Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/985056-748f-4b92-b6fe-54c37c02b7ee/1/QTJyL2byeskHL9x-kx9uGoUTz8Y.mft
File:                     QTJyL2byeskHL9x-kx9uGoUTz8Y.mft (raw, json)
Hash identifier:          kwFXxVqEOOlq85K7Xw9YqXWU2eniyzzroWLoYuNX/Hk=
Subject key identifier:   0D:67:DD:B6:05:D8:10:76:38:E1:99:DE:B9:AE:7A:EE:48:7B:F0:83
Authority key identifier: 41:32:72:2F:66:F2:7A:C9:07:2F:DC:7E:93:1F:6E:1A:85:13:CF:C6
Certificate issuer:       /CN=4132722f66f27ac9072fdc7e931f6e1a8513cfc6
Certificate serial:       019D3865CBEF9B5F2FAA3264C4637F0DC5AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTJyL2byeskHL9x-kx9uGoUTz8Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/985056-748f-4b92-b6fe-54c37c02b7ee/1/QTJyL2byeskHL9x-kx9uGoUTz8Y.mft
Manifest number:          03A8
Signing time:             Sun 29 Mar 2026 07:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:28 +0000
Files and hashes:         1: QTJyL2byeskHL9x-kx9uGoUTz8Y.crl (hash: +VqImQ1/jPH5pXlSzKc/ZVLsPUx/bohNmUa1JEozf3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/985056-748f-4b92-b6fe-54c37c02b7ee/1/QTJyL2byeskHL9x-kx9uGoUTz8Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/985056-748f-4b92-b6fe-54c37c02b7ee/1/QTJyL2byeskHL9x-kx9uGoUTz8Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTJyL2byeskHL9x-kx9uGoUTz8Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:cb:ef:9b:5f:2f:aa:32:64:c4:63:7f:0d:c5:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132722f66f27ac9072fdc7e931f6e1a8513cfc6
        Validity
            Not Before: Mar 29 07:01:28 2026 GMT
            Not After : Mar 30 07:01:28 2026 GMT
        Subject: CN=0d67ddb605d8107638e199deb9ae7aee487bf083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:e5:14:7e:ac:81:10:ad:7f:a6:77:2a:cf:40:
                    24:a6:03:cf:27:b0:fa:45:6d:bb:69:df:e0:e6:72:
                    18:87:bf:b7:e9:d3:c8:92:75:be:10:b3:23:06:31:
                    13:7d:20:37:c9:f9:c9:4c:3f:2c:3f:af:e1:e0:7f:
                    ae:f5:5d:4e:01:ca:f5:a7:bb:d9:3e:0c:f9:eb:03:
                    ff:dd:13:80:08:b0:bc:38:2a:34:66:be:d3:1a:64:
                    12:fd:46:56:f5:45:5a:b9:06:29:99:7f:5d:71:fa:
                    31:a9:b3:55:c0:ec:ca:c4:2b:a5:2e:db:72:0f:09:
                    e1:ad:3b:74:e1:eb:97:92:e1:48:85:a5:e3:b4:ca:
                    9d:5c:37:d1:ed:82:ba:39:74:af:ca:2d:f2:fe:c6:
                    cc:4d:56:77:be:48:30:0c:be:15:24:de:a8:48:21:
                    bf:c1:43:10:6c:5e:03:4b:a4:da:ae:ef:9e:d3:f4:
                    0d:fc:0c:36:2e:99:c4:cc:b3:bd:de:d7:97:75:a8:
                    2c:b7:59:3c:91:ae:c0:35:5a:47:41:40:57:a6:db:
                    59:e2:a9:8b:ba:50:87:83:53:58:54:00:ba:01:0d:
                    eb:22:ce:82:60:57:72:65:51:5b:25:04:03:72:a3:
                    fb:8c:55:66:91:29:d5:50:c5:25:6c:c9:f0:eb:d5:
                    4e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:67:DD:B6:05:D8:10:76:38:E1:99:DE:B9:AE:7A:EE:48:7B:F0:83
