Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
File:                     QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json)
Hash identifier:          GIDLno3+HGvCRCydhZ3MC2BgldPM6nih/mPAC/0csHI=
Subject key identifier:   46:E3:6E:8F:4E:DF:DC:1E:5B:72:8C:83:BD:14:F7:BB:62:4A:BF:FF
Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D
Certificate issuer:       /CN=41f22860ca62bd2838f8328f17839d1e8608d26d
Certificate serial:       019D37F72682B1143AE53CF90D730EB55129
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
Manifest number:          0468
Signing time:             Sun 29 Mar 2026 05:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:37 +0000
Files and hashes:         1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: FS9hK9klATyZjWcYiCwvXFlsoKcnXUJB9QM6/5DZ2Wc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:26:82:b1:14:3a:e5:3c:f9:0d:73:0e:b5:51:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d
        Validity
            Not Before: Mar 29 05:00:37 2026 GMT
            Not After : Mar 30 05:00:37 2026 GMT
        Subject: CN=46e36e8f4edfdc1e5b728c83bd14f7bb624abfff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:54:e4:0b:5d:f8:d8:01:c1:09:b7:a4:19:f7:
                    83:3b:44:29:d7:c3:0f:12:e3:56:d9:ac:ca:e9:19:
                    d0:06:49:9f:2f:9c:55:62:32:be:94:f5:c9:ff:89:
                    1e:e4:ed:51:f0:43:ea:fa:9c:43:32:95:8b:b0:d7:
                    d4:f7:8f:3e:de:36:67:2c:f6:52:e0:40:92:01:26:
                    18:98:2f:d4:8f:59:07:eb:20:ec:f0:18:8f:59:f7:
                    c3:8a:71:14:72:9a:4d:65:d6:8b:7c:d5:aa:ef:e6:
                    03:92:86:89:b4:3d:18:fc:ac:50:97:1e:2b:0c:40:
                    b8:5d:27:d9:c5:17:0f:04:0f:3a:b2:b0:98:da:a0:
                    06:c5:39:f3:94:8b:de:09:52:3b:8c:4e:1e:dd:69:
                    49:0e:09:db:de:73:f1:4b:a8:4b:f2:4f:a0:7a:d9:
                    39:71:e9:47:9b:4c:ad:74:59:d2:e7:52:21:b3:5f:
                    97:89:84:f5:9a:b5:2b:19:f5:92:84:d2:68:12:be:
                    64:76:c3:01:29:ee:d9:f5:8a:38:47:2b:8e:ec:4f:
                    e6:ef:81:4d:6b:c3:5c:9d:c0:84:d3:d4:38:17:72:
                    98:a3:51:c5:b0:be:cc:1c:c6:d2:d1:3c:3a:10:77:
                    06:cd:72:6d:ee:18:e0:9e:1e:42:4c:bd:f9:10:03:
                    6d:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:E3:6E:8F:4E:DF:DC:1E:5B:72:8C:83:BD:14:F7:BB:62:4A:BF:FF
            X509v3 Authority Key Identifier:
                keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:d8:91:6d:2f:e5:c7:5d:06:12:8c:20:c5:b0:93:6f:9d:3f:
         9d:a9:cc:1b:bd:13:25:ea:d4:18:9b:38:c0:0e:1f:66:0d:dc:
         64:c4:20:41:7e:33:e2:4a:6b:fb:af:1c:cf:88:6f:46:f3:c4:
         64:f6:94:ec:c2:1c:fd:34:5e:74:f9:05:13:83:7c:1f:30:9f:
         e7:58:ca:2e:2c:47:ca:51:2e:df:65:b2:68:47:50:b4:f2:23:
         23:2f:54:16:cd:16:c7:ca:fa:4e:f8:ff:4c:c1:02:53:19:d7:
         5f:b4:80:9a:6b:8e:6b:79:79:4e:ca:88:67:e9:7d:87:76:76:
         be:49:b5:f5:37:dd:6d:63:12:00:f2:1a:b9:a7:24:a9:26:8c:
         f4:bc:17:03:f3:36:59:be:c6:c7:54:96:42:61:f4:f9:a8:2e:
         c9:30:de:f5:9a:6c:8f:5e:3a:5f:fe:86:07:c4:ff:5a:e8:41:
         7f:30:c4:6c:9b:5a:49:c0:f4:d6:ba:c7:d8:e8:23:e1:c4:e7:
         15:99:2e:e7:cd:ff:f0:ad:89:45:18:96:89:fd:c0:ab:81:d9:
         b9:3b:ba:a5:2e:3e:04:32:b7:84:8b:05:4d:49:d6:bc:3d:93:
         b9:15:d4:31:11:c1:33:ff:55:81:a3:94:0a:87:64:f3:e7:6e:
         b2:65:28:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039yaCsRQ65Tz5DXMOtVEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw
OGQyNmQwHhcNMjYwMzI5MDUwMDM3WhcNMjYwMzMwMDUwMDM3WjAzMTEwLwYDVQQD
Eyg0NmUzNmU4ZjRlZGZkYzFlNWI3MjhjODNiZDE0ZjdiYjYyNGFiZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlTkC1342AHBCbekGfeDO0Qp18MP
EuNW2azK6RnQBkmfL5xVYjK+lPXJ/4ke5O1R8EPq+pxDMpWLsNfU948+3jZnLPZS
4ECSASYYmC/Uj1kH6yDs8BiPWffDinEUcppNZdaLfNWq7+YDkoaJtD0Y/KxQlx4r
DEC4XSfZxRcPBA86srCY2qAGxTnzlIveCVI7jE4e3WlJDgnb3nPxS6hL8k+getk5
celHm0ytdFnS51Ihs1+XiYT1mrUrGfWShNJoEr5kdsMBKe7Z9Yo4RyuO7E/m74FN
a8NcncCE09Q4F3KYo1HFsL7MHMbS0Tw6EHcGzXJt7hjgnh5CTL35EANtqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbjbo9O39weW3KMg70U97tiSr//MB8GA1UdIwQY
MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt
ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy
LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetiRbS/l
x10GEowgxbCTb50/nanMG70TJerUGJs4wA4fZg3cZMQgQX4z4kpr+68cz4hvRvPE
ZPaU7MIc/TRedPkFE4N8HzCf51jKLixHylEu32WyaEdQtPIjIy9UFs0Wx8r6Tvj/
TMECUxnXX7SAmmuOa3l5TsqIZ+l9h3Z2vkm19TfdbWMSAPIauackqSaM9LwXA/M2
Wb7Gx1SWQmH0+aguyTDe9Zpsj146X/6GB8T/WuhBfzDEbJtaScD01rrH2Ogj4cTn
FZku583/8K2JRRiWif3Aq4HZuTu6pS4+BDK3hIsFTUnWvD2TuRXUMRHBM/9VgaOU
Codk8+dusmUo1A==
-----END CERTIFICATE-----