Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
File:                     Q5_i1RcHd00tDCv50SrQercmQqI.mft (raw, json)
Hash identifier:          v7qKepWxVpnj8OJ+rRqduPUHZgIhaVI/QEmR7BtGzYo=
Subject key identifier:   C4:6B:2C:C6:9E:FA:54:C7:F1:B1:6E:23:E3:2D:C4:24:00:79:15:9C
Authority key identifier: 43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2
Certificate issuer:       /CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
Certificate serial:       019D37C01B87EE857A512197B35108E10E11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
Manifest number:          10F3
Signing time:             Sun 29 Mar 2026 04:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:29 +0000
Files and hashes:         1: Q5_i1RcHd00tDCv50SrQercmQqI.crl (hash: 0cSGtm1iENMK+l1uPkzazdQMYyspRO8EOn6DD7vBiPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:1b:87:ee:85:7a:51:21:97:b3:51:08:e1:0e:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
        Validity
            Not Before: Mar 29 04:00:29 2026 GMT
            Not After : Mar 30 04:00:29 2026 GMT
        Subject: CN=c46b2cc69efa54c7f1b16e23e32dc4240079159c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a9:c7:17:91:90:3c:d7:a2:a7:76:a3:e9:b0:
                    1d:4e:86:60:95:27:61:a9:9d:12:9a:cf:e1:9a:8d:
                    6c:4b:30:e6:77:54:02:8e:db:fa:02:f5:a2:ee:11:
                    69:5d:d3:cd:40:d5:6b:bc:8d:36:58:a9:93:3b:b7:
                    e3:08:4d:67:c4:88:ef:7e:4e:7c:d6:46:ba:a2:3b:
                    c6:54:5f:77:80:f8:06:af:00:16:e2:3e:31:f3:43:
                    02:5f:08:85:86:12:19:16:d8:41:67:c3:fc:87:21:
                    88:b5:f1:b0:fb:ec:b0:b8:a9:00:63:0e:ea:0c:86:
                    ab:c4:b8:7e:70:98:21:72:75:de:78:f9:fc:8d:49:
                    6d:16:42:ef:81:22:1c:90:98:ef:5f:59:64:d6:94:
                    8c:40:73:7b:78:c2:21:8a:ce:d0:9e:af:91:f7:73:
                    18:96:61:29:29:ed:ba:06:d4:8b:f9:f0:26:8f:b8:
                    c8:84:03:7b:43:c5:33:d4:19:fb:8c:cb:f6:32:b2:
                    44:e9:58:bb:c8:5e:16:69:4b:d0:c4:35:0f:42:41:
                    e7:0d:70:0e:06:96:0e:93:cf:cc:e3:53:9b:74:48:
                    35:7a:5d:16:9e:d2:89:05:40:90:5f:b3:0c:a7:09:
                    1f:5f:b8:c7:02:92:e3:3a:f4:2d:3d:81:9d:08:cc:
                    43:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:6B:2C:C6:9E:FA:54:C7:F1:B1:6E:23:E3:2D:C4:24:00:79:15:9C
            X509v3 Authority Key Identifier:
                keyid:43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:eb:f9:7a:98:78:95:10:d2:31:52:0e:52:66:5f:f1:c5:fb:
         2a:41:76:5a:2a:cf:a9:72:0b:2e:e8:42:8d:77:72:a5:75:29:
         65:60:35:01:b4:2a:46:4a:25:68:4c:da:0d:8a:26:0f:6f:3c:
         9d:e3:b6:3f:24:a4:5f:75:55:54:72:af:05:c6:3a:f0:c6:ef:
         81:d6:8b:cd:2a:f8:d0:a2:59:57:a8:43:c5:ef:25:b0:32:87:
         04:e5:86:bd:e7:51:80:5d:06:39:e7:79:d3:0a:6d:43:f8:a4:
         95:e0:4f:dd:62:06:13:1e:d1:c3:fe:94:39:14:f4:da:33:be:
         3f:7e:b2:06:25:f9:eb:23:28:33:4c:a4:1e:5f:07:6d:84:8d:
         b5:47:ae:d9:a9:56:8c:1e:b0:21:ad:72:93:ce:b5:2c:c8:26:
         c3:55:c2:29:bf:bf:f6:76:98:a0:6e:f7:81:b1:d2:fb:75:47:
         37:e2:00:75:fb:39:07:c2:0c:96:70:ae:17:22:48:c8:4c:58:
         e6:14:d6:28:f8:9e:a9:e1:92:39:6c:42:a9:96:8e:9f:66:4d:
         e1:18:53:fd:85:e7:8f:f4:8c:3f:29:c9:af:65:74:bb:7b:65:
         62:05:20:2f:5e:c1:01:0f:d8:35:e3:18:59:4e:81:57:d1:11:
         e5:a0:b1:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wBuH7oV6USGXs1EI4Q4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWZlMmQ1MTcwNzc3NGQyZDBjMmJmOWQxMmFkMDdhYjcy
NjQyYTIwHhcNMjYwMzI5MDQwMDI5WhcNMjYwMzMwMDQwMDI5WjAzMTEwLwYDVQQD
EyhjNDZiMmNjNjllZmE1NGM3ZjFiMTZlMjNlMzJkYzQyNDAwNzkxNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqnHF5GQPNeip3aj6bAdToZglSdh
qZ0Sms/hmo1sSzDmd1QCjtv6AvWi7hFpXdPNQNVrvI02WKmTO7fjCE1nxIjvfk58
1ka6ojvGVF93gPgGrwAW4j4x80MCXwiFhhIZFthBZ8P8hyGItfGw++ywuKkAYw7q
DIarxLh+cJghcnXeePn8jUltFkLvgSIckJjvX1lk1pSMQHN7eMIhis7Qnq+R93MY
lmEpKe26BtSL+fAmj7jIhAN7Q8Uz1Bn7jMv2MrJE6Vi7yF4WaUvQxDUPQkHnDXAO
BpYOk8/M41ObdEg1el0WntKJBUCQX7MMpwkfX7jHApLjOvQtPYGdCMxDXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRrLMae+lTH8bFuI+MtxCQAeRWcMB8GA1UdIwQY
MBaAFEOf4tUXB3dNLQwr+dEq0Hq3JkKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUt
YTFkNmQ5MWNkZTY4LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUtYTFkNmQ5MWNkZTY4
LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI+v5eph4
lRDSMVIOUmZf8cX7KkF2WirPqXILLuhCjXdypXUpZWA1AbQqRkolaEzaDYomD288
neO2PySkX3VVVHKvBcY68MbvgdaLzSr40KJZV6hDxe8lsDKHBOWGvedRgF0GOed5
0wptQ/ikleBP3WIGEx7Rw/6UORT02jO+P36yBiX56yMoM0ykHl8HbYSNtUeu2alW
jB6wIa1yk861LMgmw1XCKb+/9naYoG73gbHS+3VHN+IAdfs5B8IMlnCuFyJIyExY
5hTWKPieqeGSOWxCqZaOn2ZN4RhT/YXnj/SMPynJr2V0u3tlYgUgL17BAQ/YNeMY
WU6BV9ER5aCxvg==
-----END CERTIFICATE-----