Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          BmenGt/wA/m7ISne8FXZJT2wbj4ZYZoHZN00/QPrNfU=
Subject key identifier:   94:5F:E6:C6:3E:A0:A1:44:DE:EB:80:FE:48:BE:92:BA:A7:B4:FA:92
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       019D3866626ACEFB75AF2AC6690CE3109957
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:02:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:07 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: cMZtckZey9WfwZisSKsrpm1oUtOYdxLSuLwNxtwZiLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:62:6a:ce:fb:75:af:2a:c6:69:0c:e3:10:99:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: Mar 29 07:02:07 2026 GMT
            Not After : Mar 30 07:02:07 2026 GMT
        Subject: CN=945fe6c63ea0a144deeb80fe48be92baa7b4fa92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d6:48:30:6f:ef:01:35:73:1c:54:12:9b:41:
                    c5:63:25:93:48:f7:c1:d3:af:0c:3b:34:99:46:81:
                    44:0d:3a:08:8f:4e:4c:f5:06:25:af:77:6f:e5:b6:
                    9e:a6:e0:fd:7a:31:57:1d:71:52:b8:72:88:7d:a2:
                    fd:0f:b6:f1:99:93:84:38:d2:0c:1b:0a:9d:84:34:
                    8a:bd:30:9b:55:86:12:c5:c2:88:6a:4f:5d:de:7f:
                    8b:67:93:85:2c:74:63:74:93:b1:79:5f:62:35:15:
                    74:c3:8d:0d:57:ba:ac:a2:16:76:9e:f7:a8:6b:9d:
                    ca:ba:92:90:ac:37:ef:c7:98:32:39:f7:ce:48:7a:
                    8e:66:96:7b:b2:7d:61:c3:58:4f:92:3c:04:e4:19:
                    a4:1f:9c:24:14:4f:0d:98:0d:9e:ec:31:a9:89:89:
                    1a:90:5f:40:00:70:22:c1:db:39:22:e9:84:72:78:
                    68:4f:e4:d7:69:86:14:8d:b9:16:c4:29:83:5b:25:
                    a4:83:f1:a1:10:06:04:32:2b:07:2d:21:d0:7b:95:
                    c6:48:f8:31:5a:e7:db:86:91:ac:63:6b:18:bf:27:
                    6f:dc:b4:94:08:e7:10:4c:2e:a5:0b:92:91:93:33:
                    9a:95:7b:e8:27:ae:0a:73:1f:0d:c1:40:d4:30:be:
                    d0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:5F:E6:C6:3E:A0:A1:44:DE:EB:80:FE:48:BE:92:BA:A7:B4:FA:92
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:05:16:f9:d7:79:5d:72:04:17:82:c0:47:a7:1f:35:10:b4:
         73:09:ce:90:dc:23:44:ad:c4:49:0a:1f:70:c9:98:b8:89:26:
         3f:77:77:0a:34:28:2f:56:28:ce:f4:1c:c0:75:b3:8e:6a:ca:
         57:5f:72:b3:a7:33:2a:71:88:17:9a:a4:61:46:e0:71:d6:24:
         cc:44:e9:b3:6d:b1:4a:d2:db:db:e4:9b:f5:a7:34:1b:bf:1f:
         e1:c5:c7:23:ac:df:37:59:c0:4f:15:7c:9b:1b:0a:2f:81:15:
         2b:90:78:b3:1c:a5:bd:0c:70:65:c1:11:b4:98:f6:29:c5:01:
         04:b1:fa:b6:58:38:1d:0b:03:5c:2e:8f:f8:97:b6:fa:90:24:
         d1:9e:e1:27:3d:20:93:72:11:35:8d:43:ea:b1:3d:79:b2:71:
         9e:61:a7:78:46:75:e2:ac:e7:b6:e8:7b:15:bd:7f:12:85:24:
         d3:0f:f4:5e:cd:64:d9:0f:f9:29:d4:dc:3c:cc:59:2b:92:ac:
         28:a5:08:aa:bb:cd:bf:ea:f1:ea:de:96:01:fc:cb:76:da:e8:
         24:5e:31:ca:86:06:fb:69:4a:fd:c9:72:41:50:37:41:ff:10:
         3c:58:84:f3:d4:fb:bf:0f:6a:f0:9b:61:fd:17:c3:c7:2b:bd:
         d5:b0:24:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmJqzvt1ryrGaQzjEJlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjYwMzI5MDcwMjA3WhcNMjYwMzMwMDcwMjA3WjAzMTEwLwYDVQQD
Eyg5NDVmZTZjNjNlYTBhMTQ0ZGVlYjgwZmU0OGJlOTJiYWE3YjRmYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtZIMG/vATVzHFQSm0HFYyWTSPfB
068MOzSZRoFEDToIj05M9QYlr3dv5baepuD9ejFXHXFSuHKIfaL9D7bxmZOEONIM
GwqdhDSKvTCbVYYSxcKIak9d3n+LZ5OFLHRjdJOxeV9iNRV0w40NV7qsohZ2nveo
a53KupKQrDfvx5gyOffOSHqOZpZ7sn1hw1hPkjwE5BmkH5wkFE8NmA2e7DGpiYka
kF9AAHAiwds5IumEcnhoT+TXaYYUjbkWxCmDWyWkg/GhEAYEMisHLSHQe5XGSPgx
WufbhpGsY2sYvydv3LSUCOcQTC6lC5KRkzOalXvoJ64Kcx8NwUDUML7QUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRf5sY+oKFE3uuA/ki+krqntPqSMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsQUW+dd5
XXIEF4LAR6cfNRC0cwnOkNwjRK3ESQofcMmYuIkmP3d3CjQoL1YozvQcwHWzjmrK
V19ys6czKnGIF5qkYUbgcdYkzETps22xStLb2+Sb9ac0G78f4cXHI6zfN1nATxV8
mxsKL4EVK5B4sxylvQxwZcERtJj2KcUBBLH6tlg4HQsDXC6P+Je2+pAk0Z7hJz0g
k3IRNY1D6rE9ebJxnmGneEZ14qzntuh7Fb1/EoUk0w/0Xs1k2Q/5KdTcPMxZK5Ks
KKUIqrvNv+rx6t6WAfzLdtroJF4xyoYG+2lK/clyQVA3Qf8QPFiE89T7vw9q8Jth
/RfDxyu91bAkhQ==
-----END CERTIFICATE-----