Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          QJFWw7EsoPnKs45BqiENvgPtjMDslXKoHBaepbpHb8s=
Subject key identifier:   48:D9:B5:8D:31:B5:06:F3:9B:87:F0:4E:FD:E0:B4:F3:22:30:DA:6F
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       019D3909C610F5BC1C1F42B91D775AF475C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          099C
Signing time:             Sun 29 Mar 2026 10:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:34 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: J50ULxH/zaiHnr2LcslZcAulp5QHQziDtTKcsrZMV7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 10:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:c6:10:f5:bc:1c:1f:42:b9:1d:77:5a:f4:75:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Mar 29 10:00:34 2026 GMT
            Not After : Mar 30 10:00:34 2026 GMT
        Subject: CN=48d9b58d31b506f39b87f04efde0b4f32230da6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:f7:ae:24:3d:37:55:00:4a:2a:25:6b:91:80:
                    34:77:8b:32:aa:e7:20:c0:b4:a5:48:d7:e6:06:ea:
                    12:53:b0:42:d2:fa:e7:3c:d4:3b:fd:dd:ae:e6:a4:
                    8a:7c:15:7e:df:1d:fd:76:a2:68:41:a9:38:71:95:
                    16:34:65:b5:2c:fd:c1:42:e7:ee:74:f2:f7:a9:a8:
                    f2:1b:cd:59:b5:c9:47:50:3b:af:ac:87:07:3e:20:
                    3d:c2:b2:4e:64:21:7d:48:df:a2:e4:0c:22:55:5d:
                    a2:5c:e0:ee:62:d6:6a:12:bc:1b:b0:8a:78:a2:d2:
                    f6:a0:f9:8a:41:23:e9:bb:24:94:0b:0a:b9:1f:a6:
                    ce:6a:f5:3c:68:a1:94:7a:22:3e:b4:1c:23:1a:dd:
                    89:0e:ac:11:67:b7:a0:26:6a:f2:1c:85:17:b0:78:
                    4c:fe:c3:ee:a9:4b:89:84:68:2d:08:d6:2b:74:ea:
                    14:69:4c:dd:0b:42:fe:7c:19:85:15:ea:42:40:62:
                    d9:17:81:62:e7:75:10:88:8f:9c:a9:6b:b0:66:7c:
                    30:fc:96:4a:77:af:03:92:0e:15:34:42:aa:26:e7:
                    61:c3:54:c1:cf:8f:f2:fb:84:68:5f:e6:1a:4c:3c:
                    ca:f8:d7:5b:57:f2:be:a4:19:b5:7c:1d:08:24:19:
                    72:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D9:B5:8D:31:B5:06:F3:9B:87:F0:4E:FD:E0:B4:F3:22:30:DA:6F
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:33:e4:d0:86:0c:51:2c:10:66:e9:29:9e:cb:b4:d9:70:cb:
         f3:a1:63:9f:9a:6c:cc:62:59:81:ff:f9:df:8b:97:46:36:bd:
         a8:3d:5c:fb:64:18:7e:91:3f:f6:d5:fc:da:af:3d:92:14:50:
         01:08:fa:66:07:fa:26:36:78:51:a1:41:e0:59:82:51:af:20:
         4d:d8:4e:f6:55:4c:6c:e1:15:ce:03:7e:f5:03:87:01:c0:78:
         5f:68:06:08:3d:7a:35:6c:66:a8:74:cb:55:76:3e:62:55:05:
         0c:f9:e2:a6:92:f5:88:9a:0f:0c:49:93:9f:02:8b:4e:76:e7:
         18:7a:e1:33:0f:6b:78:5b:53:83:9d:f3:89:79:b9:e1:bf:31:
         94:a0:d4:96:aa:79:5c:b4:ef:38:c6:8f:5f:29:f6:64:4f:0c:
         bf:ce:ac:bf:87:fb:34:6e:46:ab:a8:43:26:6b:3a:29:12:5d:
         39:6a:38:e5:bf:68:68:e6:d5:14:a7:58:5c:7b:ba:ee:a0:34:
         a3:ac:45:be:7c:6c:2e:ff:d7:89:42:58:af:4f:f6:db:08:e3:
         9b:97:88:9e:8c:35:88:76:a7:9e:0a:07:e9:a2:76:10:b1:2f:
         0b:cd:6b:44:b1:7d:d3:4b:24:42:53:98:83:99:99:d1:9b:ad:
         d1:a7:81:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcYQ9bwcH0K5HXda9HXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjYwMzI5MTAwMDM0WhcNMjYwMzMwMTAwMDM0WjAzMTEwLwYDVQQD
Eyg0OGQ5YjU4ZDMxYjUwNmYzOWI4N2YwNGVmZGUwYjRmMzIyMzBkYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8feuJD03VQBKKiVrkYA0d4syqucg
wLSlSNfmBuoSU7BC0vrnPNQ7/d2u5qSKfBV+3x39dqJoQak4cZUWNGW1LP3BQufu
dPL3qajyG81ZtclHUDuvrIcHPiA9wrJOZCF9SN+i5AwiVV2iXODuYtZqErwbsIp4
otL2oPmKQSPpuySUCwq5H6bOavU8aKGUeiI+tBwjGt2JDqwRZ7egJmryHIUXsHhM
/sPuqUuJhGgtCNYrdOoUaUzdC0L+fBmFFepCQGLZF4Fi53UQiI+cqWuwZnww/JZK
d68Dkg4VNEKqJudhw1TBz4/y+4RoX+YaTDzK+NdbV/K+pBm1fB0IJBlyMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjZtY0xtQbzm4fwTv3gtPMiMNpvMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiDPk0IYM
USwQZukpnsu02XDL86Fjn5pszGJZgf/534uXRja9qD1c+2QYfpE/9tX82q89khRQ
AQj6Zgf6JjZ4UaFB4FmCUa8gTdhO9lVMbOEVzgN+9QOHAcB4X2gGCD16NWxmqHTL
VXY+YlUFDPnippL1iJoPDEmTnwKLTnbnGHrhMw9reFtTg53ziXm54b8xlKDUlqp5
XLTvOMaPXyn2ZE8Mv86sv4f7NG5Gq6hDJms6KRJdOWo45b9oaObVFKdYXHu67qA0
o6xFvnxsLv/XiUJYr0/22wjjm5eInow1iHanngoH6aJ2ELEvC81rRLF900skQlOY
g5mZ0Zut0aeBKg==
-----END CERTIFICATE-----