Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          WzyifcfZ0WJWNX1kuQpu3OiJTHvF8DvcJT5cJC//OTg=
Subject key identifier:   C4:F3:C3:E3:63:19:41:DF:7D:C9:87:39:BA:E1:E5:C1:DA:77:63:FB
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       019D2961CC9094BF7A84E3BF72F7E35FF959
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 09:02:48 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:48 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:48 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: 5pGPROzdBdhij98b8SlBBjo/ecT41C73y89pixuoWtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:cc:90:94:bf:7a:84:e3:bf:72:f7:e3:5f:f9:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Mar 26 09:02:48 2026 GMT
            Not After : Mar 27 09:02:48 2026 GMT
        Subject: CN=c4f3c3e3631941df7dc98739bae1e5c1da7763fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6c:d1:9e:48:f4:56:d0:72:26:c3:bc:f1:bd:
                    0a:9e:67:d5:47:64:e2:91:68:ae:a2:bc:6d:77:6d:
                    2a:f1:1c:12:ce:c6:78:a0:a9:cc:fa:9a:40:66:0c:
                    94:82:b5:5b:95:05:3a:0c:30:34:54:2d:ff:46:77:
                    df:55:f0:5b:a4:40:88:5d:6a:dc:bc:d2:a1:21:80:
                    8f:ce:fb:50:04:58:69:8b:15:49:60:c2:b7:82:1f:
                    45:57:d0:f5:e6:44:8a:34:b5:d3:c3:d0:bd:5f:52:
                    8b:b4:42:1d:f7:71:5b:cc:25:43:62:a7:3f:32:0d:
                    14:6b:f3:a0:9d:35:e9:be:6e:b7:db:5b:24:f6:49:
                    75:7e:d2:77:64:0f:e1:f6:4f:89:26:2e:ca:be:35:
                    44:a7:5a:d9:6d:e6:ae:98:53:18:18:66:84:73:33:
                    19:fb:03:85:4b:75:13:c0:39:3a:ff:56:bd:98:0e:
                    96:4d:15:68:2d:6a:aa:fb:2a:c1:cd:6e:6d:a4:2c:
                    21:c1:58:25:b6:30:a0:cc:1a:6e:52:f6:ea:51:9d:
                    59:33:a1:9a:3c:05:27:9d:41:30:a6:56:e9:af:2c:
                    1a:19:cc:c9:c1:f7:7c:86:12:50:91:77:64:8d:00:
                    a5:43:43:17:f5:bc:32:34:e6:ec:03:73:d4:0d:58:
                    62:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:F3:C3:E3:63:19:41:DF:7D:C9:87:39:BA:E1:E5:C1:DA:77:63:FB
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:b5:fe:23:47:23:79:26:76:7f:75:f2:ba:4e:83:71:8a:39:
         6f:a3:1f:93:ec:e6:a0:ae:d7:7e:fc:51:0a:84:66:4f:00:20:
         6a:94:92:e7:7d:cf:f6:99:79:5b:73:d1:13:d2:a8:a4:b5:7c:
         30:00:bb:ad:95:1a:7d:7b:fc:55:9b:e3:37:e9:78:63:31:45:
         ee:e4:84:df:42:32:9e:4b:39:0e:0c:ec:19:02:29:e1:36:c6:
         fd:a2:11:37:b2:29:38:ac:bf:02:f2:f7:4b:c1:3b:82:a8:28:
         80:94:91:9a:2a:e4:27:89:d8:e7:c8:4f:25:02:ba:2a:f0:4f:
         b2:8c:4d:a0:96:f1:6b:00:0b:14:e7:02:ad:b5:75:cf:3a:fe:
         be:a4:07:43:9f:2f:2a:fa:e3:c6:92:21:d1:2a:42:c0:d2:2c:
         a0:26:35:16:c0:b6:3d:63:a8:fb:9b:be:3a:ef:3e:cd:ee:50:
         a8:48:ba:da:39:0b:ed:1c:36:84:c3:7e:88:8b:45:e8:d1:d7:
         93:ab:80:3a:64:0e:d5:f6:63:14:ce:cf:6e:ad:2c:b7:cd:f6:
         c9:81:69:00:a0:0a:63:ac:bb:67:cb:df:8d:c4:ed:2c:2d:a9:
         72:f2:f3:ab:48:83:f0:09:2f:8c:8f:bb:99:b0:fb:5e:bf:8c:
         16:8b:90:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYcyQlL96hOO/cvfjX/lZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjYwMzI2MDkwMjQ4WhcNMjYwMzI3MDkwMjQ4WjAzMTEwLwYDVQQD
EyhjNGYzYzNlMzYzMTk0MWRmN2RjOTg3MzliYWUxZTVjMWRhNzc2M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWzRnkj0VtByJsO88b0KnmfVR2Ti
kWiuorxtd20q8RwSzsZ4oKnM+ppAZgyUgrVblQU6DDA0VC3/RnffVfBbpECIXWrc
vNKhIYCPzvtQBFhpixVJYMK3gh9FV9D15kSKNLXTw9C9X1KLtEId93FbzCVDYqc/
Mg0Ua/OgnTXpvm6321sk9kl1ftJ3ZA/h9k+JJi7KvjVEp1rZbeaumFMYGGaEczMZ
+wOFS3UTwDk6/1a9mA6WTRVoLWqq+yrBzW5tpCwhwVgltjCgzBpuUvbqUZ1ZM6Ga
PAUnnUEwplbprywaGczJwfd8hhJQkXdkjQClQ0MX9bwyNObsA3PUDVhipwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTzw+NjGUHffcmHObrh5cHad2P7MB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAULX+I0cj
eSZ2f3Xyuk6DcYo5b6Mfk+zmoK7XfvxRCoRmTwAgapSS533P9pl5W3PRE9KopLV8
MAC7rZUafXv8VZvjN+l4YzFF7uSE30Iynks5DgzsGQIp4TbG/aIRN7IpOKy/AvL3
S8E7gqgogJSRmirkJ4nY58hPJQK6KvBPsoxNoJbxawALFOcCrbV1zzr+vqQHQ58v
KvrjxpIh0SpCwNIsoCY1FsC2PWOo+5u+Ou8+ze5QqEi62jkL7Rw2hMN+iItF6NHX
k6uAOmQO1fZjFM7Pbq0st832yYFpAKAKY6y7Z8vfjcTtLC2pcvLzq0iD8AkvjI+7
mbD7Xr+MFouQVA==
-----END CERTIFICATE-----