Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
File:                     qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft (raw, json)
Hash identifier:          t6jZTdVbKggBhloXrxVPcdFoQyJcB/BElRotnweUOxI=
Subject key identifier:   D4:DD:94:3D:26:0B:BE:AC:57:32:05:B0:D7:FF:98:2D:DC:D9:E3:5E
Authority key identifier: AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4
Certificate issuer:       /CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
Certificate serial:       019D38D352FF94577D66EB420376AFD52F75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
Manifest number:          1111
Signing time:             Sun 29 Mar 2026 09:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:06 +0000
Files and hashes:         1: qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl (hash: 7EcVVmKosSLbwijIl9j36WFVgCU8j1zXXa9M6ex/oE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:52:ff:94:57:7d:66:eb:42:03:76:af:d5:2f:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa2a707938ba62fe19e6474dac787df3f8cfdee4
        Validity
            Not Before: Mar 29 09:01:06 2026 GMT
            Not After : Mar 30 09:01:06 2026 GMT
        Subject: CN=d4dd943d260bbeac573205b0d7ff982ddcd9e35e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:3b:99:80:c2:51:3e:8d:42:94:9c:0a:cd:8b:
                    b0:11:31:9d:a3:d7:4c:03:6d:ce:17:72:af:22:70:
                    e2:cb:5b:38:39:c0:fc:72:33:e3:66:15:44:86:74:
                    3b:68:8e:ee:91:7c:23:cd:ac:8b:38:f8:47:be:b1:
                    de:a3:fb:aa:3f:f5:be:42:9b:94:24:1d:0a:b2:f7:
                    cb:89:87:43:92:27:59:24:f6:05:6b:96:ac:dd:77:
                    c5:e4:5c:4b:9a:87:9d:b0:53:5e:a1:4a:e2:5b:4a:
                    9c:75:52:df:44:7f:b9:9a:6b:ce:13:f1:5f:54:bd:
                    11:6f:4b:c3:a3:ec:11:92:67:e7:07:12:18:55:11:
                    91:cd:54:8e:1d:e3:24:77:0b:cd:23:37:e2:68:1f:
                    58:af:a0:58:fa:95:f9:97:95:75:27:91:b8:f1:b8:
                    82:1a:56:76:40:39:2a:bc:d5:c5:d9:e2:69:44:6c:
                    68:ac:18:6c:08:0f:56:f2:a7:8d:e8:b9:14:67:0f:
                    72:49:f1:f6:08:6a:a7:a1:2d:39:b1:c3:3e:3d:21:
                    e5:63:75:a7:b4:7c:db:fe:b9:b5:b1:fc:10:f6:48:
                    1f:d3:18:00:c7:a0:35:f6:1f:cc:0f:68:ec:df:64:
                    a6:f2:c4:ce:ca:76:24:3d:f1:12:b1:6d:7b:5c:44:
                    d5:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:DD:94:3D:26:0B:BE:AC:57:32:05:B0:D7:FF:98:2D:DC:D9:E3:5E
            X509v3 Authority Key Identifier:
                keyid:AA:2A:70:79:38:BA:62:FE:19:E6:47:4D:AC:78:7D:F3:F8:CF:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipweTi6Yv4Z5kdNrHh98_jP3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9d42ef-74a5-4f82-8a83-d716f4068139/1/qipweTi6Yv4Z5kdNrHh98_jP3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:8c:2c:78:86:2b:e8:9d:4e:e8:19:14:21:d0:1d:a3:bc:20:
         0c:e3:f6:57:75:98:f3:a1:90:ee:17:b3:c8:84:e5:3b:42:e7:
         32:6c:ae:df:6b:a2:c2:dc:5e:c1:bf:4c:32:20:62:f7:3c:26:
         15:9c:ad:fd:87:51:3b:69:16:bf:5f:ba:d7:b4:b4:cb:98:73:
         8d:07:cb:cf:ca:c7:72:da:26:2c:35:73:48:75:c6:8a:e4:c0:
         39:0e:15:53:5f:3a:9b:ce:30:57:c2:54:e4:f2:79:83:75:52:
         29:01:2d:79:62:a5:d7:58:57:3d:38:c0:06:1a:3a:41:75:1f:
         af:56:1f:c7:f4:55:3b:a5:4c:76:73:70:76:c0:6d:63:f3:d0:
         a9:5c:19:1d:a5:87:4d:9c:8e:51:5e:8c:c0:fd:a8:81:d5:2b:
         b7:65:22:94:ac:13:c7:d8:4a:86:14:d4:8e:e1:d7:d0:05:59:
         d3:4b:23:f1:40:08:39:91:32:2f:d0:2d:ba:a6:ab:15:a1:31:
         99:c3:40:c9:9a:a3:59:2f:36:69:09:33:b9:af:fd:ed:92:9f:
         46:cd:f9:21:17:47:90:fc:16:df:7f:9e:26:e1:37:13:4a:32:
         fc:6e:dc:f3:6e:63:86:02:e8:cf:ef:42:64:43:e5:e8:bc:b5:
         82:0c:df:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401L/lFd9ZutCA3av1S91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE3MDc5MzhiYTYyZmUxOWU2NDc0ZGFjNzg3ZGYzZjhj
ZmRlZTQwHhcNMjYwMzI5MDkwMTA2WhcNMjYwMzMwMDkwMTA2WjAzMTEwLwYDVQQD
EyhkNGRkOTQzZDI2MGJiZWFjNTczMjA1YjBkN2ZmOTgyZGRjZDllMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4juZgMJRPo1ClJwKzYuwETGdo9dM
A23OF3KvInDiy1s4OcD8cjPjZhVEhnQ7aI7ukXwjzayLOPhHvrHeo/uqP/W+QpuU
JB0KsvfLiYdDkidZJPYFa5as3XfF5FxLmoedsFNeoUriW0qcdVLfRH+5mmvOE/Ff
VL0Rb0vDo+wRkmfnBxIYVRGRzVSOHeMkdwvNIzfiaB9Yr6BY+pX5l5V1J5G48biC
GlZ2QDkqvNXF2eJpRGxorBhsCA9W8qeN6LkUZw9ySfH2CGqnoS05scM+PSHlY3Wn
tHzb/rm1sfwQ9kgf0xgAx6A19h/MD2js32Sm8sTOynYkPfESsW17XETVNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTdlD0mC76sVzIFsNf/mC3c2eNeMB8GA1UdIwQY
MBaAFKoqcHk4umL+GeZHTax4ffP4z97kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMt
ZDcxNmY0MDY4MTM5LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZDQyZWYtNzRhNS00ZjgyLThhODMtZDcxNmY0MDY4MTM5
LzEvcWlwd2VUaTZZdjRaNWtkTnJIaDk4X2pQM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxowseIYr
6J1O6BkUIdAdo7wgDOP2V3WY86GQ7hezyITlO0LnMmyu32uiwtxewb9MMiBi9zwm
FZyt/YdRO2kWv1+617S0y5hzjQfLz8rHctomLDVzSHXGiuTAOQ4VU186m84wV8JU
5PJ5g3VSKQEteWKl11hXPTjABho6QXUfr1Yfx/RVO6VMdnNwdsBtY/PQqVwZHaWH
TZyOUV6MwP2ogdUrt2UilKwTx9hKhhTUjuHX0AVZ00sj8UAIOZEyL9AtuqarFaEx
mcNAyZqjWS82aQkzua/97ZKfRs35IRdHkPwW33+eJuE3E0oy/G7c825jhgLoz+9C
ZEPl6Ly1ggzfKQ==
-----END CERTIFICATE-----