Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
File:                     qhC-mR89uJUJcQwgZ233qKS_4bQ.mft (raw, json)
Hash identifier:          zZiZv09VnnPF0yi8Ni79dtv3vSYhIOtEpKUE5D4puF8=
Subject key identifier:   1D:DD:13:2F:14:62:03:E4:47:E2:B3:8C:5D:C0:CE:E7:99:0D:D1:29
Authority key identifier: AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4
Certificate issuer:       /CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
Certificate serial:       019D3940C6AF1D034645B0E4E5A40572D99B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
Manifest number:          0C9C
Signing time:             Sun 29 Mar 2026 11:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:39 +0000
Files and hashes:         1: qhC-mR89uJUJcQwgZ233qKS_4bQ.crl (hash: OvGxIsgyAM03N3ILBEI5YNoLtKFY2rWxD/IJ6mJst2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:c6:af:1d:03:46:45:b0:e4:e5:a4:05:72:d9:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
        Validity
            Not Before: Mar 29 11:00:39 2026 GMT
            Not After : Mar 30 11:00:39 2026 GMT
        Subject: CN=1ddd132f146203e447e2b38c5dc0cee7990dd129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:56:bf:ac:4e:bf:21:b0:e9:5e:3c:87:52:1d:
                    c5:e1:c3:42:26:69:47:1d:c5:e5:0b:81:30:90:2e:
                    9c:0b:d8:2c:ba:65:ad:61:e4:c3:52:06:a1:93:8c:
                    69:d4:22:ee:48:8b:b9:82:ef:f9:5f:9d:ca:02:99:
                    65:40:4e:55:71:06:2a:1f:59:81:3b:17:29:90:78:
                    46:b5:61:38:9a:34:f5:c2:59:65:c5:cb:c7:49:ca:
                    94:73:ae:be:24:f1:53:9d:38:51:0c:42:48:91:e1:
                    46:8a:87:6d:2f:5f:90:44:e7:e8:fb:66:91:5a:97:
                    7f:60:08:6b:1c:af:d4:25:21:ee:84:75:f4:29:5f:
                    47:d6:cc:f4:e0:6d:cf:c6:6d:39:49:ab:97:2d:1e:
                    16:67:dd:cb:eb:47:08:88:50:5b:26:d0:37:c0:bc:
                    89:70:6e:94:fb:8d:39:08:93:43:4c:94:e2:f2:ae:
                    8e:9f:28:48:e2:fb:d3:ae:0c:a0:26:1f:c3:f6:9b:
                    3a:56:10:c1:6b:20:91:3f:8d:8c:09:a1:f5:62:6f:
                    1a:ab:43:16:82:9d:43:40:ab:21:6e:54:c2:89:82:
                    fb:33:09:de:d4:ac:03:16:79:25:a4:b7:13:c1:a1:
                    e0:17:97:4d:6a:a9:18:fb:83:8f:75:d9:d6:af:58:
                    a0:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:DD:13:2F:14:62:03:E4:47:E2:B3:8C:5D:C0:CE:E7:99:0D:D1:29
            X509v3 Authority Key Identifier:
                keyid:AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:c3:7d:f2:15:97:95:6b:58:c9:f4:3b:fc:ca:ec:f5:3a:2f:
         93:8d:9e:40:58:66:f3:c4:00:37:c7:39:24:98:72:89:56:19:
         d4:25:cc:fe:79:2b:4e:ee:94:03:f5:96:82:f2:9f:b0:d4:9f:
         86:dc:54:da:9f:2f:77:1c:0a:85:e0:57:ba:7a:0e:12:86:e4:
         e0:5c:90:26:5e:b3:a7:47:75:12:49:8c:a2:3b:a7:04:d1:2e:
         86:ae:d9:d5:3e:1f:ec:d8:a1:f0:e5:8a:bb:fe:b2:9c:d4:29:
         a6:76:4e:df:09:8d:8c:13:01:8e:83:6b:62:d9:dd:c0:7b:31:
         c2:7b:a9:7d:52:4d:df:5d:12:ae:ae:fd:12:73:3a:b1:15:c2:
         cc:62:d7:2b:7c:68:cf:15:6f:4b:3b:18:34:36:54:04:b2:5a:
         41:3d:20:bb:93:6a:a2:ce:04:5d:f8:60:b1:30:be:c5:e4:67:
         d2:b6:03:3e:f5:95:e8:91:e2:f0:35:8d:ed:b1:72:a0:0c:ef:
         07:11:99:3e:1c:68:55:40:c7:33:9f:58:98:77:a6:bf:2e:44:
         2e:34:d1:b6:72:3b:b4:82:15:ac:8d:64:71:fc:c5:99:d6:af:
         63:b0:31:8f:94:6c:00:86:12:1c:f1:b0:46:de:a7:33:c5:9a:
         b1:23:30:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QMavHQNGRbDk5aQFctmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMTBiZTk5MWYzZGI4OTUwOTcxMGMyMDY3NmRmN2E4YTRi
ZmUxYjQwHhcNMjYwMzI5MTEwMDM5WhcNMjYwMzMwMTEwMDM5WjAzMTEwLwYDVQQD
EygxZGRkMTMyZjE0NjIwM2U0NDdlMmIzOGM1ZGMwY2VlNzk5MGRkMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArla/rE6/IbDpXjyHUh3F4cNCJmlH
HcXlC4EwkC6cC9gsumWtYeTDUgahk4xp1CLuSIu5gu/5X53KApllQE5VcQYqH1mB
OxcpkHhGtWE4mjT1wlllxcvHScqUc66+JPFTnThRDEJIkeFGiodtL1+QROfo+2aR
Wpd/YAhrHK/UJSHuhHX0KV9H1sz04G3Pxm05SauXLR4WZ93L60cIiFBbJtA3wLyJ
cG6U+405CJNDTJTi8q6OnyhI4vvTrgygJh/D9ps6VhDBayCRP42MCaH1Ym8aq0MW
gp1DQKshblTCiYL7Mwne1KwDFnklpLcTwaHgF5dNaqkY+4OPddnWr1igFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3dEy8UYgPkR+KzjF3AzueZDdEpMB8GA1UdIwQY
MBaAFKoQvpkfPbiVCXEMIGdt96ikv+G0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTct
MTgzZTJlNzIzMDFiLzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTctMTgzZTJlNzIzMDFi
LzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXcN98hWX
lWtYyfQ7/Mrs9Tovk42eQFhm88QAN8c5JJhyiVYZ1CXM/nkrTu6UA/WWgvKfsNSf
htxU2p8vdxwKheBXunoOEobk4FyQJl6zp0d1EkmMojunBNEuhq7Z1T4f7Nih8OWK
u/6ynNQppnZO3wmNjBMBjoNrYtndwHsxwnupfVJN310Srq79EnM6sRXCzGLXK3xo
zxVvSzsYNDZUBLJaQT0gu5Nqos4EXfhgsTC+xeRn0rYDPvWV6JHi8DWN7bFyoAzv
BxGZPhxoVUDHM59YmHemvy5ELjTRtnI7tIIVrI1kcfzFmdavY7Axj5RsAIYSHPGw
Rt6nM8WasSMw1w==
-----END CERTIFICATE-----