Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
File:                     QTsVW4BGJkf4WUaogk0in-6q--Y.mft (raw, json)
Hash identifier:          d3/wKCQLbNI4z5J87QBMNKv23Ps0F00+i+/QWhEr4yo=
Subject key identifier:   B3:04:5A:84:44:A5:B2:54:1A:6D:01:40:2D:EB:35:6C:7D:AB:64:15
Authority key identifier: 41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6
Certificate issuer:       /CN=413b155b80462647f85946a8824d229feeaafbe6
Certificate serial:       019D39412892C9CA767DC82BF41C16760035
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
Manifest number:          0411
Signing time:             Sun 29 Mar 2026 11:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:04 +0000
Files and hashes:         1: QTsVW4BGJkf4WUaogk0in-6q--Y.crl (hash: oKSETRyQKTjnooJPru1LK2dpB5Ze4CPA4C698YTIgIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:28:92:c9:ca:76:7d:c8:2b:f4:1c:16:76:00:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=413b155b80462647f85946a8824d229feeaafbe6
        Validity
            Not Before: Mar 29 11:01:04 2026 GMT
            Not After : Mar 30 11:01:04 2026 GMT
        Subject: CN=b3045a8444a5b2541a6d01402deb356c7dab6415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d2:35:68:30:88:5a:72:52:cb:92:1b:55:75:
                    a6:e0:f3:d4:db:db:8a:2c:3a:02:b1:08:38:32:57:
                    43:9a:41:40:35:62:a2:bf:1d:36:c0:49:40:2e:44:
                    3f:77:ab:21:80:84:11:65:e6:89:be:bb:44:0a:a9:
                    25:56:c2:07:ec:8f:36:5d:18:28:f0:96:ff:76:3e:
                    6d:50:bf:71:32:1c:2a:25:c5:9c:34:55:1b:3d:80:
                    12:93:9f:37:92:ac:55:40:2e:1c:cf:35:f1:c5:f4:
                    2d:6a:4d:1c:a6:ac:fb:91:45:bc:10:d5:74:a3:e5:
                    24:96:b9:47:7e:e2:85:05:39:f8:3e:c0:c7:01:35:
                    0c:11:b4:64:9a:5d:46:13:6e:75:c8:e2:27:ad:79:
                    af:f1:8f:45:9a:07:87:78:cd:de:0c:2f:84:c6:68:
                    33:44:f5:88:84:b7:c4:24:a9:9b:71:26:71:40:32:
                    01:1b:d3:5b:11:20:1f:42:ab:ed:47:1d:4e:2e:33:
                    de:15:f2:91:b6:3e:0a:b5:d6:6e:3b:cb:7c:4f:99:
                    c6:cc:55:81:2c:6c:5c:f5:5b:97:2c:a1:ca:7b:4f:
                    85:ca:29:ec:f9:5f:93:9a:71:42:e7:ea:9a:ea:fc:
                    1e:5b:98:0d:69:5b:b0:aa:43:fa:9a:6e:13:c2:1f:
                    33:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:04:5A:84:44:A5:B2:54:1A:6D:01:40:2D:EB:35:6C:7D:AB:64:15
            X509v3 Authority Key Identifier:
