Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          U3fXB5kJkA2y1o49KwfwWkcgRhy3VJKxvAlsmaQfmEs=
Subject key identifier:   84:5F:8B:F9:1C:D3:1A:0B:B7:4B:21:5C:8F:67:68:BB:E8:A2:A9:74
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019D38657A34E17456D09EED129E139E7D15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          1030
Signing time:             Sun 29 Mar 2026 07:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:07 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: exiLh+XGP8XRPzIyqtTUrwsNJmOe9xnIUJ2aai2Ac78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:7a:34:e1:74:56:d0:9e:ed:12:9e:13:9e:7d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Mar 29 07:01:07 2026 GMT
            Not After : Mar 30 07:01:07 2026 GMT
        Subject: CN=845f8bf91cd31a0bb74b215c8f6768bbe8a2a974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:46:c2:2c:e7:28:7b:9a:9d:61:4b:4c:9b:1f:
                    62:d8:13:3e:94:60:b8:69:7f:59:2c:6d:16:04:12:
                    79:90:62:84:a4:3e:f5:50:37:d8:78:f2:7c:d9:93:
                    4f:a2:9c:ad:9c:3f:b1:a9:a0:03:c2:a2:cd:ff:22:
                    0f:b5:63:d3:e4:06:d1:9f:d8:04:58:28:54:5f:51:
                    a6:52:78:2f:bc:9e:45:a8:25:aa:e3:b2:4a:fb:7b:
                    73:f2:a7:6e:ab:cd:4e:c8:6c:7b:55:0e:c0:0f:99:
                    6c:e3:48:3e:9c:74:8d:48:67:d7:b4:b3:a6:81:37:
                    26:c6:93:8e:63:ed:64:6a:0d:98:fa:57:2b:2f:d6:
                    e4:4f:52:79:d7:ae:05:af:8e:4d:b9:31:03:d0:0a:
                    0a:37:bb:94:4e:51:8b:8e:3f:9f:7d:76:7d:a8:1f:
                    23:c2:a2:18:0c:00:04:c9:f8:70:6b:d7:61:e0:7d:
                    e2:ac:92:92:da:37:4c:f7:9c:1a:83:7b:74:6e:aa:
                    f0:ce:32:ab:2a:cc:e2:e9:ab:59:7d:c0:a8:b4:be:
                    dc:9c:10:de:02:f4:25:cf:9a:21:ff:c4:a7:d6:70:
                    34:35:41:44:40:45:c4:36:68:7b:c7:1a:5d:60:13:
                    4a:5a:38:c4:e0:85:25:bb:54:ab:08:22:f0:02:45:
                    f9:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5F:8B:F9:1C:D3:1A:0B:B7:4B:21:5C:8F:67:68:BB:E8:A2:A9:74
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:5f:e7:1a:b5:67:1a:0a:1a:e6:bf:42:4f:31:f7:1a:eb:0c:
         f9:84:3c:09:1a:61:84:51:06:08:53:97:eb:11:28:cd:e0:ee:
         bd:ae:a8:4c:23:46:f4:53:51:49:8f:50:40:44:ed:fc:60:8f:
         b9:d1:b8:27:df:25:37:4b:91:0b:99:b8:99:41:b1:17:1a:06:
         24:76:b0:83:1e:ad:b4:aa:74:f3:44:3b:51:0e:c4:f6:4d:67:
         f0:23:8b:1f:85:69:cc:88:7b:f7:62:e3:1c:09:98:25:ec:cd:
         a2:3d:7c:a8:73:e3:c1:09:cf:2b:9d:06:b7:d0:c5:0c:01:cb:
         d7:ef:28:e9:c6:77:e1:0a:97:1f:12:24:ab:c9:a0:34:fb:f9:
         d7:b4:b0:7b:20:91:23:cb:b8:f1:81:fa:76:c3:fa:51:d2:50:
         f1:f1:a6:f5:4b:fb:b2:88:f9:bc:8d:b7:1f:4d:55:5a:06:ac:
         53:e6:03:23:17:7b:79:df:8f:be:9a:ab:61:c0:77:da:de:f4:
         20:ba:66:24:42:44:93:5e:6b:99:13:44:b9:76:18:fd:99:0d:
         11:00:62:73:d4:cc:b8:54:2f:fa:de:32:c4:50:43:fa:6a:d3:
         07:15:b7:7a:72:d7:5f:0e:15:03:21:ec:e5:ce:92:63:40:b7:
         53:f7:07:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXo04XRW0J7tEp4Tnn0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjYwMzI5MDcwMTA3WhcNMjYwMzMwMDcwMTA3WjAzMTEwLwYDVQQD
Eyg4NDVmOGJmOTFjZDMxYTBiYjc0YjIxNWM4ZjY3NjhiYmU4YTJhOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20bCLOcoe5qdYUtMmx9i2BM+lGC4
aX9ZLG0WBBJ5kGKEpD71UDfYePJ82ZNPopytnD+xqaADwqLN/yIPtWPT5AbRn9gE
WChUX1GmUngvvJ5FqCWq47JK+3tz8qduq81OyGx7VQ7AD5ls40g+nHSNSGfXtLOm
gTcmxpOOY+1kag2Y+lcrL9bkT1J5164Fr45NuTED0AoKN7uUTlGLjj+ffXZ9qB8j
wqIYDAAEyfhwa9dh4H3irJKS2jdM95wag3t0bqrwzjKrKszi6atZfcCotL7cnBDe
AvQlz5oh/8Sn1nA0NUFEQEXENmh7xxpdYBNKWjjE4IUlu1SrCCLwAkX5OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRfi/kc0xoLt0shXI9naLvooql0MB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARF/nGrVn
Ggoa5r9CTzH3GusM+YQ8CRphhFEGCFOX6xEozeDuva6oTCNG9FNRSY9QQETt/GCP
udG4J98lN0uRC5m4mUGxFxoGJHawgx6ttKp080Q7UQ7E9k1n8COLH4VpzIh792Lj
HAmYJezNoj18qHPjwQnPK50Gt9DFDAHL1+8o6cZ34QqXHxIkq8mgNPv517SweyCR
I8u48YH6dsP6UdJQ8fGm9Uv7soj5vI23H01VWgasU+YDIxd7ed+PvpqrYcB32t70
ILpmJEJEk15rmRNEuXYY/ZkNEQBic9TMuFQv+t4yxFBD+mrTBxW3enLXXw4VAyHs
5c6SY0C3U/cHvw==
-----END CERTIFICATE-----