Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          RODMFgRFFLrzVMuD6V/nFOuTsdScPheMIcZD+6gtpv8=
Subject key identifier:   4D:B2:D1:30:1F:D5:BC:29:1A:5C:58:09:B4:F2:D4:FB:EB:F6:D5:94
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       019D27A92C313DE45CE849F4577D925D5B55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          0993
Signing time:             Thu 26 Mar 2026 01:01:31 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:31 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:31 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: aR6R1c1/cXLqodSHA3u7ZeObT5yT8zauBWCBGK0YEDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:2c:31:3d:e4:5c:e8:49:f4:57:7d:92:5d:5b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Mar 26 01:01:31 2026 GMT
            Not After : Mar 27 01:01:31 2026 GMT
        Subject: CN=4db2d1301fd5bc291a5c5809b4f2d4fbebf6d594
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:da:1d:2e:57:e3:77:79:61:80:aa:55:90:2d:
                    36:31:48:cc:46:7f:81:14:ac:d7:47:36:b7:e6:fe:
                    cb:f3:45:b0:98:fe:7d:a0:75:74:c0:d9:e7:a6:3c:
                    69:cd:2f:3b:32:31:d8:ef:25:ef:8b:f2:e8:00:be:
                    70:a7:0e:87:ea:5a:ef:2a:1a:bf:ef:57:a3:7a:63:
                    fb:82:b9:30:d2:2b:02:11:d8:c1:dc:11:c3:fc:fc:
                    ac:a9:b2:5e:51:83:87:ca:20:80:03:4d:a5:4b:29:
                    df:56:92:d3:7c:46:b1:57:2f:26:b8:06:e6:63:4d:
                    af:8f:1f:35:b9:b6:dc:be:4b:8b:81:a3:b3:fd:ac:
                    60:c1:fd:52:a6:88:78:91:66:86:96:be:98:09:76:
                    12:84:16:3a:3d:65:19:36:6c:20:16:5e:6b:ad:cf:
                    8a:ec:ab:a8:27:f4:f3:74:02:38:c5:b5:10:25:97:
                    2a:52:b5:f7:48:ad:7b:69:63:36:41:44:d8:26:34:
                    ef:4e:d1:ac:bc:86:26:a4:4f:0a:8f:b3:7e:2c:d7:
                    69:09:48:88:95:e7:10:9b:ed:9e:82:b8:73:b4:73:
                    3f:03:05:92:6f:d4:2d:41:68:4d:26:be:42:00:85:
                    4c:5f:ba:de:0a:ac:87:36:95:b8:0c:43:1d:fb:76:
                    77:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B2:D1:30:1F:D5:BC:29:1A:5C:58:09:B4:F2:D4:FB:EB:F6:D5:94
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:bf:36:cb:28:70:27:3c:fb:e1:00:1a:5d:81:62:18:d5:ac:
         09:f0:75:56:c3:cb:be:dd:76:93:0c:1a:62:f4:e9:85:6d:54:
         60:49:c5:32:31:27:ca:2e:20:fc:66:ef:0e:2c:0d:02:28:06:
         ed:0d:a9:1c:3a:c6:6c:98:ba:99:e0:e5:51:28:94:20:27:7d:
         ee:c6:61:dc:50:e9:e5:62:08:26:6a:87:80:bc:17:33:f3:db:
         7b:c2:4f:a9:70:da:a6:b1:fa:4b:60:82:74:5b:cd:f1:c4:73:
         a1:74:93:c5:ad:cf:1b:20:cb:ab:92:af:f8:22:a3:b0:84:2b:
         3c:e5:68:ad:83:7e:dd:ca:be:8b:23:ff:c5:c1:b9:c7:d2:ec:
         a1:bd:c9:0b:1f:49:43:d3:5a:7e:d6:52:95:6c:b1:54:ff:fa:
         8e:27:7e:20:15:bf:6c:9b:ed:c7:c9:5a:b8:c7:bd:08:81:89:
         8c:8f:06:4b:82:b6:94:b7:02:20:65:ef:2b:24:df:a7:25:bb:
         00:78:94:9c:56:1e:ff:65:5b:a8:84:c9:17:6a:db:5a:fb:93:
         be:94:1a:e6:1f:e5:b5:92:69:2b:38:5f:a4:1d:ef:ee:32:17:
         7e:bf:cb:04:25:bc:c4:73:ed:a6:22:d4:2e:ed:7e:81:a5:a3:
         ee:1b:0d:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqSwxPeRc6En0V32SXVtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjYwMzI2MDEwMTMxWhcNMjYwMzI3MDEwMTMxWjAzMTEwLwYDVQQD
Eyg0ZGIyZDEzMDFmZDViYzI5MWE1YzU4MDliNGYyZDRmYmViZjZkNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdodLlfjd3lhgKpVkC02MUjMRn+B
FKzXRza35v7L80WwmP59oHV0wNnnpjxpzS87MjHY7yXvi/LoAL5wpw6H6lrvKhq/
71ejemP7grkw0isCEdjB3BHD/PysqbJeUYOHyiCAA02lSynfVpLTfEaxVy8muAbm
Y02vjx81ubbcvkuLgaOz/axgwf1Spoh4kWaGlr6YCXYShBY6PWUZNmwgFl5rrc+K
7KuoJ/TzdAI4xbUQJZcqUrX3SK17aWM2QUTYJjTvTtGsvIYmpE8Kj7N+LNdpCUiI
lecQm+2egrhztHM/AwWSb9QtQWhNJr5CAIVMX7reCqyHNpW4DEMd+3Z3xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2y0TAf1bwpGlxYCbTy1Pvr9tWUMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApr82yyhw
Jzz74QAaXYFiGNWsCfB1VsPLvt12kwwaYvTphW1UYEnFMjEnyi4g/GbvDiwNAigG
7Q2pHDrGbJi6meDlUSiUICd97sZh3FDp5WIIJmqHgLwXM/Pbe8JPqXDaprH6S2CC
dFvN8cRzoXSTxa3PGyDLq5Kv+CKjsIQrPOVorYN+3cq+iyP/xcG5x9Lsob3JCx9J
Q9NaftZSlWyxVP/6jid+IBW/bJvtx8lauMe9CIGJjI8GS4K2lLcCIGXvKyTfpyW7
AHiUnFYe/2VbqITJF2rbWvuTvpQa5h/ltZJpKzhfpB3v7jIXfr/LBCW8xHPtpiLU
Lu1+gaWj7hsNbw==
-----END CERTIFICATE-----