Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          VzTrT/l54Jo3VtM9gIcXptUipNU4Eszny9BIwqu5emU=
Subject key identifier:   63:2E:A6:75:5A:46:A5:41:B5:BA:7A:03:53:BB:E3:D3:62:92:2D:83
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       019D329A467E71D7839F25714E48F6E1AE0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          0928
Signing time:             Sat 28 Mar 2026 04:01:04 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:04 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:04 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: OGnOlGH05pxUBTkFUYmThTMvDaihhXrQRsLf/CVBOYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:46:7e:71:d7:83:9f:25:71:4e:48:f6:e1:ae:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Mar 28 04:01:04 2026 GMT
            Not After : Mar 29 04:01:04 2026 GMT
        Subject: CN=632ea6755a46a541b5ba7a0353bbe3d362922d83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a8:35:67:9b:e2:61:21:2c:48:95:80:32:22:
                    94:e3:6f:4f:01:1b:71:72:05:c7:cd:75:07:9a:e2:
                    d5:be:bc:d6:e9:6b:05:08:44:25:72:19:35:c9:83:
                    76:c8:ef:2a:20:95:c8:d5:c8:ab:49:7c:13:13:70:
                    24:64:1c:bf:0e:27:f4:b5:29:9b:45:c5:e1:45:77:
                    e3:93:b1:5e:0b:fc:61:34:bb:18:f4:b6:cc:7d:a4:
                    b8:96:2a:d0:19:c2:61:61:82:3e:88:c5:f2:dc:e1:
                    8a:c2:30:9f:92:62:fa:41:b5:f9:39:3e:ab:32:84:
                    03:08:0e:25:2f:e5:cf:32:7a:75:ea:b5:f4:af:3f:
                    ac:21:c9:ce:31:91:b0:ac:eb:72:06:3a:1e:c0:7f:
                    24:95:d8:1b:77:c9:dd:75:8d:ee:81:0f:3c:1d:30:
                    79:4c:b9:6f:7e:19:21:7f:ff:ca:e9:81:f1:f6:b9:
                    d1:bc:8c:6f:0c:9c:c7:65:e6:87:76:c2:7b:a2:6d:
                    b6:1f:52:b0:8a:0f:13:b9:ce:0f:e4:2a:e3:77:ab:
                    87:82:8d:c2:80:2a:ac:8a:aa:7d:9b:36:73:74:87:
                    49:c9:6e:91:0f:c9:cb:4e:63:66:64:34:a9:c3:bb:
                    4f:16:26:9e:d8:47:ce:93:e9:55:6b:86:4d:13:be:
                    2b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:2E:A6:75:5A:46:A5:41:B5:BA:7A:03:53:BB:E3:D3:62:92:2D:83
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:cf:6e:12:8d:74:98:89:1f:c3:21:9a:42:16:e0:87:20:6c:
         79:c4:91:26:05:b9:30:d4:9e:e5:51:63:a4:ac:7e:53:30:7f:
         f8:ec:00:48:18:73:3c:47:a8:7f:02:b0:64:99:ff:f7:d2:82:
         a7:57:75:27:40:74:77:5a:87:4e:7e:12:39:9d:8b:80:b9:5d:
         66:dc:c7:2a:2c:cc:88:24:49:a3:11:98:c5:82:12:fa:30:47:
         b6:af:35:25:d4:4d:b8:ee:29:51:34:37:c4:b5:0b:c2:aa:da:
         f5:57:79:a0:e6:a0:34:da:02:ca:d2:28:60:54:4e:d7:8a:34:
         b3:3c:78:37:bb:c8:65:40:0e:06:5b:cc:ea:7c:4b:a6:f8:d3:
         89:69:cf:50:63:fd:11:02:bf:f4:35:47:b1:23:68:ee:df:f6:
         e2:82:a9:f7:4c:03:24:44:96:d7:cb:d2:92:8f:6b:7d:a4:f3:
         e1:52:2d:6b:9c:8b:51:b9:63:f5:0a:28:6b:20:12:37:31:9c:
         1b:f5:b4:0d:de:ae:58:c0:eb:25:29:0b:e4:2e:04:a2:3b:2b:
         e6:8f:72:6c:e6:46:53:f1:46:98:cd:68:5b:3b:f9:72:c5:f1:
         86:20:b1:9f:ef:c6:0c:88:a6:bf:3d:fd:dc:74:00:15:96:24:
         df:c6:b1:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymkZ+cdeDnyVxTkj24a4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjYwMzI4MDQwMTA0WhcNMjYwMzI5MDQwMTA0WjAzMTEwLwYDVQQD
Eyg2MzJlYTY3NTVhNDZhNTQxYjViYTdhMDM1M2JiZTNkMzYyOTIyZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqg1Z5viYSEsSJWAMiKU429PARtx
cgXHzXUHmuLVvrzW6WsFCEQlchk1yYN2yO8qIJXI1cirSXwTE3AkZBy/Dif0tSmb
RcXhRXfjk7FeC/xhNLsY9LbMfaS4lirQGcJhYYI+iMXy3OGKwjCfkmL6QbX5OT6r
MoQDCA4lL+XPMnp16rX0rz+sIcnOMZGwrOtyBjoewH8kldgbd8nddY3ugQ88HTB5
TLlvfhkhf//K6YHx9rnRvIxvDJzHZeaHdsJ7om22H1Kwig8Tuc4P5Crjd6uHgo3C
gCqsiqp9mzZzdIdJyW6RD8nLTmNmZDSpw7tPFiae2EfOk+lVa4ZNE74r2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMupnVaRqVBtbp6A1O749Niki2DMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS89uEo10
mIkfwyGaQhbghyBsecSRJgW5MNSe5VFjpKx+UzB/+OwASBhzPEeofwKwZJn/99KC
p1d1J0B0d1qHTn4SOZ2LgLldZtzHKizMiCRJoxGYxYIS+jBHtq81JdRNuO4pUTQ3
xLULwqra9Vd5oOagNNoCytIoYFRO14o0szx4N7vIZUAOBlvM6nxLpvjTiWnPUGP9
EQK/9DVHsSNo7t/24oKp90wDJESW18vSko9rfaTz4VIta5yLUblj9QooayASNzGc
G/W0Dd6uWMDrJSkL5C4Eojsr5o9ybOZGU/FGmM1oWzv5csXxhiCxn+/GDIimvz39
3HQAFZYk38axNw==
-----END CERTIFICATE-----