Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft
File:                     Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft (raw, json)
Hash identifier:          dZ5O6RyXM7AU/bOFYa8EhH9Proj1CEkvo2KvgTC7zMU=
Subject key identifier:   B8:B0:5C:F0:FB:AA:BB:4F:8A:95:4F:7F:D4:49:C9:66:C7:E5:7B:D9
Authority key identifier: 43:F6:87:BF:38:3E:32:04:5B:C0:27:DC:CA:EA:AD:CF:36:C8:E7:15
Certificate issuer:       /CN=43f687bf383e32045bc027dccaeaadcf36c8e715
Certificate serial:       019D3A1C6025F73146E61B63FE4FB341648C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft
Manifest number:          017C
Signing time:             Sun 29 Mar 2026 15:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:31 +0000
Files and hashes:         1: Q_aHvzg-MgRbwCfcyuqtzzbI5xU.crl (hash: doWU1AmLm4PDZwD4HrD0bzfgY3gJlr9dY3ov7EDuMTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 15:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:60:25:f7:31:46:e6:1b:63:fe:4f:b3:41:64:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43f687bf383e32045bc027dccaeaadcf36c8e715
        Validity
            Not Before: Mar 29 15:00:31 2026 GMT
            Not After : Mar 30 15:00:31 2026 GMT
        Subject: CN=b8b05cf0fbaabb4f8a954f7fd449c966c7e57bd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:17:63:bd:50:55:7c:c2:49:49:eb:55:cf:63:
                    f2:a4:a0:b6:04:0d:fa:86:be:93:11:56:f8:26:90:
                    fd:30:47:04:1c:7d:9a:3b:d0:58:db:52:3b:f1:78:
                    c8:cf:9b:43:89:bf:d4:bb:46:93:fa:bd:19:e1:13:
                    4f:c4:bd:98:2a:78:70:f5:bf:3b:aa:2d:89:0e:f7:
                    6f:e3:e6:89:44:01:cd:c5:f3:5b:ce:54:33:a8:55:
                    59:8a:4d:56:d9:82:75:01:d0:68:30:e3:5b:b0:2e:
                    fc:f5:cc:9b:47:d9:c6:ab:c7:08:80:bb:43:8f:d3:
                    fb:f7:ff:8e:44:e6:a3:18:3c:07:97:98:f5:bf:96:
                    6e:27:36:bf:56:e2:5d:ac:9b:21:e4:12:b3:11:65:
                    1b:9f:ee:0d:0c:9f:40:76:8d:b4:e1:93:91:f2:a8:
                    82:39:bb:34:ec:0a:ab:c5:12:8a:39:f1:d3:77:99:
                    71:e3:dd:4d:d8:a1:58:a8:c2:c6:d7:5c:19:b0:e4:
                    4a:e8:a2:3f:95:00:f1:d9:5c:4c:d6:72:04:99:19:
                    63:46:a9:1b:45:f9:77:c5:92:49:5f:b5:b5:ef:03:
                    bd:4c:de:56:48:34:89:d2:e6:59:c9:9a:f6:5d:16:
                    8e:aa:b8:a6:89:ba:0d:57:65:dc:de:c9:ee:97:fb:
                    a3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:B0:5C:F0:FB:AA:BB:4F:8A:95:4F:7F:D4:49:C9:66:C7:E5:7B:D9
            X509v3 Authority Key Identifier:
                keyid:43:F6:87:BF:38:3E:32:04:5B:C0:27:DC:CA:EA:AD:CF:36:C8:E7:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/851a00-595a-4fb8-ac2c-9261626a48c5/1/Q_aHvzg-MgRbwCfcyuqtzzbI5xU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:31:4a:84:3d:db:ff:c6:29:29:cd:a1:c6:eb:b1:d3:8d:3a:
         5f:3c:e6:18:1f:76:78:3e:79:36:82:62:42:fb:25:4a:72:81:
         4b:df:c8:85:6e:29:c6:ff:9f:6e:13:ba:dd:ba:92:25:d2:3c:
         f4:4d:65:f0:25:18:6e:fc:ff:30:6f:2d:a4:46:4a:2e:8c:fe:
         e3:2a:30:27:20:04:40:93:c3:33:39:31:f2:b6:e5:2a:c8:5d:
         51:43:c5:04:0e:02:9b:1f:40:f7:75:14:74:05:a6:ac:4b:dd:
         77:18:99:f7:5e:2f:27:78:5d:4f:08:de:f7:65:10:a6:43:3a:
         72:be:ba:d3:07:60:8e:36:72:c1:00:81:b0:a5:90:cd:b3:e4:
         1d:44:3f:c3:eb:e0:82:ee:16:8d:0b:08:6a:33:74:0f:67:ee:
         4c:7c:24:fb:75:0a:c1:e0:40:7d:1f:48:50:02:7f:ed:03:30:
         7e:3f:e8:f3:44:b4:c2:f2:21:4d:35:25:d2:8a:a4:82:2e:90:
         03:e4:74:e7:ef:62:28:86:95:34:4a:bd:7d:13:ff:f1:db:7b:
         05:2b:41:52:86:6e:33:79:48:1c:1c:0c:87:e3:42:0b:e3:b3:
         c0:31:b0:03:f9:c2:65:ac:52:a8:6a:95:25:ce:ed:e6:2d:cc:
         8e:05:a6:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HGAl9zFG5htj/k+zQWSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZjY4N2JmMzgzZTMyMDQ1YmMwMjdkY2NhZWFhZGNmMzZj
OGU3MTUwHhcNMjYwMzI5MTUwMDMxWhcNMjYwMzMwMTUwMDMxWjAzMTEwLwYDVQQD
EyhiOGIwNWNmMGZiYWFiYjRmOGE5NTRmN2ZkNDQ5Yzk2NmM3ZTU3YmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxdjvVBVfMJJSetVz2PypKC2BA36
hr6TEVb4JpD9MEcEHH2aO9BY21I78XjIz5tDib/Uu0aT+r0Z4RNPxL2YKnhw9b87
qi2JDvdv4+aJRAHNxfNbzlQzqFVZik1W2YJ1AdBoMONbsC789cybR9nGq8cIgLtD
j9P79/+OROajGDwHl5j1v5ZuJza/VuJdrJsh5BKzEWUbn+4NDJ9Ado204ZOR8qiC
Obs07AqrxRKKOfHTd5lx491N2KFYqMLG11wZsORK6KI/lQDx2VxM1nIEmRljRqkb
Rfl3xZJJX7W17wO9TN5WSDSJ0uZZyZr2XRaOqrimiboNV2Xc3snul/ujHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiwXPD7qrtPipVPf9RJyWbH5XvZMB8GA1UdIwQY
MBaAFEP2h784PjIEW8An3Mrqrc82yOcVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9hSHZ6Zy1NZ1Jid0NmY3l1cXR6emJJNXhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NTFhMDAtNTk1YS00ZmI4LWFjMmMt
OTI2MTYyNmE0OGM1LzEvUV9hSHZ6Zy1NZ1Jid0NmY3l1cXR6emJJNXhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NTFhMDAtNTk1YS00ZmI4LWFjMmMtOTI2MTYyNmE0OGM1
LzEvUV9hSHZ6Zy1NZ1Jid0NmY3l1cXR6emJJNXhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUzFKhD3b
/8YpKc2hxuux0406XzzmGB92eD55NoJiQvslSnKBS9/IhW4pxv+fbhO63bqSJdI8
9E1l8CUYbvz/MG8tpEZKLoz+4yowJyAEQJPDMzkx8rblKshdUUPFBA4Cmx9A93UU
dAWmrEvddxiZ914vJ3hdTwje92UQpkM6cr660wdgjjZywQCBsKWQzbPkHUQ/w+vg
gu4WjQsIajN0D2fuTHwk+3UKweBAfR9IUAJ/7QMwfj/o80S0wvIhTTUl0oqkgi6Q
A+R05+9iKIaVNEq9fRP/8dt7BStBUoZuM3lIHBwMh+NCC+OzwDGwA/nCZaxSqGqV
Jc7t5i3MjgWmCQ==
-----END CERTIFICATE-----