Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft
File:                     RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft (raw, json)
Hash identifier:          aR3KgpX3lELEXZWr9HpBdp3aQftNi7gTbbwm0QuMZQ4=
Subject key identifier:   A1:3F:F4:44:D2:46:6A:4D:D5:E7:2B:2F:F2:9A:7C:6F:C7:C6:FE:09
Authority key identifier: 45:0F:5E:A9:77:78:91:AD:4C:F4:12:8A:E7:34:04:F1:8B:D6:75:55
Certificate issuer:       /CN=450f5ea9777891ad4cf4128ae73404f18bd67555
Certificate serial:       019D382E08E425BB16A71B7F68CF6BB0403E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft
Manifest number:          01A2
Signing time:             Sun 29 Mar 2026 06:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:34 +0000
Files and hashes:         1: RQ9eqXd4ka1M9BKK5zQE8YvWdVU.crl (hash: T50LXYcs9YEmXBd952NjJiiHq7JqAwKdcIKvwus64KA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:08:e4:25:bb:16:a7:1b:7f:68:cf:6b:b0:40:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=450f5ea9777891ad4cf4128ae73404f18bd67555
        Validity
            Not Before: Mar 29 06:00:34 2026 GMT
            Not After : Mar 30 06:00:34 2026 GMT
        Subject: CN=a13ff444d2466a4dd5e72b2ff29a7c6fc7c6fe09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:12:ef:13:14:7e:d6:ac:a2:e9:4b:ec:88:14:
                    3b:89:ae:2d:b9:0c:84:aa:64:3a:98:17:0c:87:a3:
                    7b:2c:3e:28:53:96:75:0d:bb:fb:cf:b8:51:02:0a:
                    8d:61:5f:8c:09:85:50:8e:3f:97:6d:f2:d5:35:c1:
                    9d:1f:eb:10:52:93:06:77:9c:57:e4:dd:92:65:d1:
                    30:51:c0:88:78:ec:b6:66:72:18:f2:b0:9b:b2:ee:
                    29:0e:f2:63:14:d3:b2:d4:cf:6e:c7:2e:6c:3d:6f:
                    51:36:7e:21:73:75:c6:c6:1c:fe:fc:6b:cc:eb:20:
                    8e:1f:73:7a:f6:db:5a:bd:5f:88:40:5b:e6:6d:09:
                    d4:20:28:e2:4b:75:cd:8e:fc:ec:82:5b:79:4b:3e:
                    7a:4b:30:7f:e2:17:ab:66:d2:64:99:09:fe:4e:be:
                    b0:f0:c4:df:ba:de:b6:55:35:45:08:da:35:ee:33:
                    9e:34:fa:d5:2e:da:ab:8f:6a:f1:3f:f7:d0:13:be:
                    67:78:c0:ca:2e:6e:a9:8b:f4:25:72:93:b2:b6:a0:
                    ff:80:71:75:c9:60:fd:0c:38:71:2e:be:3e:e8:39:
                    65:4d:4c:6d:92:3c:06:43:0b:46:e6:2e:a0:da:fb:
                    bf:ce:a0:c0:c9:64:2e:dd:4f:13:5e:4d:55:ca:7c:
                    e2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:3F:F4:44:D2:46:6A:4D:D5:E7:2B:2F:F2:9A:7C:6F:C7:C6:FE:09
            X509v3 Authority Key Identifier:
