Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
File:                     qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json)
Hash identifier:          0v4reKiq5A0F+KocRszNlJUIRIHNUGlIb6nNJO53Vg0=
Subject key identifier:   98:A8:FC:23:C8:54:60:CE:B3:C5:02:5F:40:B1:40:11:C9:A5:79:DD
Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5
Certificate issuer:       /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
Certificate serial:       019D38668BFD360DFA2A638F79B55E33C07B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
Manifest number:          0622
Signing time:             Sun 29 Mar 2026 07:02:17 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:17 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:17 +0000
Files and hashes:         1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: Kbaiv+IcyyL1niRhzqe0KBFOFaCGjE1gwSVlJY1pIGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:8b:fd:36:0d:fa:2a:63:8f:79:b5:5e:33:c0:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
        Validity
            Not Before: Mar 29 07:02:17 2026 GMT
            Not After : Mar 30 07:02:17 2026 GMT
        Subject: CN=98a8fc23c85460ceb3c5025f40b14011c9a579dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:21:05:85:97:b0:b5:56:d6:ff:19:10:3d:4b:
                    aa:c2:4b:04:34:9f:7d:2e:ec:8e:ec:ae:62:26:e9:
                    2f:14:51:29:8b:c3:62:a0:1e:6d:b3:8c:4c:5a:5c:
                    0c:a7:78:32:77:e4:1a:06:cb:82:00:da:e8:fc:3a:
                    cc:d3:12:94:78:ef:36:5b:24:7f:8a:42:c3:1f:46:
                    fa:4a:80:5c:20:8b:b7:c8:e2:5b:9f:08:32:53:92:
                    0d:66:42:bb:24:d4:e5:3f:79:ed:bc:f5:a3:d5:eb:
                    f8:46:c6:32:b3:d7:0b:00:93:5b:60:80:85:41:9d:
                    61:e1:80:85:66:fc:38:c3:69:f5:72:8f:80:f5:cf:
                    ec:c2:be:00:9c:f7:0b:a0:d6:0e:14:22:ab:31:2f:
                    5b:16:53:26:24:97:c8:15:4d:74:ff:82:d4:e1:54:
                    66:51:61:76:cc:b0:71:cb:63:76:43:92:0e:5f:8b:
                    53:e8:7f:00:4a:98:6e:8c:9a:c5:63:94:6e:dd:4b:
                    9b:dd:08:57:d2:90:0e:b3:af:3c:25:5c:2e:ea:83:
                    18:2d:8e:e4:41:8b:e2:39:35:0f:96:e3:7d:63:58:
                    2f:64:ab:23:e2:6b:d2:79:3a:c4:69:c1:63:5e:05:
                    7b:39:5e:68:b4:cc:03:65:49:17:8f:c0:77:6d:8a:
                    82:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:A8:FC:23:C8:54:60:CE:B3:C5:02:5F:40:B1:40:11:C9:A5:79:DD
            X509v3 Authority Key Identifier:
                keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:da:f6:81:5a:10:11:0a:0b:9c:67:52:46:90:2f:82:78:11:
         6f:fe:41:5a:dd:e3:b6:df:02:62:7e:64:38:00:9b:f1:28:5a:
         d8:40:f8:16:d1:a4:0c:99:60:2d:d8:8f:8c:bb:e1:98:51:62:
         ca:66:f0:23:84:ad:dc:40:fc:ab:9a:59:ee:bf:f6:c3:20:bc:
         8f:75:9c:93:b7:6a:a8:eb:81:68:36:71:b7:95:fb:2c:ae:a0:
         d8:fe:7c:90:cc:0f:2e:f3:d3:b3:36:c4:07:12:fd:52:be:64:
         b9:c0:61:1a:f5:95:cd:aa:17:ef:a9:e0:86:69:5d:24:97:bc:
         2a:e7:09:ac:79:c6:9d:98:42:19:3d:e0:32:63:af:2a:b3:4b:
         ba:3e:79:0e:4b:eb:f6:fb:5f:3e:e3:7c:11:a9:d7:ff:91:7f:
         5d:57:98:b7:5c:05:0a:dd:9d:84:bd:bf:7d:7c:7f:68:e4:f1:
         b4:4a:a4:ee:83:b4:b2:20:da:a7:94:46:46:9b:bf:02:6d:7b:
         87:a7:5e:c1:b4:80:10:af:6c:b6:53:d2:6d:35:73:77:a9:8f:
         c8:5f:ac:de:9d:e7:df:33:42:64:ab:97:f4:ba:eb:40:2d:91:
         3f:ce:1f:33:f7:05:19:ba:d0:a1:ba:a9:d5:17:85:b0:39:c4:
         85:b4:8d:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zov9Ng36KmOPebVeM8B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1
MTQyZjUwHhcNMjYwMzI5MDcwMjE3WhcNMjYwMzMwMDcwMjE3WjAzMTEwLwYDVQQD
Eyg5OGE4ZmMyM2M4NTQ2MGNlYjNjNTAyNWY0MGIxNDAxMWM5YTU3OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSEFhZewtVbW/xkQPUuqwksENJ99
LuyO7K5iJukvFFEpi8NioB5ts4xMWlwMp3gyd+QaBsuCANro/DrM0xKUeO82WyR/
ikLDH0b6SoBcIIu3yOJbnwgyU5INZkK7JNTlP3ntvPWj1ev4RsYys9cLAJNbYICF
QZ1h4YCFZvw4w2n1co+A9c/swr4AnPcLoNYOFCKrMS9bFlMmJJfIFU10/4LU4VRm
UWF2zLBxy2N2Q5IOX4tT6H8ASphujJrFY5Ru3Uub3QhX0pAOs688JVwu6oMYLY7k
QYviOTUPluN9Y1gvZKsj4mvSeTrEacFjXgV7OV5otMwDZUkXj8B3bYqC9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJio/CPIVGDOs8UCX0CxQBHJpXndMB8GA1UdIwQY
MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt
ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2
LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdr2gVoQ
EQoLnGdSRpAvgngRb/5BWt3jtt8CYn5kOACb8Sha2ED4FtGkDJlgLdiPjLvhmFFi
ymbwI4St3ED8q5pZ7r/2wyC8j3Wck7dqqOuBaDZxt5X7LK6g2P58kMwPLvPTszbE
BxL9Ur5kucBhGvWVzaoX76nghmldJJe8KucJrHnGnZhCGT3gMmOvKrNLuj55Dkvr
9vtfPuN8EanX/5F/XVeYt1wFCt2dhL2/fXx/aOTxtEqk7oO0siDap5RGRpu/Am17
h6dewbSAEK9stlPSbTVzd6mPyF+s3p3n3zNCZKuX9LrrQC2RP84fM/cFGbrQobqp
1ReFsDnEhbSN8g==
-----END CERTIFICATE-----