            X509v3 Authority Key Identifier:
                keyid:41:32:72:2F:66:F2:7A:C9:07:2F:DC:7E:93:1F:6E:1A:85:13:CF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTJyL2byeskHL9x-kx9uGoUTz8Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/985056-748f-4b92-b6fe-54c37c02b7ee/1/QTJyL2byeskHL9x-kx9uGoUTz8Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/985056-748f-4b92-b6fe-54c37c02b7ee/1/QTJyL2byeskHL9x-kx9uGoUTz8Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:ca:6f:5e:64:95:2d:a0:70:cf:2a:36:ed:25:82:f1:5e:16:
         14:3b:b1:0d:54:a6:20:f1:7d:d4:94:b5:c1:4b:66:30:36:97:
         52:25:36:67:3e:89:0b:6c:b0:43:67:4a:fe:05:42:96:2e:17:
         6e:c1:42:92:c0:54:b6:35:42:26:43:33:21:40:7b:5b:93:90:
         21:0b:4e:4e:fb:49:7b:1b:c7:43:c9:2d:ce:7f:1b:63:a3:81:
         cc:9d:36:f4:64:ce:e3:2d:a7:9d:e1:28:41:b1:be:9e:3c:f1:
         31:c1:51:6b:3f:93:10:85:44:aa:61:00:fd:51:ef:38:a3:4c:
         06:3e:42:1a:54:8d:f5:b8:99:6e:a8:9d:d6:0c:ca:79:14:11:
         9f:9b:3d:a0:45:0b:6a:f7:0f:17:d8:7e:a2:6b:10:38:45:e5:
         c9:03:e4:34:bb:ec:b7:ae:04:6f:da:0a:84:10:de:26:33:4a:
         0e:5b:34:f2:9f:8f:d7:ec:15:19:94:0a:ca:a4:72:b4:90:9c:
         3a:96:af:24:55:e6:6b:aa:4c:a9:9b:95:c0:98:26:fe:e7:4a:
         df:3f:ac:89:a0:78:61:54:08:40:6a:f8:ed:88:2b:29:4b:c8:
         be:01:99:1a:4e:fb:2b:ed:05:20:75:fb:2b:80:18:04:be:e2:
         93:b8:1a:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zcvvm18vqjJkxGN/DcWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzI3MjJmNjZmMjdhYzkwNzJmZGM3ZTkzMWY2ZTFhODUx
M2NmYzYwHhcNMjYwMzI5MDcwMTI4WhcNMjYwMzMwMDcwMTI4WjAzMTEwLwYDVQQD
EygwZDY3ZGRiNjA1ZDgxMDc2MzhlMTk5ZGViOWFlN2FlZTQ4N2JmMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+UUfqyBEK1/pncqz0AkpgPPJ7D6
RW27ad/g5nIYh7+36dPIknW+ELMjBjETfSA3yfnJTD8sP6/h4H+u9V1OAcr1p7vZ
Pgz56wP/3ROACLC8OCo0Zr7TGmQS/UZW9UVauQYpmX9dcfoxqbNVwOzKxCulLtty
DwnhrTt04euXkuFIhaXjtMqdXDfR7YK6OXSvyi3y/sbMTVZ3vkgwDL4VJN6oSCG/
wUMQbF4DS6Taru+e0/QN/Aw2LpnEzLO93teXdagst1k8ka7ANVpHQUBXpttZ4qmL
ulCHg1NYVAC6AQ3rIs6CYFdyZVFbJQQDcqP7jFVmkSnVUMUlbMnw69VOOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1n3bYF2BB2OOGZ3rmueu5Ie/CDMB8GA1UdIwQY
MBaAFEEyci9m8nrJBy/cfpMfbhqFE8/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRKeUwyYnllc2tITDl4LWt4OXVHb1VUejhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My85ODUwNTYtNzQ4Zi00YjkyLWI2ZmUt
NTRjMzdjMDJiN2VlLzEvUVRKeUwyYnllc2tITDl4LWt4OXVHb1VUejhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My85ODUwNTYtNzQ4Zi00YjkyLWI2ZmUtNTRjMzdjMDJiN2Vl
LzEvUVRKeUwyYnllc2tITDl4LWt4OXVHb1VUejhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8pvXmSV
LaBwzyo27SWC8V4WFDuxDVSmIPF91JS1wUtmMDaXUiU2Zz6JC2ywQ2dK/gVCli4X
bsFCksBUtjVCJkMzIUB7W5OQIQtOTvtJexvHQ8ktzn8bY6OBzJ029GTO4y2nneEo
QbG+njzxMcFRaz+TEIVEqmEA/VHvOKNMBj5CGlSN9biZbqid1gzKeRQRn5s9oEUL
avcPF9h+omsQOEXlyQPkNLvst64Eb9oKhBDeJjNKDls08p+P1+wVGZQKyqRytJCc
OpavJFXma6pMqZuVwJgm/udK3z+siaB4YVQIQGr47YgrKUvIvgGZGk77K+0FIHX7
K4AYBL7ik7gatw==
-----END CERTIFICATE-----