                keyid:41:3B:15:5B:80:46:26:47:F8:59:46:A8:82:4D:22:9F:EE:AA:FB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTsVW4BGJkf4WUaogk0in-6q--Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ed63bf-2b0e-4c9b-98b5-4a251cbec791/1/QTsVW4BGJkf4WUaogk0in-6q--Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:b4:fa:82:e4:c8:c0:a3:c0:4b:22:dc:11:e9:07:ba:77:a6:
         bb:53:10:5c:48:7c:f1:95:44:d8:d3:fc:1e:eb:74:91:58:f5:
         af:49:98:6e:bd:cb:18:f7:46:7c:93:37:19:2d:b9:d6:ed:4e:
         00:9a:a7:53:ba:98:3d:c6:90:f2:51:de:a1:bb:a8:19:b1:44:
         f3:75:ad:c2:e2:23:03:52:36:70:57:ba:99:7e:d0:f1:c9:a5:
         b2:15:6a:02:d7:2e:0f:61:b0:25:64:e8:db:75:29:1b:d6:54:
         bc:ad:62:a8:7f:f8:93:f7:77:f1:b1:6a:30:02:8f:7b:c8:3c:
         48:d4:bb:6c:a8:d3:a5:19:a9:7d:a9:ed:26:31:2c:8d:e3:a1:
         91:16:58:59:77:55:3f:83:1a:ca:f3:9d:27:7f:cf:7e:f8:74:
         a1:b5:f8:2a:cb:64:43:32:5c:de:73:18:27:ef:93:0c:c5:25:
         9f:9f:3b:c0:30:e8:d4:12:91:1e:83:1b:ff:d4:26:07:bc:06:
         3d:af:5d:1f:92:76:d6:82:c7:4a:a0:ec:34:79:1c:ab:3a:3d:
         0a:d8:2e:d3:88:e5:f1:aa:10:3a:67:36:0b:d8:bd:f6:d1:6f:
         25:8a:1e:69:f9:e0:70:bb:34:96:e7:56:49:e5:d1:1f:03:08:
         f3:98:e3:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSiSycp2fcgr9BwWdgA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxM2IxNTViODA0NjI2NDdmODU5NDZhODgyNGQyMjlmZWVh
YWZiZTYwHhcNMjYwMzI5MTEwMTA0WhcNMjYwMzMwMTEwMTA0WjAzMTEwLwYDVQQD
EyhiMzA0NWE4NDQ0YTViMjU0MWE2ZDAxNDAyZGViMzU2YzdkYWI2NDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstI1aDCIWnJSy5IbVXWm4PPU29uK
LDoCsQg4MldDmkFANWKivx02wElALkQ/d6shgIQRZeaJvrtECqklVsIH7I82XRgo
8Jb/dj5tUL9xMhwqJcWcNFUbPYASk583kqxVQC4czzXxxfQtak0cpqz7kUW8ENV0
o+UklrlHfuKFBTn4PsDHATUMEbRkml1GE251yOInrXmv8Y9FmgeHeM3eDC+Exmgz
RPWIhLfEJKmbcSZxQDIBG9NbESAfQqvtRx1OLjPeFfKRtj4KtdZuO8t8T5nGzFWB
LGxc9VuXLKHKe0+Fyins+V+TmnFC5+qa6vweW5gNaVuwqkP6mm4Twh8zKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMEWoREpbJUGm0BQC3rNWx9q2QVMB8GA1UdIwQY
MBaAFEE7FVuARiZH+FlGqIJNIp/uqvvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUt
NGEyNTFjYmVjNzkxLzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lZDYzYmYtMmIwZS00YzliLTk4YjUtNGEyNTFjYmVjNzkx
LzEvUVRzVlc0QkdKa2Y0V1Vhb2drMGluLTZxLS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLT6guTI
wKPASyLcEekHunemu1MQXEh88ZVE2NP8Hut0kVj1r0mYbr3LGPdGfJM3GS251u1O
AJqnU7qYPcaQ8lHeobuoGbFE83WtwuIjA1I2cFe6mX7Q8cmlshVqAtcuD2GwJWTo
23UpG9ZUvK1iqH/4k/d38bFqMAKPe8g8SNS7bKjTpRmpfantJjEsjeOhkRZYWXdV
P4MayvOdJ3/Pfvh0obX4KstkQzJc3nMYJ++TDMUln587wDDo1BKRHoMb/9QmB7wG
Pa9dH5J21oLHSqDsNHkcqzo9Ctgu04jl8aoQOmc2C9i99tFvJYoeafngcLs0ludW
SeXRHwMI85jjjQ==
-----END CERTIFICATE-----