Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
File:                     q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json)
Hash identifier:          8Fqvzax6Hf51os+dkiqHKXQmikyxBPrEoXkLg1XuH80=
Subject key identifier:   47:74:D5:2C:A3:9F:12:D2:CD:CF:10:6D:7A:8E:6F:6A:AE:B0:F2:84
Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Certificate issuer:       /CN=abb94449d4d2462771773bc08a624507da512b0d
Certificate serial:       019D37528E01F1E736BE8A5EA87C0605BCF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
Manifest number:          0973
Signing time:             Sun 29 Mar 2026 02:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:50 +0000
Files and hashes:         1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: 64+uIiaqOk/6tO+gdWwZ2dW6EJmrGkp5MCybmAotM2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:8e:01:f1:e7:36:be:8a:5e:a8:7c:06:05:bc:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d
        Validity
            Not Before: Mar 29 02:00:50 2026 GMT
            Not After : Mar 30 02:00:50 2026 GMT
        Subject: CN=4774d52ca39f12d2cdcf106d7a8e6f6aaeb0f284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:a1:85:09:30:cf:dd:33:13:34:82:e4:08:06:
                    d3:f1:e4:89:c1:e6:38:23:b4:04:71:27:cb:b3:4f:
                    71:84:cd:8f:a5:59:ac:93:22:66:a4:2f:37:76:0a:
                    d4:ab:fe:7d:f0:b2:71:51:77:73:9b:51:43:ee:bd:
                    48:08:da:a3:87:e5:91:c6:5c:db:d2:6b:68:27:40:
                    00:6d:6e:86:93:d0:ac:3d:fb:c2:5b:97:f5:b4:81:
                    48:ef:29:c2:62:9c:df:f8:aa:c2:7e:c8:93:52:ac:
                    5d:3c:b6:18:a7:eb:06:c0:fd:d1:ea:2c:de:b5:17:
                    74:c3:a7:3c:14:e5:83:93:c0:c1:19:21:55:4b:05:
                    a4:be:6f:66:8d:9e:98:ae:07:ec:32:d4:e7:61:78:
                    9e:94:98:ba:88:9d:66:55:45:3f:88:6d:0f:c7:3a:
                    f8:55:71:59:df:cf:83:a0:3a:75:80:d1:fc:6f:fb:
                    fd:18:be:8a:20:9e:c4:b5:20:a1:df:5a:a0:b9:4b:
                    e3:0a:e7:e0:b7:fe:a9:f7:36:9c:83:75:9b:a2:2a:
                    5e:67:5c:7b:7f:07:4c:f2:01:89:09:7a:37:de:39:
                    5d:38:2e:04:0e:33:15:ff:0d:71:04:4b:e7:b3:85:
                    42:55:3c:e3:d0:b1:38:64:b1:14:72:72:40:3a:1a:
                    cf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:74:D5:2C:A3:9F:12:D2:CD:CF:10:6D:7A:8E:6F:6A:AE:B0:F2:84
            X509v3 Authority Key Identifier:
                keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:f5:2b:89:5b:e5:58:e3:0e:c4:8f:40:a0:7c:ef:5d:df:7b:
         a3:b0:55:d1:df:0e:3f:14:5f:d6:dc:4f:f7:31:97:bd:57:bb:
         1e:e3:ac:90:41:18:12:86:65:fb:1c:37:41:82:06:3f:cf:45:
         81:54:62:8b:90:4c:54:36:93:e9:04:09:f5:c0:4f:3d:ba:c2:
         e5:c8:aa:06:1c:e5:f9:1c:dc:1f:00:26:d3:91:77:9b:50:ba:
         eb:2a:86:0e:4a:1c:fe:56:6d:2e:a0:6e:32:c4:33:0c:0e:43:
         ec:6a:33:f2:86:97:eb:07:e3:50:a6:3b:b3:ae:f7:78:4f:6b:
         d9:7b:ca:74:c5:1a:42:96:a4:3a:6d:1e:59:fa:91:09:1a:9f:
         03:18:48:3e:77:5c:71:81:7c:99:c5:3f:0f:31:3b:cc:54:99:
         20:e3:7b:4e:70:85:a5:bc:35:e9:cb:6d:3d:04:49:4c:51:26:
         2c:ea:78:fa:07:c1:a4:5c:c1:cc:bf:01:b6:3c:68:96:9c:cc:
         c5:d0:ca:74:99:de:53:31:fa:b7:7d:69:5d:be:13:e3:85:2d:
         63:b9:f1:93:6c:48:db:99:12:0b:b4:cd:eb:d1:84:da:74:9e:
         c2:16:c7:af:95:1d:83:e8:a0:ec:2b:0e:60:6f:60:02:59:8b:
         0b:fe:75:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uo4B8ec2vopeqHwGBbzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1
MTJiMGQwHhcNMjYwMzI5MDIwMDUwWhcNMjYwMzMwMDIwMDUwWjAzMTEwLwYDVQQD
Eyg0Nzc0ZDUyY2EzOWYxMmQyY2RjZjEwNmQ3YThlNmY2YWFlYjBmMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qGFCTDP3TMTNILkCAbT8eSJweY4
I7QEcSfLs09xhM2PpVmskyJmpC83dgrUq/598LJxUXdzm1FD7r1ICNqjh+WRxlzb
0mtoJ0AAbW6Gk9CsPfvCW5f1tIFI7ynCYpzf+KrCfsiTUqxdPLYYp+sGwP3R6ize
tRd0w6c8FOWDk8DBGSFVSwWkvm9mjZ6YrgfsMtTnYXielJi6iJ1mVUU/iG0Pxzr4
VXFZ38+DoDp1gNH8b/v9GL6KIJ7EtSCh31qguUvjCufgt/6p9zacg3WboipeZ1x7
fwdM8gGJCXo33jldOC4EDjMV/w1xBEvns4VCVTzj0LE4ZLEUcnJAOhrPmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd01SyjnxLSzc8QbXqOb2qusPKEMB8GA1UdIwQY
MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt
NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh
LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsvUriVvl
WOMOxI9AoHzvXd97o7BV0d8OPxRf1txP9zGXvVe7HuOskEEYEoZl+xw3QYIGP89F
gVRii5BMVDaT6QQJ9cBPPbrC5ciqBhzl+RzcHwAm05F3m1C66yqGDkoc/lZtLqBu
MsQzDA5D7Goz8oaX6wfjUKY7s673eE9r2XvKdMUaQpakOm0eWfqRCRqfAxhIPndc
cYF8mcU/DzE7zFSZION7TnCFpbw16cttPQRJTFEmLOp4+gfBpFzBzL8BtjxolpzM
xdDKdJneUzH6t31pXb4T44UtY7nxk2xI25kSC7TN69GE2nSewhbHr5Udg+ig7CsO
YG9gAlmLC/51rA==
-----END CERTIFICATE-----