Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          d3DN3S3uPWKVfL1+aSRRJwR1zL0m7zQMuFADkhRynmk=
Subject key identifier:   92:D1:82:D0:25:42:86:3A:AE:AE:35:BC:C1:72:C5:51:1D:80:CB:09
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019D39AF1F386AEFDC9D84C98235417D59F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          1734
Signing time:             Sun 29 Mar 2026 13:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:11 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: 7ftYaxT63+VFnoRLEle0B0I9FtXE/doM5IlqbC9yJRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:1f:38:6a:ef:dc:9d:84:c9:82:35:41:7d:59:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Mar 29 13:01:11 2026 GMT
            Not After : Mar 30 13:01:11 2026 GMT
        Subject: CN=92d182d02542863aaeae35bcc172c5511d80cb09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:12:e2:49:ce:5c:d1:0b:a0:65:cb:d4:0d:3e:
                    5a:e9:e3:7e:94:96:cd:6c:cb:0a:89:2c:ad:90:04:
                    2a:45:a7:db:fd:31:f8:ec:83:8b:8c:ba:eb:4a:f7:
                    ec:7c:0b:cf:e1:e4:42:53:2c:a8:8d:73:61:dc:93:
                    09:71:51:17:4e:7b:22:80:bf:03:ba:32:17:71:05:
                    20:cb:51:0f:52:be:ac:0c:c9:cc:81:ce:8a:cd:f7:
                    d1:8b:58:bb:53:34:bb:76:88:ec:f1:8d:43:c4:76:
                    d7:17:c8:f9:ab:d5:2f:56:4e:77:13:19:d3:2d:d8:
                    54:d6:28:7e:c1:25:49:bc:11:53:2b:9a:b8:1b:f3:
                    0a:52:f2:45:46:17:17:b2:e9:8a:02:39:5b:3d:fa:
                    08:69:44:21:45:fd:16:bc:7d:70:35:ca:34:fb:1f:
                    43:2a:d7:32:0c:55:ec:7d:38:1d:78:06:d6:cb:ae:
                    c8:10:5b:78:08:29:d3:45:b3:b7:5d:be:8e:c6:9b:
                    3b:7f:47:c3:85:13:ab:7c:ce:b9:96:e1:01:4d:e4:
                    1d:67:ee:a3:a0:8e:cd:a2:34:a7:0c:ee:ac:46:1b:
                    d7:86:13:2e:34:e9:04:72:84:aa:89:6d:eb:82:e6:
                    81:f6:ae:42:4a:33:02:0e:02:5a:61:22:7b:5c:f6:
                    a1:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:D1:82:D0:25:42:86:3A:AE:AE:35:BC:C1:72:C5:51:1D:80:CB:09
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:9e:0e:f7:4d:4f:ca:ad:d7:6c:2c:ad:7a:8a:ed:bd:dc:08:
         ec:f9:51:b0:4e:ef:50:bc:4b:ef:e7:aa:6f:e0:a5:33:d0:7f:
         6f:6e:d8:96:7b:86:3c:95:f8:b5:39:cb:ce:f7:1e:e3:31:f2:
         b4:bb:4c:85:b5:6c:99:37:85:73:99:8c:8b:7b:06:08:81:e6:
         46:56:a8:5e:6f:32:a9:85:b4:74:c2:d0:d5:96:47:51:20:89:
         8e:d0:b8:25:8f:63:3b:ff:da:4f:7d:77:7c:58:1b:53:a6:04:
         a4:a4:5b:8f:78:0b:d8:63:cf:b3:99:99:99:8f:70:e0:87:42:
         f0:35:cc:1c:9c:dd:a8:96:b5:3a:3c:7f:c2:0a:67:36:0d:74:
         be:bb:75:ee:fb:6c:1f:5f:9a:8b:47:52:b2:46:18:fb:9d:30:
         11:25:3b:19:f3:d6:31:a7:cd:a2:c5:83:db:28:f5:ba:42:25:
         cb:14:4c:ad:ae:53:02:e0:66:24:66:69:de:37:c1:dc:c2:d2:
         35:06:7d:04:cb:08:b2:4d:8b:23:4f:15:af:ed:3e:54:26:57:
         91:33:db:30:35:a3:98:b0:4c:44:28:d0:88:1e:67:31:89:db:
         17:5e:ee:4a:e7:6e:f2:59:7f:e9:10:6a:4b:f4:ff:7f:6f:53:
         d0:f6:c9:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rx84au/cnYTJgjVBfVnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjYwMzI5MTMwMTExWhcNMjYwMzMwMTMwMTExWjAzMTEwLwYDVQQD
Eyg5MmQxODJkMDI1NDI4NjNhYWVhZTM1YmNjMTcyYzU1MTFkODBjYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohLiSc5c0QugZcvUDT5a6eN+lJbN
bMsKiSytkAQqRafb/TH47IOLjLrrSvfsfAvP4eRCUyyojXNh3JMJcVEXTnsigL8D
ujIXcQUgy1EPUr6sDMnMgc6KzffRi1i7UzS7dojs8Y1DxHbXF8j5q9UvVk53ExnT
LdhU1ih+wSVJvBFTK5q4G/MKUvJFRhcXsumKAjlbPfoIaUQhRf0WvH1wNco0+x9D
KtcyDFXsfTgdeAbWy67IEFt4CCnTRbO3Xb6Oxps7f0fDhROrfM65luEBTeQdZ+6j
oI7NojSnDO6sRhvXhhMuNOkEcoSqiW3rguaB9q5CSjMCDgJaYSJ7XPahtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLRgtAlQoY6rq41vMFyxVEdgMsJMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZ4O901P
yq3XbCyteortvdwI7PlRsE7vULxL7+eqb+ClM9B/b27YlnuGPJX4tTnLzvce4zHy
tLtMhbVsmTeFc5mMi3sGCIHmRlaoXm8yqYW0dMLQ1ZZHUSCJjtC4JY9jO//aT313
fFgbU6YEpKRbj3gL2GPPs5mZmY9w4IdC8DXMHJzdqJa1Ojx/wgpnNg10vrt17vts
H1+ai0dSskYY+50wESU7GfPWMafNosWD2yj1ukIlyxRMra5TAuBmJGZp3jfB3MLS
NQZ9BMsIsk2LI08Vr+0+VCZXkTPbMDWjmLBMRCjQiB5nMYnbF17uSudu8ll/6RBq
S/T/f29T0PbJZQ==
-----END CERTIFICATE-----