Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          ZLskdTo20lfPjF0bhcgPI5pJVT1UU5BUv9rBaykNYdI=
Subject key identifier:   05:90:31:D4:B7:73:4F:DB:6D:4E:18:C9:A3:10:C1:24:A5:36:64:84
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019D2704D6F9613220F5E07622177614AB9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          1027
Signing time:             Wed 25 Mar 2026 22:02:01 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:01 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:01 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: CNMpBZmOE8OqCENokcv2GOYWN3bHRFrK2pVLXNu6ciE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:d6:f9:61:32:20:f5:e0:76:22:17:76:14:ab:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Mar 25 22:02:01 2026 GMT
            Not After : Mar 26 22:02:01 2026 GMT
        Subject: CN=059031d4b7734fdb6d4e18c9a310c124a5366484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c1:1b:38:dc:f0:5e:21:00:81:19:16:c2:4b:
                    67:92:a8:96:83:d8:fb:12:ef:e8:9a:4c:74:81:d5:
                    34:b5:f3:3c:25:56:94:d4:45:30:be:72:16:4b:d2:
                    1b:a3:e5:8c:ef:a6:25:3a:ab:07:dd:3f:ae:61:92:
                    56:c8:d6:40:8c:ea:88:82:6e:2a:99:c8:62:0e:60:
                    16:25:9c:08:a4:c2:2e:08:cd:67:df:8d:cf:10:e2:
                    9f:1e:58:9b:bd:09:c9:3f:b0:e5:35:46:15:f9:86:
                    aa:e8:29:af:9d:b0:ad:1f:5f:31:35:f4:c7:51:a8:
                    0d:bd:7e:29:16:1a:22:b0:f1:30:ad:c8:53:ea:29:
                    4a:2a:c0:42:a5:a5:df:8b:c9:0b:86:82:9c:5f:0c:
                    70:df:02:49:f9:6b:03:f6:e4:ce:46:7f:44:0e:17:
                    6b:4e:c2:d1:4a:4b:ec:b3:a5:19:5e:7a:58:9f:03:
                    33:64:88:72:f5:29:3c:d8:0c:cf:9e:6f:94:d1:20:
                    7b:ce:a9:7e:42:65:8f:98:b8:bf:62:73:88:e5:7f:
                    3f:6a:2d:6b:66:39:33:9d:6d:36:09:9c:aa:ff:e0:
                    90:53:c0:8c:bc:f4:fa:86:78:63:47:0c:9b:f2:87:
                    56:a8:e5:7c:7b:94:c6:04:05:0e:32:ab:49:54:d0:
                    a0:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:90:31:D4:B7:73:4F:DB:6D:4E:18:C9:A3:10:C1:24:A5:36:64:84
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:14:dd:37:fa:92:25:e7:e8:35:7a:53:f8:fa:41:07:05:4e:
         c3:7d:55:b7:4d:e9:e7:db:1f:98:24:b5:37:57:cc:cd:da:cd:
         8d:3c:ea:f1:d5:62:a8:26:b9:27:b9:5c:70:2e:0a:5f:5b:e3:
         d5:bd:76:f0:6a:cc:f2:3e:26:79:85:99:b3:b9:aa:73:14:d1:
         a0:55:89:b5:6a:51:7a:18:96:ec:21:cf:5a:e0:7b:ef:d1:f3:
         3a:7c:f0:60:a2:1c:4c:70:ae:c3:2a:43:0a:29:23:01:ba:e5:
         b8:fe:04:59:8c:b5:be:e0:38:d7:ff:73:f6:6f:c7:2f:4b:02:
         a1:f3:e3:b3:f4:57:01:ff:b0:68:6e:83:5e:24:0d:cb:86:8e:
         fc:c0:7d:70:a7:11:1e:df:aa:23:2f:9e:9c:61:ad:8e:09:f4:
         26:eb:8d:6c:1d:27:d6:e3:6f:e9:46:d8:66:ac:76:13:4e:20:
         10:ce:91:2c:5b:10:1f:8f:74:74:ca:31:66:43:b3:ff:2f:4b:
         31:34:b9:c2:b4:f9:b1:83:e4:3c:cf:4a:cc:40:a8:35:ee:9b:
         60:f1:a3:c6:69:a3:2a:17:15:32:a6:29:f5:a8:e5:65:96:f9:
         0c:b1:0b:71:c8:68:cc:cb:86:17:8e:f0:89:f6:6c:0e:6d:31:
         af:f5:97:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBNb5YTIg9eB2Ihd2FKuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjYwMzI1MjIwMjAxWhcNMjYwMzI2MjIwMjAxWjAzMTEwLwYDVQQD
EygwNTkwMzFkNGI3NzM0ZmRiNmQ0ZTE4YzlhMzEwYzEyNGE1MzY2NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcEbONzwXiEAgRkWwktnkqiWg9j7
Eu/omkx0gdU0tfM8JVaU1EUwvnIWS9Ibo+WM76YlOqsH3T+uYZJWyNZAjOqIgm4q
mchiDmAWJZwIpMIuCM1n343PEOKfHlibvQnJP7DlNUYV+Yaq6CmvnbCtH18xNfTH
UagNvX4pFhoisPEwrchT6ilKKsBCpaXfi8kLhoKcXwxw3wJJ+WsD9uTORn9EDhdr
TsLRSkvss6UZXnpYnwMzZIhy9Sk82AzPnm+U0SB7zql+QmWPmLi/YnOI5X8/ai1r
ZjkznW02CZyq/+CQU8CMvPT6hnhjRwyb8odWqOV8e5TGBAUOMqtJVNCgFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWQMdS3c0/bbU4YyaMQwSSlNmSEMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEBTdN/qS
JefoNXpT+PpBBwVOw31Vt03p59sfmCS1N1fMzdrNjTzq8dViqCa5J7lccC4KX1vj
1b128GrM8j4meYWZs7mqcxTRoFWJtWpRehiW7CHPWuB779HzOnzwYKIcTHCuwypD
CikjAbrluP4EWYy1vuA41/9z9m/HL0sCofPjs/RXAf+waG6DXiQNy4aO/MB9cKcR
Ht+qIy+enGGtjgn0JuuNbB0n1uNv6UbYZqx2E04gEM6RLFsQH490dMoxZkOz/y9L
MTS5wrT5sYPkPM9KzECoNe6bYPGjxmmjKhcVMqYp9ajlZZb5DLELcchozMuGF47w
ifZsDm0xr/WXXA==
-----END CERTIFICATE-----