Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
File:                     qYI63d9sNfBbfByuB5BL_58vass.mft (raw, json)
Hash identifier:          lZDcqK/aojRsvA4j9TaFaTscMCzXlsPMRvQ7MSncHXQ=
Subject key identifier:   18:2C:CE:DD:38:4C:94:A4:2E:96:12:13:16:94:65:B6:C5:AD:FA:B2
Authority key identifier: A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB
Certificate issuer:       /CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
Certificate serial:       019D27723CCBDD783F998A45D2252B35953E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
Manifest number:          0CFC
Signing time:             Thu 26 Mar 2026 00:01:31 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:31 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:31 +0000
Files and hashes:         1: qYI63d9sNfBbfByuB5BL_58vass.crl (hash: FzvwKNtNHAi8G/v7nAR6rOKHUiW99Wb+SawKh0FQDyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:3c:cb:dd:78:3f:99:8a:45:d2:25:2b:35:95:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9823adddf6c35f05b7c1cae07904bff9f2f6acb
        Validity
            Not Before: Mar 26 00:01:31 2026 GMT
            Not After : Mar 27 00:01:31 2026 GMT
        Subject: CN=182ccedd384c94a42e961213169465b6c5adfab2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:be:86:de:ef:0a:80:62:fb:05:68:14:7a:1c:
                    90:c2:49:af:65:df:5a:95:9a:b5:e3:6f:6b:13:3f:
                    4e:d6:67:47:bd:dc:ce:11:a7:0b:59:2b:20:a0:13:
                    18:32:ed:01:53:3e:7d:74:5b:10:61:c1:b0:2d:fa:
                    97:20:87:5f:b8:45:f2:c6:21:f8:1f:2b:b4:96:8a:
                    1f:4e:cf:f9:73:4d:7a:f4:f3:f1:2a:d4:25:78:b1:
                    67:09:ac:d0:b4:c7:51:e2:4e:f5:b1:8b:ab:42:0b:
                    0b:8a:f1:fb:2c:bc:ea:e2:c3:1d:4a:d3:0a:13:49:
                    c0:4c:46:36:c4:4d:6f:f4:06:8a:b1:7e:b6:b9:cb:
                    73:33:60:16:e5:a3:04:03:e9:b1:b7:96:d5:a2:04:
                    9e:7b:42:4f:4d:2e:cb:f4:d3:33:6e:0f:dc:14:23:
                    70:03:f0:e7:60:4a:45:00:91:bc:77:f9:1d:b9:f7:
                    f6:37:89:83:c0:c4:37:dd:e5:40:80:65:b2:14:05:
                    b4:9d:93:d7:3d:34:05:92:fc:07:42:70:b5:ac:d5:
                    fd:37:d9:7b:77:15:bd:08:e7:2b:3c:8b:5e:8e:1a:
                    7d:bb:07:e5:c2:d8:83:b2:3d:f4:28:0e:d0:a2:01:
                    d9:70:53:43:e0:92:b0:35:2c:ac:8f:2a:36:03:41:
                    87:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:2C:CE:DD:38:4C:94:A4:2E:96:12:13:16:94:65:B6:C5:AD:FA:B2
            X509v3 Authority Key Identifier:
