8cd33e66767880ca4ab3061d9c523
        Validity
            Not Before: Mar 29 03:00:35 2026 GMT
            Not After : Mar 30 03:00:35 2026 GMT
        Subject: CN=250dfec0bc7cb5c3cc1dda7dadeaf493a36d5497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:68:94:03:7e:f9:fe:4e:77:ba:28:c0:0f:e8:
                    43:2c:91:c6:c8:6d:a7:50:4e:06:38:e0:32:f7:43:
                    8f:66:1a:96:6c:d0:ec:ef:77:47:62:9c:56:aa:db:
                    69:30:58:af:53:ed:0f:b9:b3:cb:2b:01:9f:08:7b:
                    6d:b3:89:36:91:57:5c:4e:0c:aa:cc:77:f2:80:c7:
                    c6:7e:0b:4a:f8:b0:eb:2a:e7:1d:3e:49:07:12:6f:
                    ef:67:50:75:08:fc:2d:56:a8:b3:d9:f3:25:52:41:
                    09:d1:d1:8f:77:3c:12:91:6d:d8:4c:7a:93:57:97:
                    af:c9:3d:a1:1d:9f:22:99:4b:52:13:07:0e:34:bf:
                    31:77:67:52:05:aa:78:3e:5a:58:35:94:b4:79:76:
                    c8:05:7a:50:06:ed:47:d4:d2:be:d2:b2:d6:d5:a2:
                    8b:0f:4c:85:5d:13:d8:ae:87:4a:65:95:d7:a5:63:
                    07:49:ad:dd:e1:51:50:58:d2:5f:a0:a2:d4:a8:0e:
                    d3:5c:0f:3e:43:53:ac:b2:6c:e4:f0:09:1a:bb:8c:
                    f1:39:26:7f:3d:ce:a5:56:b8:7b:56:a3:0f:54:a5:
                    e4:04:50:b4:ee:a1:1c:4f:a5:48:a7:8c:ad:79:c5:
                    15:0d:25:ed:7a:28:d6:72:67:9d:2a:7f:9b:56:fe:
                    53:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0D:FE:C0:BC:7C:B5:C3:CC:1D:DA:7D:AD:EA:F4:93:A3:6D:54:97
            X509v3 Authority Key Identifier:
                keyid:A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:7d:4f:85:fd:55:ff:63:22:1c:45:62:47:fb:d1:c9:08:99:
         d7:9e:81:30:9e:72:d5:d9:29:9e:5a:62:f4:fe:19:f9:3b:99:
         2a:1b:a5:04:0b:b8:e6:78:b3:d8:ca:ac:d4:4e:09:ac:8c:57:
         a0:e4:4e:4a:75:68:23:2c:33:ff:e4:aa:5e:f8:e4:d8:6f:92:
         22:74:a2:87:ad:d0:09:5a:96:7b:87:59:6c:07:92:27:66:08:
         6f:b7:d2:8f:bb:dc:9e:b7:a2:60:00:f4:d2:ae:3c:04:1a:91:
         3e:61:a6:66:ae:e7:13:0c:15:4a:33:af:b2:9e:48:ad:b3:7f:
         bb:eb:f8:0d:71:e1:7b:a5:19:50:24:20:12:6e:a0:96:93:40:
         12:72:66:da:7f:40:f4:45:12:97:10:bf:8f:3e:18:cf:64:8e:
         e9:16:20:06:cc:63:d0:64:53:9b:e1:25:0f:0c:f0:24:a4:ee:
         38:95:f2:24:c9:aa:04:d9:8b:6c:0d:90:7c:c4:77:e9:2a:cf:
         d8:e1:2d:a1:3d:74:d9:b4:55:0b:a8:53:32:f2:21:3c:12:be:
         a7:21:f9:30:40:31:48:20:66:bc:89:f4:20:4a:2a:dd:47:2b:
         67:aa:07:db:96:7c:44:60:3d:30:53:8c:05:1b:54:8c:e7:f4:
         ba:68:69:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iUGGGMmy+13gLLmnDnxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NDhkMDExZWRiOGNkMzNlNjY3Njc4ODBjYTRhYjMwNjFk
OWM1MjMwHhcNMjYwMzI5MDMwMDM1WhcNMjYwMzMwMDMwMDM1WjAzMTEwLwYDVQQD
EygyNTBkZmVjMGJjN2NiNWMzY2MxZGRhN2RhZGVhZjQ5M2EzNmQ1NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GiUA375/k53uijAD+hDLJHGyG2n
UE4GOOAy90OPZhqWbNDs73dHYpxWqttpMFivU+0PubPLKwGfCHtts4k2kVdcTgyq
zHfygMfGfgtK+LDrKucdPkkHEm/vZ1B1CPwtVqiz2fMlUkEJ0dGPdzwSkW3YTHqT
V5evyT2hHZ8imUtSEwcONL8xd2dSBap4PlpYNZS0eXbIBXpQBu1H1NK+0rLW1aKL
D0yFXRPYrodKZZXXpWMHSa3d4VFQWNJfoKLUqA7TXA8+Q1Ossmzk8Akau4zxOSZ/
Pc6lVrh7VqMPVKXkBFC07qEcT6VIp4ytecUVDSXteijWcmedKn+bVv5TCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUN/sC8fLXDzB3afa3q9JOjbVSXMB8GA1UdIwQY
MBaAFKlI0BHtuM0z5mdniAykqzBh2cUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4Mjgt
M2Q1NDlmYmI4MzdmLzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4MjgtM2Q1NDlmYmI4Mzdm
LzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs31Phf1V
/2MiHEViR/vRyQiZ156BMJ5y1dkpnlpi9P4Z+TuZKhulBAu45niz2Mqs1E4JrIxX
oOROSnVoIywz/+SqXvjk2G+SInSih63QCVqWe4dZbAeSJ2YIb7fSj7vcnreiYAD0
0q48BBqRPmGmZq7nEwwVSjOvsp5IrbN/u+v4DXHhe6UZUCQgEm6glpNAEnJm2n9A
9EUSlxC/jz4Yz2SO6RYgBsxj0GRTm+ElDwzwJKTuOJXyJMmqBNmLbA2QfMR36SrP
2OEtoT102bRVC6hTMvIhPBK+pyH5MEAxSCBmvIn0IEoq3UcrZ6oH25Z8RGA9MFOM
BRtUjOf0umhpBQ==
-----END CERTIFICATE-----