Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
File:                     QFphtYwdUt5SLgQQCcv80fflK3w.mft (raw, json)
Hash identifier:          XeQ7dUBNji4tP125zz8IgH59yMci0Q5agugrLOuwQJI=
Subject key identifier:   26:64:A7:B4:15:A2:F5:51:35:85:66:A9:FA:3B:B8:C7:32:E3:51:40
Authority key identifier: 40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C
Certificate issuer:       /CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
Certificate serial:       019D3A536642110372142888B2DC7108EFD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
Manifest number:          138A
Signing time:             Sun 29 Mar 2026 16:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:37 +0000
Files and hashes:         1: QFphtYwdUt5SLgQQCcv80fflK3w.crl (hash: v7Cd4rmq8fTcBb3ClMjKhPFWxT7G8eCpDWTIWlw3r4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:66:42:11:03:72:14:28:88:b2:dc:71:08:ef:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c
        Validity
            Not Before: Mar 29 16:00:37 2026 GMT
            Not After : Mar 30 16:00:37 2026 GMT
        Subject: CN=2664a7b415a2f551358566a9fa3bb8c732e35140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:04:04:82:eb:b5:8c:cf:49:be:de:c9:cd:fd:
                    92:20:73:e9:2e:58:51:af:a7:90:b7:3e:7c:da:55:
                    4e:29:d6:e1:62:01:f8:4a:50:85:5e:f8:69:3a:d1:
                    07:30:d8:8f:4f:b4:16:65:51:7e:2d:86:c7:86:dc:
                    cd:e9:f1:90:d9:62:a1:7b:95:9d:61:64:2f:56:37:
                    5d:28:9a:3a:7c:34:5d:38:48:ba:0a:77:aa:9f:50:
                    70:cd:f1:52:bc:68:66:3a:db:5c:2e:50:b8:a9:88:
                    dd:fe:9e:91:c0:cc:0f:0e:82:a7:ef:b1:d4:89:46:
                    83:ed:df:8a:80:18:d1:9d:a4:12:6e:54:a2:61:56:
                    ba:d5:69:58:7e:92:08:06:25:29:57:6c:2d:a9:4e:
                    fc:8c:27:3b:84:72:20:53:f2:41:49:c9:98:0e:0b:
                    87:6c:7c:0b:25:9f:b8:9f:1c:43:d7:fe:82:83:7b:
                    3b:dd:35:07:65:b0:80:aa:40:de:6c:38:2e:93:8f:
                    d8:b5:70:2c:c3:62:60:3c:3f:02:4f:d8:ba:30:01:
                    27:43:7d:ae:79:f6:9b:e8:0b:cf:30:75:45:5c:de:
                    34:0f:e7:fa:b8:a0:22:89:cc:fb:f5:35:47:6a:3d:
                    c5:7c:0e:2d:fc:f8:e3:6f:c3:ed:c2:01:8d:69:46:
                    fe:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:64:A7:B4:15:A2:F5:51:35:85:66:A9:FA:3B:B8:C7:32:E3:51:40
            X509v3 Authority Key Identifier:
                keyid:40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:0d:0d:d3:fc:03:d4:1a:b9:4d:de:c1:58:a7:5c:21:ef:98:
         eb:dd:53:f5:65:9c:e0:6e:dc:43:a2:66:3f:ac:bc:51:69:ef:
         a2:09:1e:d3:7c:00:b0:df:8f:5a:20:b2:00:31:b7:bf:2d:10:
         63:b9:ac:1a:16:f7:e7:4e:5b:a0:55:2e:43:c2:89:4f:81:ac:
         f9:b2:84:ea:aa:61:b9:3a:cf:39:98:6c:3c:31:e0:79:8f:3b:
         2b:60:3f:d8:8f:50:e8:c7:aa:c3:aa:6e:1e:04:69:1d:11:0b:
         49:32:af:1a:77:af:46:a8:78:1a:cf:86:e3:b5:c5:b2:1b:f6:
         63:ea:7a:49:b3:ff:d7:dc:50:f2:9e:38:0a:ab:23:36:b8:9b:
         84:b5:97:b2:4a:a9:93:cd:b5:b7:ca:f2:51:29:27:38:38:21:
         f6:36:8c:0e:18:fd:ca:96:34:a9:39:bf:b8:a0:a2:76:f3:0a:
         bb:a2:e0:73:a6:27:eb:65:6a:51:0d:7e:0e:d0:bd:39:a2:c5:
         e2:6c:fe:50:d4:b3:97:41:16:b5:4b:8f:ee:4d:b0:e0:0e:08:
         ab:4d:01:61:35:5f:03:d3:bf:7d:24:c9:21:9d:fd:cd:e4:32:
         53:37:bd:b4:83:0a:21:86:34:ae:5b:69:b5:86:14:4a:a0:13:
         fc:d7:db:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U2ZCEQNyFCiIstxxCO/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWE2MWI1OGMxZDUyZGU1MjJlMDQxMDA5Y2JmY2QxZjdl
NTJiN2MwHhcNMjYwMzI5MTYwMDM3WhcNMjYwMzMwMTYwMDM3WjAzMTEwLwYDVQQD
EygyNjY0YTdiNDE1YTJmNTUxMzU4NTY2YTlmYTNiYjhjNzMyZTM1MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQQEguu1jM9Jvt7Jzf2SIHPpLlhR
r6eQtz582lVOKdbhYgH4SlCFXvhpOtEHMNiPT7QWZVF+LYbHhtzN6fGQ2WKhe5Wd
YWQvVjddKJo6fDRdOEi6Cneqn1BwzfFSvGhmOttcLlC4qYjd/p6RwMwPDoKn77HU
iUaD7d+KgBjRnaQSblSiYVa61WlYfpIIBiUpV2wtqU78jCc7hHIgU/JBScmYDguH
bHwLJZ+4nxxD1/6Cg3s73TUHZbCAqkDebDguk4/YtXAsw2JgPD8CT9i6MAEnQ32u
efab6AvPMHVFXN40D+f6uKAiicz79TVHaj3FfA4t/Pjjb8PtwgGNaUb+mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZkp7QVovVRNYVmqfo7uMcy41FAMB8GA1UdIwQY
MBaAFEBaYbWMHVLeUi4EEAnL/NH35St8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTct
ZmUwMTMzY2RhNTM1LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTctZmUwMTMzY2RhNTM1
LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJA0N0/wD
1Bq5Td7BWKdcIe+Y691T9WWc4G7cQ6JmP6y8UWnvogke03wAsN+PWiCyADG3vy0Q
Y7msGhb3505boFUuQ8KJT4Gs+bKE6qphuTrPOZhsPDHgeY87K2A/2I9Q6Meqw6pu
HgRpHRELSTKvGnevRqh4Gs+G47XFshv2Y+p6SbP/19xQ8p44CqsjNribhLWXskqp
k821t8ryUSknODgh9jaMDhj9ypY0qTm/uKCidvMKu6Lgc6Yn62VqUQ1+DtC9OaLF
4mz+UNSzl0EWtUuP7k2w4A4Iq00BYTVfA9O/fSTJIZ39zeQyUze9tIMKIYY0rltp
tYYUSqAT/Nfb7w==
-----END CERTIFICATE-----