Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
File:                     q-KqqfiJDkQV40HAd9hnvuJaodE.mft (raw, json)
Hash identifier:          HAjyXBtom/lwYakiPg32Cld5OZpPphkOCa0njXjpGRk=
Subject key identifier:   7C:2E:A7:DD:78:D9:27:BF:01:52:6D:DD:51:AA:C8:5D:07:27:A4:BA
Authority key identifier: AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1
Certificate issuer:       /CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1
Certificate serial:       019D3909EBA0B54C8B537060D1AED6E7797F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
Manifest number:          02E6
Signing time:             Sun 29 Mar 2026 10:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:44 +0000
Files and hashes:         1: q-KqqfiJDkQV40HAd9hnvuJaodE.crl (hash: 2XuEGgNkPXPAPRDgu41SBFgluBYj7xD0fnWqdUSnxsE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:eb:a0:b5:4c:8b:53:70:60:d1:ae:d6:e7:79:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1
        Validity
            Not Before: Mar 29 10:00:44 2026 GMT
            Not After : Mar 30 10:00:44 2026 GMT
        Subject: CN=7c2ea7dd78d927bf01526ddd51aac85d0727a4ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f2:80:2e:2d:09:0b:08:05:f1:8e:b5:01:fe:
                    3a:b0:e2:45:00:21:75:06:45:c1:2d:ed:15:b0:f2:
                    bb:06:5e:84:7d:31:9b:88:ba:a2:9e:f9:4f:a6:f8:
                    06:99:e2:6c:74:90:09:26:84:2e:54:42:c7:03:e0:
                    ac:6a:36:9c:b1:82:af:62:28:1b:d9:f4:4e:3f:bb:
                    40:c6:6d:13:d3:89:93:93:60:b6:c7:20:2b:5a:70:
                    58:57:01:85:49:c4:df:ff:95:54:39:6b:e3:b6:6e:
                    0c:47:d8:6a:6b:74:ed:eb:8e:5e:18:15:e8:b8:e3:
                    35:f2:62:97:01:0d:b9:d8:41:20:3f:a8:33:4a:2c:
                    ab:1f:96:e7:76:6a:72:8d:cb:27:99:c7:77:25:ae:
                    24:22:17:79:df:36:6a:e5:a2:9f:57:2e:02:21:53:
                    9b:a5:53:d9:e1:39:aa:da:41:e3:5d:9c:77:29:62:
                    09:48:3e:7b:b0:c0:8a:13:f5:48:9f:d0:e8:45:97:
                    d2:9e:87:fa:7e:91:0a:77:ce:fa:e6:a4:37:5f:a1:
                    26:be:c7:3e:11:17:31:c1:62:83:d8:c8:25:8f:7f:
                    f2:f0:7f:b2:30:1f:db:af:f9:74:9e:ef:01:25:11:
                    a5:49:37:4a:1e:f6:3d:87:f5:0b:a8:af:88:72:50:
                    a9:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:2E:A7:DD:78:D9:27:BF:01:52:6D:DD:51:AA:C8:5D:07:27:A4:BA
            X509v3 Authority Key Identifier:
                keyid:AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:e7:5f:a8:1d:fe:94:98:ac:f4:b3:e6:b5:2e:6e:9d:69:1f:
         22:6d:a3:eb:ab:b5:79:35:6f:a1:ee:1c:bc:ce:cf:62:82:be:
         6d:56:62:7c:12:b4:17:5e:a6:7f:bc:d2:5d:87:e5:3e:d4:81:
         28:d9:4c:68:04:46:a0:74:eb:a8:b6:31:95:07:37:0b:72:7c:
         91:ee:41:8d:8d:00:cf:b2:be:6e:57:a8:e8:51:14:b2:6f:63:
         f5:ed:54:92:0b:41:36:07:dc:a3:a7:8f:30:8e:8b:f1:fb:93:
         85:ce:92:7f:a2:79:da:03:3b:76:f8:ea:67:40:cf:4e:42:c1:
         a0:b1:92:c3:5e:33:2c:cd:1e:d1:9f:28:2b:83:8b:a2:c0:c9:
         48:d6:93:29:c0:3a:2a:51:ab:a2:ca:73:01:76:ae:3d:aa:60:
         1a:75:c4:a0:51:d7:03:5c:63:4b:2f:ea:79:e2:87:59:20:a4:
         ed:4d:81:42:81:9e:f6:f1:1b:62:60:48:5a:e7:5d:11:57:34:
         85:d9:65:e2:bc:56:cf:3d:c7:df:78:6a:d5:54:b2:d0:cd:59:
         fa:f0:ef:70:fd:ba:71:83:0b:19:29:45:d4:9e:56:5b:e4:3e:
         91:c4:12:47:21:69:0f:a1:f6:6e:dc:dd:ab:f4:9e:cc:1f:67:
         42:5d:88:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CeugtUyLU3Bg0a7W53l/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZTJhYWE5Zjg4OTBlNDQxNWUzNDFjMDc3ZDg2N2JlZTI1
YWExZDEwHhcNMjYwMzI5MTAwMDQ0WhcNMjYwMzMwMTAwMDQ0WjAzMTEwLwYDVQQD
Eyg3YzJlYTdkZDc4ZDkyN2JmMDE1MjZkZGQ1MWFhYzg1ZDA3MjdhNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPKALi0JCwgF8Y61Af46sOJFACF1
BkXBLe0VsPK7Bl6EfTGbiLqinvlPpvgGmeJsdJAJJoQuVELHA+CsajacsYKvYigb
2fROP7tAxm0T04mTk2C2xyArWnBYVwGFScTf/5VUOWvjtm4MR9hqa3Tt645eGBXo
uOM18mKXAQ252EEgP6gzSiyrH5bndmpyjcsnmcd3Ja4kIhd53zZq5aKfVy4CIVOb
pVPZ4Tmq2kHjXZx3KWIJSD57sMCKE/VIn9DoRZfSnof6fpEKd8765qQ3X6Emvsc+
ERcxwWKD2Mglj3/y8H+yMB/br/l0nu8BJRGlSTdKHvY9h/ULqK+IclCprwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwup9142Se/AVJt3VGqyF0HJ6S6MB8GA1UdIwQY
MBaAFKviqqn4iQ5EFeNBwHfYZ77iWqHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDkt
NDYxYTZlY2NmYzQ3LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDktNDYxYTZlY2NmYzQ3
LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeOdfqB3+
lJis9LPmtS5unWkfIm2j66u1eTVvoe4cvM7PYoK+bVZifBK0F16mf7zSXYflPtSB
KNlMaARGoHTrqLYxlQc3C3J8ke5BjY0Az7K+bleo6FEUsm9j9e1UkgtBNgfco6eP
MI6L8fuThc6Sf6J52gM7dvjqZ0DPTkLBoLGSw14zLM0e0Z8oK4OLosDJSNaTKcA6
KlGrospzAXauPapgGnXEoFHXA1xjSy/qeeKHWSCk7U2BQoGe9vEbYmBIWuddEVc0
hdll4rxWzz3H33hq1VSy0M1Z+vDvcP26cYMLGSlF1J5WW+Q+kcQSRyFpD6H2btzd
q/SezB9nQl2IgA==
-----END CERTIFICATE-----