Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          LPbomR4Ns5v3H9rONYx2UJXD89zSPNgNK+FcLOWGbXU=
Subject key identifier:   28:6B:41:45:03:55:79:C4:C7:FD:60:4C:6F:14:91:CE:4D:72:D9:C3
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       019D27A8DC0B2760CF57C99847A158A2FE1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          07AA
Signing time:             Thu 26 Mar 2026 01:01:10 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:10 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:10 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: 8eM5NxxgX9h5I+gNdYr19UYgpNXFcfrgh8weePLH4Nw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:dc:0b:27:60:cf:57:c9:98:47:a1:58:a2:fe:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Mar 26 01:01:10 2026 GMT
            Not After : Mar 27 01:01:10 2026 GMT
        Subject: CN=286b4145035579c4c7fd604c6f1491ce4d72d9c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1d:bb:f1:8c:5b:76:76:5d:87:75:df:23:a6:
                    79:63:cf:d0:6a:42:4c:42:61:84:72:ef:f0:97:b9:
                    27:a3:c8:a7:23:ec:54:1e:15:a6:e5:48:19:8b:ab:
                    49:0d:5a:5d:44:68:10:7b:87:d4:38:08:98:03:b8:
                    ea:ed:8b:5a:02:20:54:58:0b:5c:c3:24:ce:6e:af:
                    6a:fa:e4:40:94:63:77:69:e6:eb:b9:b1:28:50:84:
                    e0:a3:ed:11:e1:57:74:0b:a1:8a:7a:a8:68:10:c2:
                    5f:1e:42:8c:c8:58:4a:07:ce:6a:8c:cf:62:85:d9:
                    26:07:a4:2d:76:ce:4a:42:52:c0:1a:31:43:e0:1f:
                    9b:b1:4c:41:3c:38:97:55:9a:88:c3:91:52:0c:06:
                    e6:c0:90:6a:3a:71:39:22:b9:d3:89:e4:7b:73:5c:
                    47:e5:a1:96:94:dc:5a:2c:d7:3d:e7:e2:9d:92:82:
                    97:f7:8f:d2:57:23:74:d5:2e:dc:26:3f:6c:7d:ea:
                    0b:5e:60:0b:75:dc:0b:46:69:77:1b:1a:d6:e3:0a:
                    3d:2a:3b:a6:b3:7e:d6:20:4e:cc:7d:b8:25:1e:01:
                    19:d1:4e:50:3f:8a:a0:bf:fb:14:15:14:73:0e:19:
                    b8:aa:33:20:eb:52:47:d5:a8:31:5e:92:7d:9e:04:
                    bf:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:6B:41:45:03:55:79:C4:C7:FD:60:4C:6F:14:91:CE:4D:72:D9:C3
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:67:2f:77:ef:7f:48:6a:33:04:78:3a:aa:32:68:cc:9e:5d:
         43:44:7b:3c:41:56:f3:69:97:05:0a:a6:8a:c5:bd:bd:7c:87:
         13:b9:23:3b:93:16:86:9c:6d:27:30:e2:e6:27:76:f2:ed:99:
         d0:d4:3f:39:5f:3c:96:b2:d3:ed:01:28:b7:3d:ff:bd:0e:d7:
         e4:c3:1f:06:42:74:da:fd:8c:c0:10:b0:d7:16:c3:44:69:10:
         78:90:74:54:95:ed:42:7d:6c:4f:13:ba:22:8b:0c:88:a6:92:
         36:2f:96:0e:dd:9f:32:c6:01:34:d5:e2:f5:92:32:d5:c4:6c:
         c1:3c:22:b4:8d:95:5d:20:5d:dc:24:47:01:ca:65:7b:c9:cc:
         fd:57:5e:2e:c2:bf:22:67:a3:0d:a3:6d:92:34:b1:e9:ac:14:
         4a:b1:83:19:e5:9c:f3:a9:e2:d0:04:71:82:5f:e9:9f:f3:0e:
         fc:f2:8c:40:18:76:19:b4:82:cf:c2:92:6d:2e:5d:d5:ac:97:
         35:28:42:a0:22:ea:e3:aa:6b:21:bd:7e:e3:61:b6:9b:68:00:
         68:2d:18:1c:4a:4b:32:8a:58:1f:35:2b:4c:8e:b3:52:e8:fd:
         f6:ea:1e:c7:71:0b:95:4e:66:89:cc:a5:27:63:68:46:1f:ba:
         da:33:bc:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqNwLJ2DPV8mYR6FYov4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjYwMzI2MDEwMTEwWhcNMjYwMzI3MDEwMTEwWjAzMTEwLwYDVQQD
EygyODZiNDE0NTAzNTU3OWM0YzdmZDYwNGM2ZjE0OTFjZTRkNzJkOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR278YxbdnZdh3XfI6Z5Y8/QakJM
QmGEcu/wl7kno8inI+xUHhWm5UgZi6tJDVpdRGgQe4fUOAiYA7jq7YtaAiBUWAtc
wyTObq9q+uRAlGN3aebrubEoUITgo+0R4Vd0C6GKeqhoEMJfHkKMyFhKB85qjM9i
hdkmB6Qtds5KQlLAGjFD4B+bsUxBPDiXVZqIw5FSDAbmwJBqOnE5IrnTieR7c1xH
5aGWlNxaLNc95+KdkoKX94/SVyN01S7cJj9sfeoLXmALddwLRml3GxrW4wo9Kjum
s37WIE7MfbglHgEZ0U5QP4qgv/sUFRRzDhm4qjMg61JH1agxXpJ9ngS/nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChrQUUDVXnEx/1gTG8Ukc5NctnDMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALmcvd+9/
SGozBHg6qjJozJ5dQ0R7PEFW82mXBQqmisW9vXyHE7kjO5MWhpxtJzDi5id28u2Z
0NQ/OV88lrLT7QEotz3/vQ7X5MMfBkJ02v2MwBCw1xbDRGkQeJB0VJXtQn1sTxO6
IosMiKaSNi+WDt2fMsYBNNXi9ZIy1cRswTwitI2VXSBd3CRHAcple8nM/VdeLsK/
ImejDaNtkjSx6awUSrGDGeWc86ni0ARxgl/pn/MO/PKMQBh2GbSCz8KSbS5d1ayX
NShCoCLq46prIb1+42G2m2gAaC0YHEpLMopYHzUrTI6zUuj99uoex3ELlU5micyl
J2NoRh+62jO8RQ==
-----END CERTIFICATE-----