Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
File:                     qwJca7PczxsWUUnChzwEsabH2no.mft (raw, json)
Hash identifier:          TrVmfpmqSHGQJLYr8Y4r0taM729GSB1IrgVrkVvjGzQ=
Subject key identifier:   2D:8E:20:B0:61:3C:CB:8C:2D:E5:B8:A0:1B:73:76:B0:DD:85:4D:FF
Authority key identifier: AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A
Certificate issuer:       /CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
Certificate serial:       019D386665DB70AF2F4675744532D88CD711
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
Manifest number:          0D4B
Signing time:             Sun 29 Mar 2026 07:02:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:07 +0000
Files and hashes:         1: qwJca7PczxsWUUnChzwEsabH2no.crl (hash: kA+pi2PZFIo+PqXivFlhJKukdappE0GtQMXIikYOw6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:65:db:70:af:2f:46:75:74:45:32:d8:8c:d7:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab025c6bb3dccf1b165149c2873c04b1a6c7da7a
        Validity
            Not Before: Mar 29 07:02:07 2026 GMT
            Not After : Mar 30 07:02:07 2026 GMT
        Subject: CN=2d8e20b0613ccb8c2de5b8a01b7376b0dd854dff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:1b:9d:04:49:b5:21:d5:ed:59:8e:a1:8d:38:
                    3a:be:da:03:46:0d:13:0e:f6:90:68:ca:1f:2f:b0:
                    31:e0:d7:b9:7a:40:97:13:71:d5:97:e3:11:cd:40:
                    79:42:e0:fb:f4:dc:f4:ab:93:84:eb:11:01:e3:08:
                    15:6b:8e:cd:11:c6:ad:6e:95:e5:91:3a:d9:9c:3d:
                    57:4e:1e:c1:ce:35:33:ab:b4:c3:cc:ee:2d:27:00:
                    b6:7f:be:a8:b8:73:1b:26:23:3d:ab:c8:d7:1d:6b:
                    f4:6a:e1:6d:de:31:09:99:2f:6e:f3:f2:e3:47:71:
                    e4:73:af:be:47:7a:90:62:4b:a7:78:bc:be:78:d5:
                    eb:c2:c5:46:ac:60:77:e3:ba:6c:63:bc:9f:29:23:
                    8e:3b:d7:57:06:8f:24:84:e7:77:bb:83:49:2c:54:
                    81:63:20:fc:91:71:82:fd:a5:b1:78:d0:9f:cd:ac:
                    63:c0:88:04:6b:d2:95:83:f6:79:20:1c:04:cb:bd:
                    dc:d7:58:45:4e:2b:59:ce:93:5a:ce:9c:78:b1:ea:
                    06:eb:2e:ee:14:e7:84:a6:a5:ff:2d:9a:81:a3:bc:
                    fd:26:a0:a2:7d:9d:98:bb:20:80:21:9e:7a:dd:4f:
                    41:74:0e:a6:c1:55:a8:da:cd:45:8f:9f:fb:04:d3:
                    0f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:8E:20:B0:61:3C:CB:8C:2D:E5:B8:A0:1B:73:76:B0:DD:85:4D:FF
            X509v3 Authority Key Identifier:
                keyid:AB:02:5C:6B:B3:DC:CF:1B:16:51:49:C2:87:3C:04:B1:A6:C7:DA:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwJca7PczxsWUUnChzwEsabH2no.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05b1e3-24c0-4668-9f40-fe77473e3dcf/1/qwJca7PczxsWUUnChzwEsabH2no.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:37:05:c1:a0:27:91:6f:70:d4:d6:0e:36:c6:8e:d7:92:38:
         d4:af:57:6d:1f:3b:ef:8b:7b:d7:cf:91:c8:5b:a6:24:52:4f:
         67:5e:22:cc:2d:d8:5c:d1:12:1c:5b:66:db:b1:4d:9d:c3:33:
         1c:30:7c:4e:e8:56:19:cf:f4:dc:7a:3d:48:02:b4:9b:54:29:
         80:da:69:93:14:23:ab:ac:b7:0c:09:08:84:b2:6e:55:34:a1:
         2e:e0:73:67:e6:b9:da:9a:6b:7c:f8:34:f4:35:36:28:7b:7f:
         32:14:36:6e:56:ae:8e:29:92:2e:81:fd:6c:0c:30:25:b5:cc:
         78:c3:32:13:31:60:03:2f:e4:48:1e:6b:44:09:1f:cb:d1:79:
         19:21:b2:47:e2:3c:5d:39:9d:fd:28:79:f1:f8:93:63:4f:aa:
         73:72:fa:66:22:b9:e5:90:f5:20:08:cd:de:30:2c:ec:ea:ac:
         6b:2c:e2:c8:94:f5:2a:d7:07:81:2a:84:4b:ce:dd:e6:98:95:
         2b:37:f9:59:94:8f:c3:84:b4:68:6e:64:76:60:ce:bf:00:7a:
         aa:b4:2b:e9:c0:26:1b:86:d6:92:bd:25:eb:f1:98:c3:bc:8d:
         68:14:aa:d0:48:47:42:84:e2:cf:9e:5f:c7:3e:0a:8d:24:54:
         cc:ef:93:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmXbcK8vRnV0RTLYjNcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDI1YzZiYjNkY2NmMWIxNjUxNDljMjg3M2MwNGIxYTZj
N2RhN2EwHhcNMjYwMzI5MDcwMjA3WhcNMjYwMzMwMDcwMjA3WjAzMTEwLwYDVQQD
EygyZDhlMjBiMDYxM2NjYjhjMmRlNWI4YTAxYjczNzZiMGRkODU0ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xudBEm1IdXtWY6hjTg6vtoDRg0T
DvaQaMofL7Ax4Ne5ekCXE3HVl+MRzUB5QuD79Nz0q5OE6xEB4wgVa47NEcatbpXl
kTrZnD1XTh7BzjUzq7TDzO4tJwC2f76ouHMbJiM9q8jXHWv0auFt3jEJmS9u8/Lj
R3Hkc6++R3qQYkuneLy+eNXrwsVGrGB347psY7yfKSOOO9dXBo8khOd3u4NJLFSB
YyD8kXGC/aWxeNCfzaxjwIgEa9KVg/Z5IBwEy73c11hFTitZzpNazpx4seoG6y7u
FOeEpqX/LZqBo7z9JqCifZ2YuyCAIZ563U9BdA6mwVWo2s1Fj5/7BNMPeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2OILBhPMuMLeW4oBtzdrDdhU3/MB8GA1UdIwQY
MBaAFKsCXGuz3M8bFlFJwoc8BLGmx9p6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAt
ZmU3NzQ3M2UzZGNmLzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNWIxZTMtMjRjMC00NjY4LTlmNDAtZmU3NzQ3M2UzZGNm
LzEvcXdKY2E3UGN6eHNXVVVuQ2h6d0VzYWJIMm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATzcFwaAn
kW9w1NYONsaO15I41K9XbR8774t718+RyFumJFJPZ14izC3YXNESHFtm27FNncMz
HDB8TuhWGc/03Ho9SAK0m1QpgNppkxQjq6y3DAkIhLJuVTShLuBzZ+a52pprfPg0
9DU2KHt/MhQ2blaujimSLoH9bAwwJbXMeMMyEzFgAy/kSB5rRAkfy9F5GSGyR+I8
XTmd/Sh58fiTY0+qc3L6ZiK55ZD1IAjN3jAs7OqsayziyJT1KtcHgSqES87d5piV
Kzf5WZSPw4S0aG5kdmDOvwB6qrQr6cAmG4bWkr0l6/GYw7yNaBSq0EhHQoTiz55f
xz4KjSRUzO+T1w==
-----END CERTIFICATE-----