Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          6eLGoSQGdOVhZ3AB4HWz2X35QuDCzD7TP963SF0vFDY=
Subject key identifier:   BA:D2:BB:2F:A2:97:AF:D5:10:26:A3:9E:C9:9D:85:10:BF:1F:8E:5D
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       019D390A194A0FD8FC14AD08EED19E5C6734
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          07B3
Signing time:             Sun 29 Mar 2026 10:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:56 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: Co4zSUEoBBHhjMOR4neWujavymuNlpjoDtTmhKVvWP8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 10:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:19:4a:0f:d8:fc:14:ad:08:ee:d1:9e:5c:67:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Mar 29 10:00:56 2026 GMT
            Not After : Mar 30 10:00:56 2026 GMT
        Subject: CN=bad2bb2fa297afd51026a39ec99d8510bf1f8e5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a4:e8:16:7a:19:38:0d:ad:d9:54:fd:1a:93:
                    30:93:c1:c7:21:ce:9e:04:fc:59:c6:55:6c:a1:b4:
                    e1:1f:43:96:45:7f:00:77:5e:7d:0c:6b:95:36:23:
                    ed:8d:f4:f3:0a:71:7d:11:71:7c:2e:22:d6:99:2b:
                    f7:8d:c2:fd:38:c1:0a:de:a9:6b:07:67:f1:21:a5:
                    34:b7:76:69:91:5d:c1:e9:7e:7e:6e:81:c4:72:c7:
                    5e:0b:35:c8:c9:fb:10:56:e4:21:d4:2b:ad:a6:73:
                    ff:82:f3:76:d6:ce:34:17:ad:a2:8e:b9:4d:be:5f:
                    1c:ae:09:4f:2e:29:5a:31:fc:0c:1d:e9:02:03:4a:
                    f1:6c:c6:5e:b5:b1:5c:68:b3:2e:87:9f:5b:0e:36:
                    75:7b:0f:c8:0a:8c:33:4c:92:75:2d:4e:8f:70:ea:
                    22:db:0b:36:6c:20:1f:38:ca:de:23:7a:eb:9b:bb:
                    49:46:00:38:d1:5f:b5:18:ce:ea:c3:51:a1:23:b9:
                    24:de:8c:d3:9e:3f:8f:94:77:d7:6a:98:ec:9d:91:
                    01:12:21:cc:77:37:06:4b:6d:f2:ce:13:55:7c:58:
                    03:18:f7:68:85:b7:93:e2:a6:f5:99:2e:0e:db:ef:
                    9a:7f:b5:8b:4e:a2:e2:a1:a1:c4:c8:98:84:5b:24:
                    4e:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:D2:BB:2F:A2:97:AF:D5:10:26:A3:9E:C9:9D:85:10:BF:1F:8E:5D
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:e0:4f:26:12:22:28:18:b4:1b:03:bb:62:6b:f4:c1:dc:2b:
         98:ea:2d:02:cf:77:12:0c:0b:96:77:fc:1a:ee:94:ca:5f:1c:
         06:c2:c9:b5:a2:ca:ad:81:0e:d6:45:d1:85:92:9b:59:ec:f6:
         37:4b:2a:45:ca:ff:55:e1:30:13:43:7d:7a:fa:6a:43:4c:95:
         b5:7d:aa:90:d1:d2:dd:5b:e8:b6:0f:27:c4:07:91:38:de:a4:
         0d:44:34:76:93:a5:eb:44:61:b5:59:cf:9d:66:4c:e1:2b:76:
         31:70:cc:60:54:67:96:ba:36:36:07:32:01:aa:ef:c8:ac:29:
         b7:e6:f6:d2:56:95:1f:3d:80:16:8b:70:fb:e9:5d:b3:47:c5:
         ce:a4:2e:c6:7c:30:7d:2c:ce:ac:f8:c0:fc:a2:51:93:b7:9b:
         da:2c:3e:95:28:6b:6a:14:fc:6e:90:f8:58:f9:fb:c9:df:61:
         b5:ee:0e:77:53:a5:7a:c9:93:1c:27:81:09:64:32:3f:5f:b2:
         1b:5b:de:04:a9:58:cb:0f:fc:07:87:c5:e4:d2:b2:63:c8:90:
         1b:4b:28:7f:a9:b6:20:16:fc:89:7c:64:6c:63:91:98:f1:33:
         c3:a9:58:3a:55:68:f9:16:d9:44:9a:e0:2d:c4:45:87:01:98:
         f7:f8:2a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChlKD9j8FK0I7tGeXGc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjYwMzI5MTAwMDU2WhcNMjYwMzMwMTAwMDU2WjAzMTEwLwYDVQQD
EyhiYWQyYmIyZmEyOTdhZmQ1MTAyNmEzOWVjOTlkODUxMGJmMWY4ZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqToFnoZOA2t2VT9GpMwk8HHIc6e
BPxZxlVsobThH0OWRX8Ad159DGuVNiPtjfTzCnF9EXF8LiLWmSv3jcL9OMEK3qlr
B2fxIaU0t3ZpkV3B6X5+boHEcsdeCzXIyfsQVuQh1CutpnP/gvN21s40F62ijrlN
vl8crglPLilaMfwMHekCA0rxbMZetbFcaLMuh59bDjZ1ew/ICowzTJJ1LU6PcOoi
2ws2bCAfOMreI3rrm7tJRgA40V+1GM7qw1GhI7kk3ozTnj+PlHfXapjsnZEBEiHM
dzcGS23yzhNVfFgDGPdohbeT4qb1mS4O2++af7WLTqLioaHEyJiEWyROZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrSuy+il6/VECajnsmdhRC/H45dMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+BPJhIi
KBi0GwO7Ymv0wdwrmOotAs93EgwLlnf8Gu6Uyl8cBsLJtaLKrYEO1kXRhZKbWez2
N0sqRcr/VeEwE0N9evpqQ0yVtX2qkNHS3Vvotg8nxAeRON6kDUQ0dpOl60RhtVnP
nWZM4St2MXDMYFRnlro2NgcyAarvyKwpt+b20laVHz2AFotw++lds0fFzqQuxnww
fSzOrPjA/KJRk7eb2iw+lShrahT8bpD4WPn7yd9hte4Od1OlesmTHCeBCWQyP1+y
G1veBKlYyw/8B4fF5NKyY8iQG0sof6m2IBb8iXxkbGORmPEzw6lYOlVo+RbZRJrg
LcRFhwGY9/gqcw==
-----END CERTIFICATE-----