Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          P7mOP+IO6IpqCKemI0IaNJSQLy3nI8g2jZ6YiOTMRXE=
Subject key identifier:   9A:E6:F3:59:08:77:16:2B:7B:AD:35:D9:3D:B1:B7:AC:89:41:0E:EB
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019D265F73B0F87F1D1300567A19EB0FA5B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          172A
Signing time:             Wed 25 Mar 2026 19:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:22 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: +9x+DKgfUQGNBy4Qdd1uKgLlETZ5/cW52hg2gGVEo/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:73:b0:f8:7f:1d:13:00:56:7a:19:eb:0f:a5:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Mar 25 19:01:22 2026 GMT
            Not After : Mar 26 19:01:22 2026 GMT
        Subject: CN=9ae6f3590877162b7bad35d93db1b7ac89410eeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:5d:22:e4:65:49:96:1b:66:a3:82:af:0d:c3:
                    01:df:e4:51:7e:07:77:d6:3b:7b:32:c4:89:00:c7:
                    29:26:b9:28:b6:83:79:dc:44:61:2e:ab:0c:ea:a2:
                    9e:cb:67:af:87:c4:22:d3:57:e1:97:be:25:85:28:
                    a1:b6:d1:06:65:fd:73:4e:f8:9d:4d:37:f6:a1:d3:
                    cd:24:e7:5d:4e:7b:1f:c2:37:a3:c6:63:71:6c:14:
                    f8:81:25:cc:d8:25:1c:32:8a:4d:fb:9a:c3:fd:36:
                    4f:55:cb:bd:4b:e7:13:69:1f:81:3d:14:57:dd:24:
                    53:82:10:2c:3f:92:5a:6c:f8:d2:64:18:07:26:bb:
                    fe:1b:39:63:59:bc:4a:5e:a2:7b:7c:a7:bb:ef:18:
                    82:b7:ee:f8:e9:d6:66:b4:79:bc:ae:4c:de:0d:0c:
                    5b:76:ed:eb:86:62:1d:1a:77:68:fe:a3:e7:c8:b9:
                    f3:20:44:0a:ef:dd:e0:85:2d:fd:76:bf:72:c7:e2:
                    74:12:ef:a9:6d:81:34:2c:5d:1d:69:a4:25:07:25:
                    84:2d:35:11:c4:1b:90:b8:a2:65:a8:63:5a:75:a8:
                    01:d5:a1:22:95:78:3f:c5:fb:f7:53:73:2c:23:ec:
                    79:ef:32:42:79:57:72:a2:37:db:98:b6:ea:0f:9d:
                    a1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:E6:F3:59:08:77:16:2B:7B:AD:35:D9:3D:B1:B7:AC:89:41:0E:EB
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:81:41:79:e4:2d:7b:10:57:79:81:ca:21:f1:89:86:66:4e:
         35:19:f2:0e:2a:7c:7e:92:b1:33:dc:78:4b:2c:f1:cd:d5:1b:
         3f:7f:ec:d4:a7:1f:39:21:fe:cb:bd:ee:a2:de:4c:a9:3e:cd:
         52:66:f6:15:c0:ef:26:ca:93:e8:01:3d:d2:18:99:ee:3f:10:
         27:1d:57:1b:82:66:fe:49:34:40:5f:56:8e:eb:e8:ba:42:9d:
         d1:c7:9e:ba:79:41:87:75:0b:e5:55:5e:58:38:89:c9:41:4d:
         83:78:a5:12:a5:d6:02:b0:7c:7f:5c:38:cd:eb:71:ae:47:6e:
         6e:7e:49:c3:2d:44:be:dc:d6:16:b8:ef:1d:1c:54:ca:72:c7:
         fe:86:77:c9:13:5c:5e:5f:01:5e:b5:40:ca:66:11:4c:84:ab:
         5a:81:0d:f6:e9:8f:f8:66:ab:f1:4b:a3:95:d4:9c:03:81:98:
         f3:d9:16:bf:88:19:d0:a3:05:10:a7:68:2d:07:d3:cb:17:e3:
         a4:ee:6d:83:25:89:11:b2:d8:64:5e:fe:bc:95:d2:f7:89:40:
         fa:ca:b5:cd:d0:dd:6e:15:69:92:5e:bd:96:5d:41:ac:c8:26:
         a8:0b:83:07:43:f5:c7:ab:e0:da:27:30:ca:0d:b9:aa:2e:ee:
         4a:d5:97:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX3Ow+H8dEwBWehnrD6WzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjYwMzI1MTkwMTIyWhcNMjYwMzI2MTkwMTIyWjAzMTEwLwYDVQQD
Eyg5YWU2ZjM1OTA4NzcxNjJiN2JhZDM1ZDkzZGIxYjdhYzg5NDEwZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6F0i5GVJlhtmo4KvDcMB3+RRfgd3
1jt7MsSJAMcpJrkotoN53ERhLqsM6qKey2evh8Qi01fhl74lhSihttEGZf1zTvid
TTf2odPNJOddTnsfwjejxmNxbBT4gSXM2CUcMopN+5rD/TZPVcu9S+cTaR+BPRRX
3SRTghAsP5JabPjSZBgHJrv+GzljWbxKXqJ7fKe77xiCt+746dZmtHm8rkzeDQxb
du3rhmIdGndo/qPnyLnzIEQK793ghS39dr9yx+J0Eu+pbYE0LF0daaQlByWELTUR
xBuQuKJlqGNadagB1aEilXg/xfv3U3MsI+x57zJCeVdyojfbmLbqD52hsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrm81kIdxYre6012T2xt6yJQQ7rMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYFBeeQt
exBXeYHKIfGJhmZONRnyDip8fpKxM9x4SyzxzdUbP3/s1KcfOSH+y73uot5MqT7N
Umb2FcDvJsqT6AE90hiZ7j8QJx1XG4Jm/kk0QF9WjuvoukKd0ceeunlBh3UL5VVe
WDiJyUFNg3ilEqXWArB8f1w4zetxrkdubn5Jwy1EvtzWFrjvHRxUynLH/oZ3yRNc
Xl8BXrVAymYRTISrWoEN9umP+Gar8UujldScA4GY89kWv4gZ0KMFEKdoLQfTyxfj
pO5tgyWJEbLYZF7+vJXS94lA+sq1zdDdbhVpkl69ll1BrMgmqAuDB0P1x6vg2icw
yg25qi7uStWXVQ==
-----END CERTIFICATE-----