Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          hsT1USlZumISVdaWhL3K2racOVVdwzN8PIV8d5P/0jQ=
Subject key identifier:   CE:1A:47:24:CF:25:8A:6F:D1:4A:9C:06:CD:EC:A2:BD:81:BD:93:11
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       019D389BE24B0CC3F1E357DB29E8275977E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          0499
Signing time:             Sun 29 Mar 2026 08:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:33 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: 4EtXVhj3fEnaBCGghPTBjagjktwnHVS+ZbFaENwjMi8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:e2:4b:0c:c3:f1:e3:57:db:29:e8:27:59:77:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: Mar 29 08:00:33 2026 GMT
            Not After : Mar 30 08:00:33 2026 GMT
        Subject: CN=ce1a4724cf258a6fd14a9c06cdeca2bd81bd9311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b4:82:9d:b7:42:c8:0c:ab:4c:25:a0:9d:a3:
                    c9:7d:73:c2:b6:10:2b:b6:42:0e:a3:37:cf:cc:41:
                    a0:b2:58:60:cb:36:e4:7f:7a:22:62:6d:1d:92:99:
                    16:d1:a2:41:66:fb:ca:4a:41:4d:87:d7:74:79:40:
                    ba:63:36:ee:07:ee:67:be:84:3c:6a:80:bd:84:69:
                    ce:36:c6:77:f1:2f:d0:98:0a:db:e2:67:10:12:f5:
                    4b:95:d7:7f:65:ac:45:e0:12:b5:20:31:3a:92:3c:
                    4d:d2:12:51:f3:af:7e:f3:a2:6d:ca:b0:a1:a5:cf:
                    ab:14:64:ed:bc:54:5a:90:bb:56:19:60:44:0c:90:
                    48:db:55:58:9d:cd:8c:29:d6:ee:d7:05:35:60:76:
                    22:c2:3c:7c:a1:33:98:ea:c3:b0:69:fd:5f:35:7c:
                    8d:ba:0f:35:87:ac:20:9e:ef:44:12:59:f3:63:cf:
                    4a:a3:4d:62:94:62:b1:13:46:36:59:cc:24:24:03:
                    b5:c2:eb:9b:d3:fb:62:64:ed:e1:8a:bb:8c:8e:a5:
                    74:99:c3:61:67:bd:08:15:94:30:16:f6:f3:77:3c:
                    19:1f:f7:ad:64:bc:2e:02:59:fa:5d:66:9a:a7:47:
                    e3:52:3f:d9:26:f1:f6:f7:21:4e:c3:63:a1:41:d0:
                    49:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:1A:47:24:CF:25:8A:6F:D1:4A:9C:06:CD:EC:A2:BD:81:BD:93:11
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:37:e3:11:b0:f8:48:a3:d6:32:1b:5b:9d:87:06:d9:8a:3d:
         22:f7:08:43:fe:d8:ca:ea:f2:8c:34:3f:5a:fe:68:0e:37:ff:
         08:f3:cc:44:17:5d:37:17:f6:9d:4d:12:07:7e:9a:b7:87:ae:
         9b:8f:c9:e1:5a:9a:2f:75:21:58:d0:00:d4:fc:41:14:b0:63:
         c8:4f:0a:f7:f1:60:f1:c4:00:d2:a0:9d:bb:81:1f:84:7c:ed:
         50:a7:9b:9b:40:19:59:62:5e:72:a9:2b:17:8e:ad:cf:99:eb:
         bf:d9:f1:f3:22:c8:45:33:ed:8d:6b:ad:8d:25:07:bb:5b:43:
         c4:de:d1:f7:da:cb:77:e2:78:1c:61:d4:8d:fe:d3:c1:32:8f:
         54:68:4d:23:c2:38:d3:e3:e4:b0:45:2e:4e:62:4b:37:cf:c0:
         2d:f8:ff:80:2a:d4:3b:3e:ab:38:32:cf:54:d3:b5:7c:7c:59:
         0b:f5:8b:1b:9e:71:5b:94:bd:1a:46:ad:eb:62:ea:87:82:3b:
         d7:56:1c:8b:f2:5b:22:cf:3f:ff:f6:02:93:26:62:94:a6:2e:
         49:52:59:37:ee:e4:e9:89:62:a0:0d:88:ea:7f:ec:ba:4e:d6:
         a9:8c:d6:7e:c1:f9:f7:ab:79:a2:5e:49:e9:6a:a7:05:69:8e:
         bd:7e:1d:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+JLDMPx41fbKegnWXfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjYwMzI5MDgwMDMzWhcNMjYwMzMwMDgwMDMzWjAzMTEwLwYDVQQD
EyhjZTFhNDcyNGNmMjU4YTZmZDE0YTljMDZjZGVjYTJiZDgxYmQ5MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7SCnbdCyAyrTCWgnaPJfXPCthAr
tkIOozfPzEGgslhgyzbkf3oiYm0dkpkW0aJBZvvKSkFNh9d0eUC6YzbuB+5nvoQ8
aoC9hGnONsZ38S/QmArb4mcQEvVLldd/ZaxF4BK1IDE6kjxN0hJR869+86JtyrCh
pc+rFGTtvFRakLtWGWBEDJBI21VYnc2MKdbu1wU1YHYiwjx8oTOY6sOwaf1fNXyN
ug81h6wgnu9EElnzY89Ko01ilGKxE0Y2WcwkJAO1wuub0/tiZO3hiruMjqV0mcNh
Z70IFZQwFvbzdzwZH/etZLwuAln6XWaap0fjUj/ZJvH29yFOw2OhQdBJiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4aRyTPJYpv0UqcBs3sor2BvZMRMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnjfjEbD4
SKPWMhtbnYcG2Yo9IvcIQ/7YyuryjDQ/Wv5oDjf/CPPMRBddNxf2nU0SB36at4eu
m4/J4VqaL3UhWNAA1PxBFLBjyE8K9/Fg8cQA0qCdu4EfhHztUKebm0AZWWJecqkr
F46tz5nrv9nx8yLIRTPtjWutjSUHu1tDxN7R99rLd+J4HGHUjf7TwTKPVGhNI8I4
0+PksEUuTmJLN8/ALfj/gCrUOz6rODLPVNO1fHxZC/WLG55xW5S9Gkat62Lqh4I7
11Yci/JbIs8///YCkyZilKYuSVJZN+7k6YlioA2I6n/suk7WqYzWfsH596t5ol5J
6WqnBWmOvX4dAg==
-----END CERTIFICATE-----