Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft
File:                     QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft (raw, json)
Hash identifier:          S+eSQ0rlhJu5xtnMQ1oSj8RwUt2OVCHaEph9LREPBcU=
Subject key identifier:   73:1F:66:F3:C9:EF:9E:76:7C:C6:78:FA:E6:2E:DB:A2:2B:34:B4:50
Authority key identifier: 40:36:A6:4F:1A:06:6B:AB:B8:BE:B8:64:E6:95:FA:99:76:92:DD:48
Certificate issuer:       /CN=4036a64f1a066babb8beb864e695fa997692dd48
Certificate serial:       019D2704919D20ADF761F16C8C01952EF2F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft
Manifest number:          12E0
Signing time:             Wed 25 Mar 2026 22:01:43 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:43 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:43 +0000
Files and hashes:         1: QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl (hash: eos0jhx9rTo7lGoIhUYuZbn4kCkRJV+4gNkMYHITNL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:91:9d:20:ad:f7:61:f1:6c:8c:01:95:2e:f2:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4036a64f1a066babb8beb864e695fa997692dd48
        Validity
            Not Before: Mar 25 22:01:43 2026 GMT
            Not After : Mar 26 22:01:43 2026 GMT
        Subject: CN=731f66f3c9ef9e767cc678fae62edba22b34b450
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:96:f4:35:d0:e4:56:20:b3:63:c5:2d:db:3f:
                    ff:6d:f4:5f:7d:68:dc:dd:e8:ab:1d:c1:a7:fb:8a:
                    31:4c:f8:21:a6:a5:c7:27:10:35:ce:3a:0a:6f:82:
                    48:0e:52:34:25:82:1e:39:96:9e:64:c2:87:96:25:
                    a3:bd:44:e5:68:ab:56:99:42:03:95:d8:f4:20:59:
                    b4:fb:47:2e:37:ab:66:57:c9:67:91:37:32:fc:6a:
                    db:c5:c9:21:75:48:86:29:04:ee:1c:35:a6:ed:8c:
                    a5:71:ab:69:18:16:39:c4:aa:0d:1b:f8:4b:1f:18:
                    7e:06:30:9c:96:12:0b:cf:d3:fb:c3:6d:ff:80:f7:
                    d8:40:75:21:24:9e:59:8b:1b:df:30:f2:49:35:55:
                    f9:a3:ad:be:0e:74:3e:77:51:29:37:53:f7:e4:07:
                    ca:fa:97:24:e0:2f:4c:ff:4d:65:81:4d:4e:cf:02:
                    89:3e:2e:bc:7d:6c:df:f9:5c:33:38:4f:b8:46:7b:
                    ff:3c:af:9f:ce:4b:bb:84:2c:1e:91:78:7f:14:c8:
                    dd:ef:ca:d2:8c:97:8c:3f:1f:c5:25:13:a5:09:bc:
                    c8:87:07:f5:c3:af:e2:e0:43:7b:e2:07:82:fc:27:
                    2c:37:11:1a:50:8a:8e:8e:47:e6:d8:9e:de:8a:78:
                    6d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:1F:66:F3:C9:EF:9E:76:7C:C6:78:FA:E6:2E:DB:A2:2B:34:B4:50
            X509v3 Authority Key Identifier:
                keyid:40:36:A6:4F:1A:06:6B:AB:B8:BE:B8:64:E6:95:FA:99:76:92:DD:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:60:3f:d2:1e:bc:72:42:31:28:e4:84:f2:c9:2f:53:05:66:
         df:d5:75:52:29:f5:11:67:e9:7d:e6:fc:00:25:64:d3:83:4a:
         79:f6:8e:ec:45:91:84:4d:ad:e8:76:11:04:ff:33:1a:33:09:
         07:a7:a9:9b:90:10:4f:98:9e:9e:e6:05:7a:e1:7e:f5:f2:7f:
         a6:d4:14:9c:1a:01:f5:64:07:72:25:8a:11:52:1e:01:f6:a9:
         53:52:45:88:a6:6b:1f:7f:ac:bf:21:fc:58:59:2a:d0:24:c7:
         74:94:3c:c5:0c:b4:96:5a:0d:47:4a:ce:02:00:1c:62:48:48:
         17:38:61:7e:95:9f:de:a4:a6:ed:2b:70:7f:c8:bf:0c:ef:eb:
         d8:51:56:09:14:8e:12:7c:05:15:43:87:7c:18:7b:8f:ac:cb:
         bc:1d:bd:b7:3c:ff:56:6c:f1:bd:49:4e:f8:8b:4f:ab:85:73:
         41:ba:f4:88:e9:09:2b:44:34:5f:2f:a7:49:87:72:d1:b7:80:
         f4:ae:86:b7:5f:10:f1:65:40:e0:d8:d1:63:f6:7f:aa:87:38:
         b3:8c:2a:36:93:ca:f3:b6:ca:f6:59:02:a1:64:7a:26:91:3d:
         76:18:e8:68:a9:a7:6b:f4:95:aa:ea:75:1a:52:34:05:18:0a:
         73:5e:76:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJGdIK33YfFsjAGVLvLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMzZhNjRmMWEwNjZiYWJiOGJlYjg2NGU2OTVmYTk5NzY5
MmRkNDgwHhcNMjYwMzI1MjIwMTQzWhcNMjYwMzI2MjIwMTQzWjAzMTEwLwYDVQQD
Eyg3MzFmNjZmM2M5ZWY5ZTc2N2NjNjc4ZmFlNjJlZGJhMjJiMzRiNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopb0NdDkViCzY8Ut2z//bfRffWjc
3eirHcGn+4oxTPghpqXHJxA1zjoKb4JIDlI0JYIeOZaeZMKHliWjvUTlaKtWmUID
ldj0IFm0+0cuN6tmV8lnkTcy/GrbxckhdUiGKQTuHDWm7YylcatpGBY5xKoNG/hL
Hxh+BjCclhILz9P7w23/gPfYQHUhJJ5ZixvfMPJJNVX5o62+DnQ+d1EpN1P35AfK
+pck4C9M/01lgU1OzwKJPi68fWzf+VwzOE+4Rnv/PK+fzku7hCwekXh/FMjd78rS
jJeMPx/FJROlCbzIhwf1w6/i4EN74geC/CcsNxEaUIqOjkfm2J7einht7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMfZvPJ7552fMZ4+uYu26IrNLRQMB8GA1UdIwQY
MBaAFEA2pk8aBmuruL64ZOaV+pl2kt1IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS81NmQ1MGQtMTdjZi00YmRiLTkyZjYt
MjA0NzIxYmQ1ZjkzLzEvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS81NmQ1MGQtMTdjZi00YmRiLTkyZjYtMjA0NzIxYmQ1Zjkz
LzEvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFWA/0h68
ckIxKOSE8skvUwVm39V1Uin1EWfpfeb8ACVk04NKefaO7EWRhE2t6HYRBP8zGjMJ
B6epm5AQT5ienuYFeuF+9fJ/ptQUnBoB9WQHciWKEVIeAfapU1JFiKZrH3+svyH8
WFkq0CTHdJQ8xQy0lloNR0rOAgAcYkhIFzhhfpWf3qSm7Stwf8i/DO/r2FFWCRSO
EnwFFUOHfBh7j6zLvB29tzz/VmzxvUlO+ItPq4VzQbr0iOkJK0Q0Xy+nSYdy0beA
9K6Gt18Q8WVA4NjRY/Z/qoc4s4wqNpPK87bK9lkCoWR6JpE9dhjoaKmna/SVqup1
GlI0BRgKc152SQ==
-----END CERTIFICATE-----