                keyid:A9:82:3A:DD:DF:6C:35:F0:5B:7C:1C:AE:07:90:4B:FF:9F:2F:6A:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYI63d9sNfBbfByuB5BL_58vass.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/34fd08-ce76-4bc3-87c0-36d4d7f07c8a/1/qYI63d9sNfBbfByuB5BL_58vass.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:ef:f5:7d:c9:92:2d:a5:ac:e7:73:56:73:8a:7b:04:2c:3d:
         80:db:3d:0c:ec:15:be:68:78:61:ff:eb:94:f6:f2:76:3b:a5:
         8c:12:5d:72:10:37:0e:bf:37:ee:06:77:c2:9d:c5:3b:8a:b9:
         50:4d:03:8e:91:dc:62:be:ff:65:9e:d3:f9:f9:29:1d:46:d8:
         64:f3:40:b0:28:f0:9e:4e:53:0c:58:94:41:d2:15:12:3b:4e:
         a0:89:32:81:21:d6:cd:fa:d8:a6:be:f8:a1:e2:f4:41:dd:94:
         2a:39:67:86:e8:78:e6:b7:0b:a8:64:5d:2f:c4:cd:4e:25:e1:
         a0:df:11:05:db:00:9a:d6:e1:88:8a:a9:19:06:d2:18:20:d0:
         85:c5:8c:7b:b2:94:37:46:bc:fe:e3:52:aa:ad:d9:55:0d:dd:
         ea:52:18:0d:27:de:dc:e8:50:4b:88:fb:51:c2:0a:6a:0e:79:
         b1:4b:16:b4:aa:d9:cc:ba:05:d7:a1:ff:75:ab:1a:62:91:ac:
         cb:b5:cd:78:a9:4d:6b:88:9b:48:e7:98:82:9a:0f:88:72:87:
         d1:da:a8:ca:9c:9b:f2:e1:b0:ae:59:81:08:ac:55:17:f9:e3:
         c0:be:ac:c3:26:ea:9e:0e:fc:0e:26:21:68:23:ef:e3:98:b1:
         5f:a5:53:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncjzL3Xg/mYpF0iUrNZU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODIzYWRkZGY2YzM1ZjA1YjdjMWNhZTA3OTA0YmZmOWYy
ZjZhY2IwHhcNMjYwMzI2MDAwMTMxWhcNMjYwMzI3MDAwMTMxWjAzMTEwLwYDVQQD
EygxODJjY2VkZDM4NGM5NGE0MmU5NjEyMTMxNjk0NjViNmM1YWRmYWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo76G3u8KgGL7BWgUehyQwkmvZd9a
lZq1429rEz9O1mdHvdzOEacLWSsgoBMYMu0BUz59dFsQYcGwLfqXIIdfuEXyxiH4
Hyu0loofTs/5c0169PPxKtQleLFnCazQtMdR4k71sYurQgsLivH7LLzq4sMdStMK
E0nATEY2xE1v9AaKsX62uctzM2AW5aMEA+mxt5bVogSee0JPTS7L9NMzbg/cFCNw
A/DnYEpFAJG8d/kduff2N4mDwMQ33eVAgGWyFAW0nZPXPTQFkvwHQnC1rNX9N9l7
dxW9COcrPItejhp9uwflwtiDsj30KA7QogHZcFND4JKwNSysjyo2A0GH+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgszt04TJSkLpYSExaUZbbFrfqyMB8GA1UdIwQY
MBaAFKmCOt3fbDXwW3wcrgeQS/+fL2rLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAt
MzZkNGQ3ZjA3YzhhLzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zNGZkMDgtY2U3Ni00YmMzLTg3YzAtMzZkNGQ3ZjA3Yzhh
LzEvcVlJNjNkOXNOZkJiZkJ5dUI1QkxfNTh2YXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA+/1fcmS
LaWs53NWc4p7BCw9gNs9DOwVvmh4Yf/rlPbydjuljBJdchA3Dr837gZ3wp3FO4q5
UE0DjpHcYr7/ZZ7T+fkpHUbYZPNAsCjwnk5TDFiUQdIVEjtOoIkygSHWzfrYpr74
oeL0Qd2UKjlnhuh45rcLqGRdL8TNTiXhoN8RBdsAmtbhiIqpGQbSGCDQhcWMe7KU
N0a8/uNSqq3ZVQ3d6lIYDSfe3OhQS4j7UcIKag55sUsWtKrZzLoF16H/dasaYpGs
y7XNeKlNa4ibSOeYgpoPiHKH0dqoypyb8uGwrlmBCKxVF/njwL6swybqng78DiYh
aCPv45ixX6VTSQ==
-----END CERTIFICATE-----