Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          YuJGL6ySOA3bvu77ThfTIHtS1AdFjhgTWtmtgDIjKXY=
Subject key identifier:   02:69:2C:23:17:BF:33:C8:E5:8E:86:86:0F:2D:FA:92:40:1C:36:A1
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019D3A1CADA8ACD17524822BFDFA1AC003D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          158C
Signing time:             Sun 29 Mar 2026 15:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:51 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: obovJ0vGchxar8YL3qsnVrxUufCqViXZi4Tavun6Eio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 15:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:ad:a8:ac:d1:75:24:82:2b:fd:fa:1a:c0:03:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Mar 29 15:00:51 2026 GMT
            Not After : Mar 30 15:00:51 2026 GMT
        Subject: CN=02692c2317bf33c8e58e86860f2dfa92401c36a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:36:5a:35:28:52:62:b0:f1:ce:0d:72:96:71:
                    98:70:98:8c:63:15:4a:1b:32:c4:1b:57:8d:f7:a6:
                    07:e9:8b:bf:66:fc:3b:64:02:32:a3:bf:f6:1e:86:
                    14:ab:0b:fe:5c:c1:da:2e:78:e2:2e:3d:28:00:2e:
                    0c:88:d7:6d:e3:b1:54:24:b5:29:a1:b6:a1:a1:9b:
                    02:49:38:b7:0c:78:e1:03:50:ba:b0:29:d3:7c:45:
                    5d:1a:e1:0d:6a:f6:07:75:cc:b8:52:ed:1b:05:b4:
                    97:fb:5b:05:f7:33:bc:77:24:e7:f1:ce:93:2b:fa:
                    32:b3:77:e2:43:81:9b:c3:3f:47:40:3e:4e:41:ab:
                    4c:bd:4e:aa:cf:40:9f:ec:63:94:1c:03:27:fe:6c:
                    62:d0:05:19:51:47:24:f1:6f:73:7f:76:df:e2:56:
                    57:e3:74:7e:04:61:97:1b:a9:96:2a:6c:83:58:b8:
                    d8:5a:54:0f:bc:2d:9a:6e:3f:35:aa:08:81:24:3a:
                    c1:e4:bb:57:6c:d7:c0:4e:01:ce:ae:18:a5:45:ed:
                    e8:73:a5:e3:5a:ee:87:72:50:ac:71:59:a5:a6:2f:
                    f5:b1:b7:a4:c3:fc:26:f6:aa:51:b9:48:6e:7e:4e:
                    8f:0d:d2:7a:d2:c4:35:7c:66:61:c3:f1:69:17:89:
                    ba:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:69:2C:23:17:BF:33:C8:E5:8E:86:86:0F:2D:FA:92:40:1C:36:A1
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:98:45:a8:a2:cc:7f:70:9c:ab:46:be:dc:2a:ba:d2:4d:ff:
         38:a2:0e:16:a2:cb:6c:87:49:b8:5f:62:65:ab:bd:9e:ab:fb:
         83:69:4f:fb:43:29:d6:a6:e8:d0:d5:e3:eb:e3:56:d6:da:de:
         6f:bf:c3:8c:06:b0:0f:e3:e1:a2:bc:28:ce:0d:60:d2:a1:88:
         fc:b5:55:fe:74:70:b9:78:df:bd:2f:0c:e8:a5:61:a5:27:e2:
         e4:af:cc:22:68:40:ef:68:54:23:ec:c3:a5:c0:13:c4:e4:fc:
         e1:71:bd:ec:54:a8:56:43:9e:45:26:77:9e:62:ee:ed:33:39:
         ae:a1:6e:d6:40:6b:32:7c:ba:91:77:b3:35:fe:51:53:82:8a:
         dc:4e:3d:cf:7c:f7:df:ca:af:09:77:8f:e7:d5:57:1a:d4:84:
         81:2b:55:52:77:71:39:66:2b:6b:ab:38:64:19:76:0d:90:2f:
         97:d1:4d:93:e9:67:e0:95:00:21:08:d4:b0:83:d9:5a:63:0d:
         7b:32:8d:75:b3:ca:07:56:22:1b:20:59:9b:0a:1f:3f:14:1d:
         08:41:74:7f:37:ae:95:b9:61:b7:15:ec:19:f4:f8:19:c5:64:
         2a:70:8a:8d:9e:99:a2:99:f3:6f:d1:a5:7d:d6:fd:44:e5:ef:
         69:3e:1f:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HK2orNF1JIIr/foawAPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjYwMzI5MTUwMDUxWhcNMjYwMzMwMTUwMDUxWjAzMTEwLwYDVQQD
EygwMjY5MmMyMzE3YmYzM2M4ZTU4ZTg2ODYwZjJkZmE5MjQwMWMzNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjZaNShSYrDxzg1ylnGYcJiMYxVK
GzLEG1eN96YH6Yu/Zvw7ZAIyo7/2HoYUqwv+XMHaLnjiLj0oAC4MiNdt47FUJLUp
obahoZsCSTi3DHjhA1C6sCnTfEVdGuENavYHdcy4Uu0bBbSX+1sF9zO8dyTn8c6T
K/oys3fiQ4Gbwz9HQD5OQatMvU6qz0Cf7GOUHAMn/mxi0AUZUUck8W9zf3bf4lZX
43R+BGGXG6mWKmyDWLjYWlQPvC2abj81qgiBJDrB5LtXbNfATgHOrhilRe3oc6Xj
Wu6HclCscVmlpi/1sbekw/wm9qpRuUhufk6PDdJ60sQ1fGZhw/FpF4m6MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJpLCMXvzPI5Y6Ghg8t+pJAHDahMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB5hFqKLM
f3Ccq0a+3Cq60k3/OKIOFqLLbIdJuF9iZau9nqv7g2lP+0Mp1qbo0NXj6+NW1tre
b7/DjAawD+Phorwozg1g0qGI/LVV/nRwuXjfvS8M6KVhpSfi5K/MImhA72hUI+zD
pcATxOT84XG97FSoVkOeRSZ3nmLu7TM5rqFu1kBrMny6kXezNf5RU4KK3E49z3z3
38qvCXeP59VXGtSEgStVUndxOWYra6s4ZBl2DZAvl9FNk+ln4JUAIQjUsIPZWmMN
ezKNdbPKB1YiGyBZmwofPxQdCEF0fzeulblhtxXsGfT4GcVkKnCKjZ6Zopnzb9Gl
fdb9ROXvaT4ftg==
-----END CERTIFICATE-----