Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/0d3f44-db1b-4192-8c42-40f2a93727a4/1/QXF5yEiCEh630SJJWnrH6joAcMg.mft
File:                     QXF5yEiCEh630SJJWnrH6joAcMg.mft (raw, json)
Hash identifier:          DlptOOy8IPAm4G89jlbTHQvzldoWvlJjs4IAU16UIl0=
Subject key identifier:   42:3E:17:2E:1A:DD:47:D6:96:FF:D7:A3:AD:09:FE:34:3B:99:2E:78
Authority key identifier: 41:71:79:C8:48:82:12:1E:B7:D1:22:49:5A:7A:C7:EA:3A:00:70:C8
Certificate issuer:       /CN=417179c84882121eb7d122495a7ac7ea3a0070c8
Certificate serial:       019D27E09C229245D63E7BECCB387E023C81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXF5yEiCEh630SJJWnrH6joAcMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/0d3f44-db1b-4192-8c42-40f2a93727a4/1/QXF5yEiCEh630SJJWnrH6joAcMg.mft
Manifest number:          5A
Signing time:             Thu 26 Mar 2026 02:02:04 +0000
Manifest this update:     Thu 26 Mar 2026 02:02:04 +0000
Manifest next update:     Fri 27 Mar 2026 02:02:04 +0000
Files and hashes:         1: QXF5yEiCEh630SJJWnrH6joAcMg.crl (hash: CB7CVmTM4/uI75ci/d9bA/d1iu9XkocJ7fmJxMQY+e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/0d3f44-db1b-4192-8c42-40f2a93727a4/1/QXF5yEiCEh630SJJWnrH6joAcMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/0d3f44-db1b-4192-8c42-40f2a93727a4/1/QXF5yEiCEh630SJJWnrH6joAcMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QXF5yEiCEh630SJJWnrH6joAcMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:9c:22:92:45:d6:3e:7b:ec:cb:38:7e:02:3c:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=417179c84882121eb7d122495a7ac7ea3a0070c8
        Validity
            Not Before: Mar 26 02:02:04 2026 GMT
            Not After : Mar 27 02:02:04 2026 GMT
        Subject: CN=423e172e1add47d696ffd7a3ad09fe343b992e78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d3:93:68:cf:56:5b:a2:a4:9b:a8:13:ed:c4:
                    1d:17:38:37:a6:ae:55:96:f8:4c:9b:16:cc:2b:c6:
                    dc:ad:f1:75:d8:cd:83:46:35:21:a8:a6:3f:7f:e2:
                    fa:cd:9c:99:d2:cd:aa:01:a8:e9:74:7c:3d:f4:4b:
                    a4:bd:fa:3e:e7:28:84:7b:96:a8:fc:73:35:45:68:
                    dd:c1:7d:40:37:54:d1:88:b8:bf:2c:13:e8:a5:24:
                    b2:2f:bb:f3:ed:6b:df:df:cf:66:6b:a1:5f:79:c2:
                    d3:f6:12:75:bd:a2:0d:74:05:e8:28:52:d3:eb:1c:
                    7f:e9:88:69:24:ef:53:cc:2e:fc:60:8a:a1:3a:17:
                    46:64:77:a0:35:39:3e:10:3a:6b:ad:31:f6:ae:b2:
                    20:d3:66:9a:d6:0f:0a:9f:92:b4:99:8f:38:6e:d5:
                    98:c8:42:24:2a:1b:5d:2c:da:38:c5:d2:b2:df:88:
                    3c:f5:a0:40:37:42:1a:56:27:e2:e0:21:e0:90:7e:
                    ee:f7:15:ee:3d:4d:f1:11:9b:13:be:9b:cb:42:c9:
                    80:69:ca:e1:1d:31:f4:dc:e8:67:a1:59:fb:cf:c9:
                    cf:1a:4e:0e:fc:7f:f8:bd:0b:58:26:24:73:2c:8a:
                    be:2e:5a:d5:4a:59:55:dd:ef:c5:14:fc:ab:cb:00:
                    c0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3E:17:2E:1A:DD:47:D6:96:FF:D7:A3:AD:09:FE:34:3B:99:2E:78
