Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          jZd67uPRITmZuPh/s4sxe5H7thOHWv4C6c57GLRp/sc=
Subject key identifier:   BC:0C:D9:1D:D1:F8:51:5F:7B:0E:7F:9E:BC:F1:7D:89:20:13:CB:FF
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       019D394100EC32C8EE9164F8F4813D4CADE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          15B0
Signing time:             Sun 29 Mar 2026 11:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:54 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: UEIkoaHvHSZlyt/sBkX3xEd+xMO9OKu5OKOFBJyIFUU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:00:ec:32:c8:ee:91:64:f8:f4:81:3d:4c:ad:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Mar 29 11:00:54 2026 GMT
            Not After : Mar 30 11:00:54 2026 GMT
        Subject: CN=bc0cd91dd1f8515f7b0e7f9ebcf17d892013cbff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:89:54:94:5c:b5:5d:f1:ed:19:de:79:ec:64:
                    9c:0c:f3:70:fe:0e:66:0e:35:63:55:94:75:96:66:
                    e4:36:2e:d3:08:9e:e3:fb:31:a1:ec:26:da:4a:8f:
                    1e:2e:13:01:8d:eb:0b:88:e1:af:de:d3:c3:49:a3:
                    cb:0d:87:aa:bb:42:f4:0f:dc:ae:52:a9:c5:18:ff:
                    4c:8d:d6:e5:71:14:6a:3e:f5:47:32:a8:58:2a:d0:
                    be:0c:68:f1:2a:5b:cb:14:dc:2c:bc:e8:19:47:05:
                    69:81:e0:f7:b1:d9:e0:98:71:14:44:ef:ba:72:cd:
                    bc:54:5d:10:1f:a4:12:d3:1e:32:8e:4f:37:ef:f7:
                    c2:9d:88:74:f1:da:b8:62:af:df:31:d3:b3:a0:02:
                    fb:09:58:e0:42:91:2a:b6:09:55:41:c2:a2:53:ec:
                    73:5f:49:d4:f3:a6:1f:91:e0:9f:ba:e6:5e:62:f4:
                    1d:d2:28:31:c7:ea:e1:2c:71:c9:14:e7:a2:53:41:
                    ba:5f:3a:f4:d5:6e:a8:6c:6f:bc:4b:36:eb:3d:ba:
                    96:12:65:31:c9:91:fa:24:ce:c0:46:be:b6:af:fc:
                    8e:53:73:be:f1:b7:44:df:32:66:28:99:eb:22:d2:
                    ee:5d:0a:c5:bd:bf:ff:80:31:32:2c:f7:76:93:5a:
                    d8:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:0C:D9:1D:D1:F8:51:5F:7B:0E:7F:9E:BC:F1:7D:89:20:13:CB:FF
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:bc:45:dc:99:13:97:e0:4a:2d:55:9a:8a:64:05:8a:ad:94:
         04:91:5d:68:af:d8:d9:a5:e8:29:13:4d:bc:63:42:bd:79:22:
         05:6f:41:6e:0d:fd:b9:12:32:5c:a3:60:6f:ac:08:22:28:60:
         cf:40:8d:56:41:f1:38:64:91:28:6d:8c:55:e2:8e:68:1b:61:
         b7:58:eb:2d:76:9f:e7:af:e6:de:bf:de:ce:95:e3:30:38:ca:
         fe:9b:7f:bc:0b:ba:a4:f9:72:4b:37:4a:02:ac:e0:2d:2f:df:
         8c:19:a1:80:08:10:1a:e1:95:d2:ce:ad:5a:1b:7e:e9:7a:f9:
         6c:52:dc:e8:8d:95:d0:88:a3:72:9d:12:2d:e2:14:d2:e6:c2:
         58:1b:63:18:d7:92:cd:34:f1:d4:ba:80:33:9e:cf:74:c1:c9:
         4b:fd:31:67:ac:ed:54:d9:44:49:4e:17:65:f6:1c:3b:70:e5:
         8a:43:2b:c1:d5:a4:7e:97:d2:c2:0c:75:3b:28:f7:cf:1c:b1:
         0e:9d:2c:6f:37:94:1d:bc:5c:44:e5:7f:74:27:cc:91:b3:bd:
         1e:07:4c:3a:b9:a8:a9:0e:27:00:b7:1f:64:6e:b2:51:98:50:
         ca:f6:16:27:fd:43:31:3b:17:bd:f0:f7:04:27:fc:f0:b0:1c:
         53:23:bd:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QQDsMsjukWT49IE9TK3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjYwMzI5MTEwMDU0WhcNMjYwMzMwMTEwMDU0WjAzMTEwLwYDVQQD
EyhiYzBjZDkxZGQxZjg1MTVmN2IwZTdmOWViY2YxN2Q4OTIwMTNjYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4lUlFy1XfHtGd557GScDPNw/g5m
DjVjVZR1lmbkNi7TCJ7j+zGh7CbaSo8eLhMBjesLiOGv3tPDSaPLDYequ0L0D9yu
UqnFGP9MjdblcRRqPvVHMqhYKtC+DGjxKlvLFNwsvOgZRwVpgeD3sdngmHEURO+6
cs28VF0QH6QS0x4yjk837/fCnYh08dq4Yq/fMdOzoAL7CVjgQpEqtglVQcKiU+xz
X0nU86YfkeCfuuZeYvQd0igxx+rhLHHJFOeiU0G6Xzr01W6obG+8SzbrPbqWEmUx
yZH6JM7ARr62r/yOU3O+8bdE3zJmKJnrItLuXQrFvb//gDEyLPd2k1rYcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwM2R3R+FFfew5/nrzxfYkgE8v/MB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrxF3JkT
l+BKLVWaimQFiq2UBJFdaK/Y2aXoKRNNvGNCvXkiBW9Bbg39uRIyXKNgb6wIIihg
z0CNVkHxOGSRKG2MVeKOaBtht1jrLXaf56/m3r/ezpXjMDjK/pt/vAu6pPlySzdK
AqzgLS/fjBmhgAgQGuGV0s6tWht+6Xr5bFLc6I2V0Iijcp0SLeIU0ubCWBtjGNeS
zTTx1LqAM57PdMHJS/0xZ6ztVNlESU4XZfYcO3DlikMrwdWkfpfSwgx1Oyj3zxyx
Dp0sbzeUHbxcROV/dCfMkbO9HgdMOrmoqQ4nALcfZG6yUZhQyvYWJ/1DMTsXvfD3
BCf88LAcUyO9Jw==
-----END CERTIFICATE-----