Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          W0hipUy/UrBXJsP7/lll8S+sKGXOOPK7lBJCAdoKSlw=
Subject key identifier:   70:8F:BA:A7:34:9F:AA:F2:7E:DB:48:9F:CD:48:2D:50:11:CF:68:68
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019D26CCFA8407BCE288850B72A70DED4E8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          1582
Signing time:             Wed 25 Mar 2026 21:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 21:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 21:01:00 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: FYgx2s7m4lBqfchjMyskkYRqFnJMNFQgvnmWaqEGKrA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 21:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:fa:84:07:bc:e2:88:85:0b:72:a7:0d:ed:4e:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Mar 25 21:01:00 2026 GMT
            Not After : Mar 26 21:01:00 2026 GMT
        Subject: CN=708fbaa7349faaf27edb489fcd482d5011cf6868
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:01:8f:c9:bb:6a:84:26:c8:6b:af:ba:a6:77:
                    d5:55:3e:cd:d4:7e:10:ca:73:18:9e:d1:0b:46:a1:
                    6b:e1:8f:e1:66:c5:34:4d:dc:fb:d8:cb:da:9c:86:
                    aa:5d:f7:e8:db:e6:c1:53:1b:9e:46:85:d4:d2:56:
                    4e:19:83:8f:ba:c2:57:b2:cc:a3:97:ba:3d:ca:d1:
                    0a:52:92:d7:8e:58:ca:19:c4:98:1c:18:13:8a:dc:
                    e3:1f:c3:6e:33:81:69:57:82:dc:04:39:ce:e8:23:
                    f9:2f:90:f4:11:f2:ef:45:d3:45:33:d4:26:68:49:
                    b5:7c:3e:da:b8:ad:5e:15:ea:74:e3:62:dc:76:bb:
                    ca:cd:18:5a:4c:c1:23:f7:bd:a7:8b:6a:0f:7e:72:
                    07:3f:42:3d:7a:0d:b1:bc:c2:97:ae:d8:7b:4a:a1:
                    72:c0:60:a3:fd:79:78:a7:55:f7:8d:38:89:3a:5c:
                    1a:d8:14:91:03:24:14:34:c1:41:7b:e1:bc:aa:dc:
                    e1:21:10:c3:6f:71:80:bd:8e:37:c9:54:9a:07:a8:
                    40:5d:0c:89:bf:92:0d:3b:b8:d6:c4:8b:e7:8a:e5:
                    e9:db:d7:3b:9f:29:69:ba:5a:10:d5:94:67:cd:09:
                    eb:40:92:73:30:b7:4f:e9:6c:15:66:86:82:94:77:
                    5d:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:8F:BA:A7:34:9F:AA:F2:7E:DB:48:9F:CD:48:2D:50:11:CF:68:68
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:48:f8:8f:bd:2d:31:1a:25:fc:52:95:6f:07:57:23:c4:bc:
         96:4b:70:5c:eb:6f:40:8b:e6:b7:c0:eb:18:3f:e2:60:b0:1e:
         78:f1:74:d1:ed:11:04:b3:66:ca:82:46:d9:ee:e8:a4:fd:fa:
         4c:4d:ad:f4:6f:17:e1:2b:44:8d:b3:58:01:18:bd:ec:cf:c2:
         f0:5c:96:f3:99:14:71:e5:a3:f2:3f:fb:a5:07:e7:c4:4a:37:
         e1:6b:28:97:a9:4a:20:45:68:b9:c6:c1:27:c5:e2:f0:41:f4:
         09:f9:91:e4:50:f3:07:32:3a:1f:43:63:7d:99:96:1b:e9:6c:
         42:d4:42:5d:44:71:f2:b0:08:7f:2f:7a:58:a0:ef:fe:cc:21:
         c9:9a:46:59:39:f5:87:9c:d8:77:98:32:bd:58:30:e0:05:17:
         7e:76:39:01:15:92:6d:72:35:9d:89:08:ba:ad:7b:e4:4c:64:
         18:2b:c4:c1:57:ae:7b:d5:c6:a1:af:42:a4:a4:3e:84:0e:e7:
         f6:b5:d0:06:04:f2:05:4e:74:da:97:31:97:13:70:d6:85:c3:
         a8:4a:49:0f:25:6d:27:a2:a1:4f:44:74:3f:88:d8:4d:fe:8e:
         90:58:a6:c9:24:5c:67:b0:e8:be:7d:99:ec:ba:fb:5d:43:b3:
         be:2c:36:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzPqEB7ziiIULcqcN7U6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjYwMzI1MjEwMTAwWhcNMjYwMzI2MjEwMTAwWjAzMTEwLwYDVQQD
Eyg3MDhmYmFhNzM0OWZhYWYyN2VkYjQ4OWZjZDQ4MmQ1MDExY2Y2ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngGPybtqhCbIa6+6pnfVVT7N1H4Q
ynMYntELRqFr4Y/hZsU0Tdz72MvanIaqXffo2+bBUxueRoXU0lZOGYOPusJXssyj
l7o9ytEKUpLXjljKGcSYHBgTitzjH8NuM4FpV4LcBDnO6CP5L5D0EfLvRdNFM9Qm
aEm1fD7auK1eFep042LcdrvKzRhaTMEj972ni2oPfnIHP0I9eg2xvMKXrth7SqFy
wGCj/Xl4p1X3jTiJOlwa2BSRAyQUNMFBe+G8qtzhIRDDb3GAvY43yVSaB6hAXQyJ
v5INO7jWxIvniuXp29c7nylpuloQ1ZRnzQnrQJJzMLdP6WwVZoaClHddVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCPuqc0n6ryfttIn81ILVARz2hoMB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARkj4j70t
MRol/FKVbwdXI8S8lktwXOtvQIvmt8DrGD/iYLAeePF00e0RBLNmyoJG2e7opP36
TE2t9G8X4StEjbNYARi97M/C8FyW85kUceWj8j/7pQfnxEo34Wsol6lKIEVoucbB
J8Xi8EH0CfmR5FDzBzI6H0NjfZmWG+lsQtRCXURx8rAIfy96WKDv/swhyZpGWTn1
h5zYd5gyvVgw4AUXfnY5ARWSbXI1nYkIuq175ExkGCvEwVeue9XGoa9CpKQ+hA7n
9rXQBgTyBU502pcxlxNw1oXDqEpJDyVtJ6KhT0R0P4jYTf6OkFimySRcZ7Dovn2Z
7Lr7XUOzviw2BQ==
-----END CERTIFICATE-----