                keyid:45:0F:5E:A9:77:78:91:AD:4C:F4:12:8A:E7:34:04:F1:8B:D6:75:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:dd:b7:bf:b8:d9:2a:bd:bd:06:59:d8:f4:46:4c:51:a0:af:
         8b:58:9c:0c:be:f0:cb:6c:72:a5:c4:e8:db:d3:12:64:50:34:
         65:b3:f6:1e:da:2a:5b:9c:cd:3e:55:38:ba:a2:59:de:f3:57:
         6c:2a:4a:a0:58:eb:e5:cc:2b:b6:c5:a6:ab:98:d8:93:9a:11:
         a1:c0:ea:5b:fe:ca:26:71:33:86:09:59:c6:bb:f8:1b:9f:4f:
         00:b0:8c:7b:7d:51:7e:b8:d3:8c:0a:4c:f9:e0:a1:e6:88:d8:
         f3:27:59:22:43:d1:10:bc:01:92:5a:1c:85:d1:65:dd:46:8b:
         15:5b:5f:d6:b8:36:10:fe:b8:46:ce:4f:08:24:2a:9f:2f:74:
         9c:eb:7b:48:38:84:c2:6e:c2:2f:30:34:c3:66:0c:3f:94:a3:
         06:49:8f:0d:a8:df:40:e8:94:ad:32:03:bb:99:da:ce:43:18:
         2c:12:cb:05:87:9c:08:a6:f7:ce:ef:b2:d2:a7:b3:14:9b:17:
         73:de:05:24:c9:14:e0:38:38:b0:c5:a7:e9:86:17:18:1b:35:
         44:c3:65:a7:30:8a:a1:ed:e9:1c:dc:b7:b3:03:af:0a:03:d2:
         10:ef:13:a9:ab:21:e8:5f:c0:98:bd:d2:3c:7d:79:14:a3:5e:
         35:a9:85:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LgjkJbsWpxt/aM9rsEA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MGY1ZWE5Nzc3ODkxYWQ0Y2Y0MTI4YWU3MzQwNGYxOGJk
Njc1NTUwHhcNMjYwMzI5MDYwMDM0WhcNMjYwMzMwMDYwMDM0WjAzMTEwLwYDVQQD
EyhhMTNmZjQ0NGQyNDY2YTRkZDVlNzJiMmZmMjlhN2M2ZmM3YzZmZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRLvExR+1qyi6UvsiBQ7ia4tuQyE
qmQ6mBcMh6N7LD4oU5Z1Dbv7z7hRAgqNYV+MCYVQjj+XbfLVNcGdH+sQUpMGd5xX
5N2SZdEwUcCIeOy2ZnIY8rCbsu4pDvJjFNOy1M9uxy5sPW9RNn4hc3XGxhz+/GvM
6yCOH3N69ttavV+IQFvmbQnUICjiS3XNjvzsglt5Sz56SzB/4herZtJkmQn+Tr6w
8MTfut62VTVFCNo17jOeNPrVLtqrj2rxP/fQE75neMDKLm6pi/QlcpOytqD/gHF1
yWD9DDhxLr4+6DllTUxtkjwGQwtG5i6g2vu/zqDAyWQu3U8TXk1VynziGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKE/9ETSRmpN1ecrL/KafG/Hxv4JMB8GA1UdIwQY
MBaAFEUPXql3eJGtTPQSiuc0BPGL1nVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlE5ZXFYZDRrYTFNOUJLSzV6UUU4WXZXZFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8wYTE4ZjYtMGI4MC00MGU5LTgyYWUt
OGRmMTI0Y2YwZWE5LzEvUlE5ZXFYZDRrYTFNOUJLSzV6UUU4WXZXZFZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8wYTE4ZjYtMGI4MC00MGU5LTgyYWUtOGRmMTI0Y2YwZWE5
LzEvUlE5ZXFYZDRrYTFNOUJLSzV6UUU4WXZXZFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa923v7jZ
Kr29BlnY9EZMUaCvi1icDL7wy2xypcTo29MSZFA0ZbP2HtoqW5zNPlU4uqJZ3vNX
bCpKoFjr5cwrtsWmq5jYk5oRocDqW/7KJnEzhglZxrv4G59PALCMe31RfrjTjApM
+eCh5ojY8ydZIkPRELwBklochdFl3UaLFVtf1rg2EP64Rs5PCCQqny90nOt7SDiE
wm7CLzA0w2YMP5SjBkmPDajfQOiUrTIDu5nazkMYLBLLBYecCKb3zu+y0qezFJsX
c94FJMkU4Dg4sMWn6YYXGBs1RMNlpzCKoe3pHNy3swOvCgPSEO8Tqash6F/AmL3S
PH15FKNeNamFjQ==
-----END CERTIFICATE-----