            X509v3 Authority Key Identifier:
                keyid:41:71:79:C8:48:82:12:1E:B7:D1:22:49:5A:7A:C7:EA:3A:00:70:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXF5yEiCEh630SJJWnrH6joAcMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/0d3f44-db1b-4192-8c42-40f2a93727a4/1/QXF5yEiCEh630SJJWnrH6joAcMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/0d3f44-db1b-4192-8c42-40f2a93727a4/1/QXF5yEiCEh630SJJWnrH6joAcMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:07:dc:14:93:01:bd:54:3c:4e:af:54:b6:8f:8a:b3:a1:05:
         8f:d4:f6:60:ee:b8:ca:8b:17:84:eb:51:a7:91:cb:79:20:82:
         94:e6:ae:d5:41:03:35:47:75:b2:d8:fc:72:fa:ee:65:db:2c:
         07:a4:d0:bd:0c:0d:b3:6c:6e:48:b1:74:dd:67:22:0d:df:b5:
         5f:fb:91:49:b8:3a:79:fb:de:99:3c:32:aa:64:42:da:44:3b:
         51:5e:4d:6e:ff:11:16:c6:60:17:67:87:41:11:e6:94:84:27:
         fc:fb:9d:36:d0:cb:9d:ca:3c:06:6c:94:96:1a:47:29:cd:8c:
         7b:6c:8e:28:48:3d:0f:6d:e7:8e:d3:cf:e5:53:42:92:b5:b9:
         da:17:d6:b3:69:81:ab:f2:52:0d:36:80:db:ae:7d:14:3a:67:
         86:42:0d:24:b1:d7:04:82:12:f0:a3:dc:d2:22:65:a5:13:b4:
         e1:c5:cb:79:c4:b5:0e:4f:3b:e3:fd:73:bf:d5:13:b2:0a:69:
         13:cc:8b:f7:21:f1:ed:cd:39:fd:7b:cc:66:32:52:a7:68:63:
         26:67:c8:b1:3f:a4:87:ab:39:e1:23:79:67:54:68:f4:48:32:
         6a:0c:36:38:4d:ed:d1:4a:1e:19:70:a4:24:77:f0:f8:fb:8c:
         ac:3d:a2:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4JwikkXWPnvsyzh+AjyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzE3OWM4NDg4MjEyMWViN2QxMjI0OTVhN2FjN2VhM2Ew
MDcwYzgwHhcNMjYwMzI2MDIwMjA0WhcNMjYwMzI3MDIwMjA0WjAzMTEwLwYDVQQD
Eyg0MjNlMTcyZTFhZGQ0N2Q2OTZmZmQ3YTNhZDA5ZmUzNDNiOTkyZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdOTaM9WW6Kkm6gT7cQdFzg3pq5V
lvhMmxbMK8bcrfF12M2DRjUhqKY/f+L6zZyZ0s2qAajpdHw99Eukvfo+5yiEe5ao
/HM1RWjdwX1AN1TRiLi/LBPopSSyL7vz7Wvf389ma6FfecLT9hJ1vaINdAXoKFLT
6xx/6YhpJO9TzC78YIqhOhdGZHegNTk+EDprrTH2rrIg02aa1g8Kn5K0mY84btWY
yEIkKhtdLNo4xdKy34g89aBAN0IaVifi4CHgkH7u9xXuPU3xEZsTvpvLQsmAacrh
HTH03OhnoVn7z8nPGk4O/H/4vQtYJiRzLIq+LlrVSllV3e/FFPyrywDAdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEI+Fy4a3UfWlv/Xo60J/jQ7mS54MB8GA1UdIwQY
MBaAFEFxechIghIet9EiSVp6x+o6AHDIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhGNXlFaUNFaDYzMFNKSlduckg2am9BY01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wZDNmNDQtZGIxYi00MTkyLThjNDIt
NDBmMmE5MzcyN2E0LzEvUVhGNXlFaUNFaDYzMFNKSlduckg2am9BY01nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wZDNmNDQtZGIxYi00MTkyLThjNDItNDBmMmE5MzcyN2E0
LzEvUVhGNXlFaUNFaDYzMFNKSlduckg2am9BY01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQfcFJMB
vVQ8Tq9Uto+Ks6EFj9T2YO64yosXhOtRp5HLeSCClOau1UEDNUd1stj8cvruZdss
B6TQvQwNs2xuSLF03WciDd+1X/uRSbg6efvemTwyqmRC2kQ7UV5Nbv8RFsZgF2eH
QRHmlIQn/PudNtDLnco8BmyUlhpHKc2Me2yOKEg9D23njtPP5VNCkrW52hfWs2mB
q/JSDTaA2659FDpnhkINJLHXBIIS8KPc0iJlpRO04cXLecS1Dk874/1zv9UTsgpp
E8yL9yHx7c05/XvMZjJSp2hjJmfIsT+kh6s54SN5Z1Ro9Egyagw2OE3t0UoeGXCk
JHfw+PuMrD2ieA==
-----END CERTIFICATE-----