Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          sh3l0aIM+c29keyt3o9REEw2xmQAHIkcTv7JvIjJV+o=
Subject key identifier:   BE:32:36:2B:36:8B:0F:86:91:5B:27:9C:C4:BF:9C:EF:E0:6C:CE:A8
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       019D38D311D6E335034E7A0E3CCBCBBFFBFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:49 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: zUjmQgp7fqspOXAV3UzYLeTlhmIKtQoAMz8YDslj4Rk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:11:d6:e3:35:03:4e:7a:0e:3c:cb:cb:bf:fb:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Mar 29 09:00:49 2026 GMT
            Not After : Mar 30 09:00:49 2026 GMT
        Subject: CN=be32362b368b0f86915b279cc4bf9cefe06ccea8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a3:0e:db:f1:f8:1f:a1:f5:f3:e0:67:b0:2a:
                    2e:d5:2e:e8:4e:b6:c1:ed:58:a4:f5:8a:e8:ea:56:
                    92:e4:8a:73:e3:54:9c:57:64:71:ac:ca:35:d7:05:
                    00:5b:50:45:cc:bb:3e:11:0e:a8:7a:aa:07:5e:20:
                    10:0e:f6:6c:a3:0a:1a:5b:af:0b:b5:49:2c:42:b7:
                    0e:16:b2:64:43:d2:9d:cb:93:d1:7d:36:40:f9:bd:
                    93:b4:2b:96:90:be:3f:ce:85:3b:83:87:d7:95:c5:
                    a4:3d:f4:19:cc:7c:97:aa:8a:8b:cc:9f:bc:1e:28:
                    b1:1a:9c:cf:8e:d4:83:3e:ee:24:30:97:90:93:df:
                    18:bb:63:66:f2:4f:be:1a:8f:39:0e:ed:70:ca:b1:
                    5a:59:a2:73:b4:69:c1:71:3e:c8:fc:27:fa:8d:0f:
                    d7:7c:43:dc:73:1b:c4:3b:95:a3:fb:65:67:1b:4d:
                    b2:07:9d:af:9b:33:49:5a:e8:78:c9:c4:03:de:2c:
                    ed:dd:8e:16:34:17:29:02:19:82:4a:fe:09:04:56:
                    f7:db:91:ba:2b:44:6e:2c:36:37:5a:7c:7d:ec:9a:
                    89:dd:31:b6:78:05:65:bb:0e:c9:d8:9a:ab:fc:56:
                    fb:b9:fa:87:a5:f9:c7:cb:0b:8a:c5:db:79:90:23:
                    f2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:32:36:2B:36:8B:0F:86:91:5B:27:9C:C4:BF:9C:EF:E0:6C:CE:A8
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:1a:43:0b:ec:b1:b2:0d:e7:53:53:d4:12:21:d7:08:52:33:
         e0:96:69:81:38:db:90:1c:1b:85:97:41:af:b5:4b:e9:2c:25:
         b7:10:7d:af:96:5c:c8:80:58:38:c8:98:70:e5:f1:f5:9f:e8:
         bb:20:22:11:2c:47:c8:5b:bc:47:36:a1:96:5f:e2:2c:84:7f:
         4e:de:fa:1f:28:9d:80:bc:b1:d5:ce:83:e4:95:06:fb:a0:42:
         6a:2c:d5:5f:c6:7e:cf:d3:70:e8:de:8d:88:c6:e2:ef:59:8a:
         63:ea:47:cf:00:0c:41:87:31:d8:f1:8e:3b:da:13:3b:0d:dd:
         ad:58:43:03:14:aa:ba:42:d8:7c:ee:bf:98:97:41:25:43:e3:
         df:e1:ee:38:34:d5:4c:97:a5:44:5b:e5:19:e0:93:f3:3a:7f:
         69:07:e9:22:f3:66:b1:7a:1d:24:92:a0:af:ac:ae:a8:f8:99:
         c8:61:cc:20:36:3e:9c:ea:24:f3:6e:5f:10:28:1d:f1:f9:09:
         6b:b2:e1:db:29:17:a3:15:4e:29:3c:f3:07:6f:59:3b:5f:a1:
         2c:d6:79:1c:13:e5:7f:9e:2d:38:e8:92:39:a2:ad:ec:fe:f5:
         a7:51:f2:16:9d:3c:3a:ce:a3:f9:22:59:a1:71:4e:6b:ea:0a:
         f2:3e:56:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xHW4zUDTnoOPMvLv/v/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjYwMzI5MDkwMDQ5WhcNMjYwMzMwMDkwMDQ5WjAzMTEwLwYDVQQD
EyhiZTMyMzYyYjM2OGIwZjg2OTE1YjI3OWNjNGJmOWNlZmUwNmNjZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqMO2/H4H6H18+BnsCou1S7oTrbB
7Vik9Yro6laS5Ipz41ScV2RxrMo11wUAW1BFzLs+EQ6oeqoHXiAQDvZsowoaW68L
tUksQrcOFrJkQ9Kdy5PRfTZA+b2TtCuWkL4/zoU7g4fXlcWkPfQZzHyXqoqLzJ+8
HiixGpzPjtSDPu4kMJeQk98Yu2Nm8k++Go85Du1wyrFaWaJztGnBcT7I/Cf6jQ/X
fEPccxvEO5Wj+2VnG02yB52vmzNJWuh4ycQD3izt3Y4WNBcpAhmCSv4JBFb325G6
K0RuLDY3Wnx97JqJ3TG2eAVluw7J2Jqr/Fb7ufqHpfnHywuKxdt5kCPyMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4yNis2iw+GkVsnnMS/nO/gbM6oMB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBpDC+yx
sg3nU1PUEiHXCFIz4JZpgTjbkBwbhZdBr7VL6SwltxB9r5ZcyIBYOMiYcOXx9Z/o
uyAiESxHyFu8Rzahll/iLIR/Tt76HyidgLyx1c6D5JUG+6BCaizVX8Z+z9Nw6N6N
iMbi71mKY+pHzwAMQYcx2PGOO9oTOw3drVhDAxSqukLYfO6/mJdBJUPj3+HuODTV
TJelRFvlGeCT8zp/aQfpIvNmsXodJJKgr6yuqPiZyGHMIDY+nOok825fECgd8fkJ
a7Lh2ykXoxVOKTzzB29ZO1+hLNZ5HBPlf54tOOiSOaKt7P71p1HyFp08Os6j+SJZ
oXFOa+oK8j5WuQ==
-----END CERTIFICATE-----