Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
File:                     q33wfyEEN2kvd-7DRpuaSCuW0ao.mft (raw, json)
Hash identifier:          SWwFnY8BsxRA5+LAeiDNJJHyy4In0m0b19Xe2AdUAVU=
Subject key identifier:   6D:9F:82:B8:56:A2:5E:F5:9D:9A:46:A2:17:C1:DB:9C:FB:C1:76:26
Authority key identifier: AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA
Certificate issuer:       /CN=ab7df07f210437692f77eec3469b9a482b96d1aa
Certificate serial:       019D3789035A6ADC5CC41A1611DF3334FECA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
Manifest number:          0823
Signing time:             Sun 29 Mar 2026 03:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:19 +0000
Files and hashes:         1: q33wfyEEN2kvd-7DRpuaSCuW0ao.crl (hash: MRe1eHiXonACyoe5OI9fQamIv7b3zYFHlMmW/RlTzk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:03:5a:6a:dc:5c:c4:1a:16:11:df:33:34:fe:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7df07f210437692f77eec3469b9a482b96d1aa
        Validity
            Not Before: Mar 29 03:00:19 2026 GMT
            Not After : Mar 30 03:00:19 2026 GMT
        Subject: CN=6d9f82b856a25ef59d9a46a217c1db9cfbc17626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:38:00:86:d3:68:56:4d:f7:20:f6:81:f0:a3:
                    e2:32:c7:52:39:db:e4:76:38:4c:21:ad:4f:37:5f:
                    d3:cd:e0:8e:bd:95:36:e6:25:79:e4:29:7f:bd:2b:
                    60:1e:99:d7:76:c7:66:ff:10:32:5f:34:10:16:90:
                    8d:1d:3c:4b:d8:3d:25:43:a3:f2:d3:6e:f3:b9:86:
                    2a:58:0d:7a:39:6e:0a:9b:15:be:b7:54:50:13:8a:
                    9d:81:06:d5:55:d3:01:b2:0d:61:a1:b4:8d:0e:b3:
                    de:a3:24:25:6c:21:db:4d:49:a3:18:d7:a9:06:79:
                    ea:9e:49:d0:b4:f8:b1:c2:4c:07:14:8c:7c:f8:5f:
                    d2:5e:ec:6f:e6:3a:8c:b5:15:e6:8f:ce:30:1e:e8:
                    e2:fb:0b:62:73:03:bd:c2:2a:10:dd:c2:e8:1c:20:
                    75:02:28:c9:9b:eb:43:d2:af:66:4e:1f:d0:10:3a:
                    41:d4:46:14:1e:67:b3:9f:4f:9c:57:ab:23:c3:29:
                    88:20:bf:67:3c:51:86:cd:9b:ea:70:ac:93:33:5a:
                    bd:a8:7f:d8:df:56:1b:02:27:03:db:a6:f2:9f:10:
                    f2:60:b0:9a:9d:03:ce:35:95:22:f3:04:45:cc:08:
                    05:29:d4:2c:b8:a1:40:38:e9:95:41:aa:32:7b:5d:
                    d7:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:9F:82:B8:56:A2:5E:F5:9D:9A:46:A2:17:C1:DB:9C:FB:C1:76:26
            X509v3 Authority Key Identifier:
                keyid:AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:cf:2c:0f:94:96:24:11:2f:61:2f:ea:7a:b6:27:0c:00:c6:
         88:ef:82:e3:3b:ce:41:f0:65:a1:75:af:79:ea:bc:5b:47:f3:
         22:5f:6f:9c:7b:5f:4d:0e:32:6e:78:0c:87:c8:30:33:9e:62:
         69:86:a9:4c:4a:4d:a1:99:d2:78:80:49:92:93:79:45:84:81:
         4c:47:c1:7a:d1:1e:33:4c:a7:05:80:e2:33:34:17:9d:cf:a0:
         b0:93:66:b8:2a:5a:66:a6:67:f6:7d:d5:2c:4b:db:65:95:20:
         db:bb:f6:6b:84:02:38:d5:44:63:a0:93:2a:c8:ad:8a:b8:26:
         0c:db:33:d4:d3:73:e1:91:a6:08:9d:a1:3a:82:ff:d7:2c:5a:
         0b:02:fe:0c:e3:be:85:81:10:72:ba:28:26:5d:0d:77:98:a0:
         79:be:e5:17:ce:88:3a:6e:f3:0c:c9:59:f3:88:cc:dc:6d:bf:
         8a:e0:9d:24:68:ba:67:df:f4:08:dd:df:a1:8f:4f:de:96:47:
         9c:a5:c1:0b:70:55:9d:16:35:66:99:7c:b2:9d:c2:82:66:f3:
         d2:a7:31:c7:6b:0b:6a:98:9f:a9:f8:88:26:dc:7e:dc:04:c9:
         89:c0:ca:0f:fd:f3:44:a1:25:16:25:a1:10:e4:7e:a2:1f:ea:
         bc:85:cc:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iQNaatxcxBoWEd8zNP7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2RmMDdmMjEwNDM3NjkyZjc3ZWVjMzQ2OWI5YTQ4MmI5
NmQxYWEwHhcNMjYwMzI5MDMwMDE5WhcNMjYwMzMwMDMwMDE5WjAzMTEwLwYDVQQD
Eyg2ZDlmODJiODU2YTI1ZWY1OWQ5YTQ2YTIxN2MxZGI5Y2ZiYzE3NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjgAhtNoVk33IPaB8KPiMsdSOdvk
djhMIa1PN1/TzeCOvZU25iV55Cl/vStgHpnXdsdm/xAyXzQQFpCNHTxL2D0lQ6Py
027zuYYqWA16OW4KmxW+t1RQE4qdgQbVVdMBsg1hobSNDrPeoyQlbCHbTUmjGNep
BnnqnknQtPixwkwHFIx8+F/SXuxv5jqMtRXmj84wHuji+wticwO9wioQ3cLoHCB1
AijJm+tD0q9mTh/QEDpB1EYUHmezn0+cV6sjwymIIL9nPFGGzZvqcKyTM1q9qH/Y
31YbAicD26bynxDyYLCanQPONZUi8wRFzAgFKdQsuKFAOOmVQaoye13X3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2fgrhWol71nZpGohfB25z7wXYmMB8GA1UdIwQY
MBaAFKt98H8hBDdpL3fuw0abmkgrltGqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQt
NjcxMGU5NmExYjZmLzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQtNjcxMGU5NmExYjZm
LzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqs8sD5SW
JBEvYS/qerYnDADGiO+C4zvOQfBloXWveeq8W0fzIl9vnHtfTQ4ybngMh8gwM55i
aYapTEpNoZnSeIBJkpN5RYSBTEfBetEeM0ynBYDiMzQXnc+gsJNmuCpaZqZn9n3V
LEvbZZUg27v2a4QCONVEY6CTKsitirgmDNsz1NNz4ZGmCJ2hOoL/1yxaCwL+DOO+
hYEQcrooJl0Nd5igeb7lF86IOm7zDMlZ84jM3G2/iuCdJGi6Z9/0CN3foY9P3pZH
nKXBC3BVnRY1Zpl8sp3Cgmbz0qcxx2sLapifqfiIJtx+3ATJicDKD/3zRKElFiWh
EOR+oh/qvIXMTw==
-----END CERTIFICATE-----