Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
File:                     QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json)
Hash identifier:          K54Pc9a8DhZ5jbTylC6GfCYViFljXsfjTgmBkAIUGTs=
Subject key identifier:   B5:D8:E0:F7:0B:B0:E0:92:D0:CE:CE:73:D6:07:46:03:BD:F2:D0:53
Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A
Certificate issuer:       /CN=4132a86b297787e48c55705931ed39351f84171a
Certificate serial:       019D3866AB70D5963770379760D27C79A067
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
Manifest number:          1275
Signing time:             Sun 29 Mar 2026 07:02:25 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:25 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:25 +0000
Files and hashes:         1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: fBWMy9AzAEFwhScqFWAQjzPImnjWAQhag/6pS2/zqLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:ab:70:d5:96:37:70:37:97:60:d2:7c:79:a0:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132a86b297787e48c55705931ed39351f84171a
        Validity
            Not Before: Mar 29 07:02:25 2026 GMT
            Not After : Mar 30 07:02:25 2026 GMT
        Subject: CN=b5d8e0f70bb0e092d0cece73d6074603bdf2d053
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:00:96:2e:8f:e6:cc:7b:5b:0a:99:f0:59:c8:
                    f8:85:37:56:50:be:a7:e0:d5:84:05:1d:98:f3:43:
                    d3:fe:d2:04:5b:50:f1:20:e9:de:25:94:8f:67:c4:
                    71:4f:bc:1b:89:85:af:40:06:5a:91:80:41:aa:43:
                    69:e0:5c:69:d9:3f:d6:a1:a5:06:1d:23:3d:c9:e9:
                    23:bb:46:8b:1a:95:60:2d:26:7f:bc:63:2d:8d:8f:
                    40:90:18:f1:67:cf:22:42:1f:6c:4d:55:0c:e1:a6:
                    d0:88:a4:f0:9d:4b:2b:fc:8d:15:39:a2:9e:3c:3d:
                    cb:90:22:da:c8:7c:1f:d3:c7:62:41:a9:c4:d1:1d:
                    1e:3f:4c:5b:0c:47:2f:69:fc:dc:10:8d:93:aa:33:
                    0f:a0:28:05:00:a1:44:9b:99:31:e4:1c:ca:cf:ad:
                    35:a5:b6:11:08:9e:de:28:c1:5f:2c:4a:17:49:fa:
                    cf:61:f5:8b:57:56:d9:12:be:8c:e3:72:f1:eb:2c:
                    0d:72:31:ce:a1:57:78:95:35:37:c8:5d:24:a1:31:
                    c1:98:aa:f5:a9:5c:56:b6:fe:fc:4f:21:48:eb:9f:
                    f6:8a:46:37:49:72:92:95:d9:82:db:ec:a2:69:0c:
                    d3:1c:0d:87:b1:76:a1:83:e9:51:04:86:98:29:08:
                    3f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:D8:E0:F7:0B:B0:E0:92:D0:CE:CE:73:D6:07:46:03:BD:F2:D0:53
            X509v3 Authority Key Identifier:
                keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:c4:e9:e3:75:bf:36:75:74:cc:61:2b:0f:e0:c2:52:b0:ab:
         11:a9:cc:04:98:b9:98:9c:e3:99:7d:e7:73:23:cd:dd:5c:77:
         c9:84:ab:37:d7:a8:a2:90:9d:c3:97:6b:53:88:56:8a:c2:dc:
         a1:9a:8c:4d:97:4d:0f:f4:2e:ad:ec:ec:ce:52:ad:2b:1e:d6:
         a6:0e:11:83:11:35:f7:d1:8c:14:88:35:c3:37:ca:c2:65:12:
         77:f2:5e:c7:d1:5a:e9:16:a6:d2:20:b3:fa:19:ad:52:59:34:
         28:9c:18:9e:7b:e9:2a:a2:50:18:d3:98:c8:d8:b6:3e:95:c3:
         15:c1:20:49:1f:36:90:2e:b3:c6:2c:6f:64:fb:43:4e:03:08:
         83:45:f4:d2:c3:d2:d6:33:d4:45:fb:5c:80:7c:d4:c1:72:2c:
         db:ba:9c:14:d5:9b:26:9c:76:90:25:27:b7:4e:b9:51:7d:db:
         e3:cc:1b:86:30:63:22:3c:05:d8:6b:ef:f3:dc:6f:e9:c2:94:
         d0:48:e1:58:08:ba:24:a7:62:1f:11:b1:d4:d1:b5:a2:f1:ac:
         65:04:00:08:35:7c:ee:b6:77:13:d9:64:7d:95:f6:66:e0:bd:
         4d:5c:67:7b:1f:54:16:34:56:ac:45:19:1f:5e:cd:89:b3:d8:
         f7:85:ff:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zqtw1ZY3cDeXYNJ8eaBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4
NDE3MWEwHhcNMjYwMzI5MDcwMjI1WhcNMjYwMzMwMDcwMjI1WjAzMTEwLwYDVQQD
EyhiNWQ4ZTBmNzBiYjBlMDkyZDBjZWNlNzNkNjA3NDYwM2JkZjJkMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArACWLo/mzHtbCpnwWcj4hTdWUL6n
4NWEBR2Y80PT/tIEW1DxIOneJZSPZ8RxT7wbiYWvQAZakYBBqkNp4Fxp2T/WoaUG
HSM9yekju0aLGpVgLSZ/vGMtjY9AkBjxZ88iQh9sTVUM4abQiKTwnUsr/I0VOaKe
PD3LkCLayHwf08diQanE0R0eP0xbDEcvafzcEI2TqjMPoCgFAKFEm5kx5BzKz601
pbYRCJ7eKMFfLEoXSfrPYfWLV1bZEr6M43Lx6ywNcjHOoVd4lTU3yF0koTHBmKr1
qVxWtv78TyFI65/2ikY3SXKSldmC2+yiaQzTHA2HsXahg+lRBIaYKQg/cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXY4PcLsOCS0M7Oc9YHRgO98tBTMB8GA1UdIwQY
MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt
ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx
LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcTp43W/
NnV0zGErD+DCUrCrEanMBJi5mJzjmX3ncyPN3Vx3yYSrN9eoopCdw5drU4hWisLc
oZqMTZdND/QurezszlKtKx7Wpg4RgxE199GMFIg1wzfKwmUSd/Jex9Fa6Ram0iCz
+hmtUlk0KJwYnnvpKqJQGNOYyNi2PpXDFcEgSR82kC6zxixvZPtDTgMIg0X00sPS
1jPURftcgHzUwXIs27qcFNWbJpx2kCUnt065UX3b48wbhjBjIjwF2Gvv89xv6cKU
0EjhWAi6JKdiHxGx1NG1ovGsZQQACDV87rZ3E9lkfZX2ZuC9TVxnex9UFjRWrEUZ
H17NibPY94X/6w==
-----END CERTIFICATE-----