Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft
File:                     qKI6ziwGf44hL_NZ2pbCBYtks-o.mft (raw, json)
Hash identifier:          a2Jj93kzSqq6vjxRsYFKyoCXTLxcozT93FECvjai99M=
Subject key identifier:   7C:5D:84:A6:6F:E7:EB:41:15:56:FF:54:15:A6:BD:D5:E5:8B:CD:BF
Authority key identifier: A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA
Certificate issuer:       /CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea
Certificate serial:       019D2996C61E32A9477DFDE272CF608BF0A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft
Manifest number:          08BA
Signing time:             Thu 26 Mar 2026 10:00:40 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:40 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:40 +0000
Files and hashes:         1: qKI6ziwGf44hL_NZ2pbCBYtks-o.crl (hash: hh+ECMa07ktOEZ0SdMGEaqNY3PtPPMhlOGHNEA0zDyM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:c6:1e:32:a9:47:7d:fd:e2:72:cf:60:8b:f0:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea
        Validity
            Not Before: Mar 26 10:00:40 2026 GMT
            Not After : Mar 27 10:00:40 2026 GMT
        Subject: CN=7c5d84a66fe7eb411556ff5415a6bdd5e58bcdbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:db:0b:84:9b:34:b7:8b:e8:80:45:f8:63:50:
                    c6:0e:d4:a4:eb:85:af:ff:af:a4:54:79:e5:8d:32:
                    3f:27:21:14:bb:0f:b4:7a:95:cb:1b:75:c9:3a:a7:
                    2a:d4:45:58:71:12:36:1e:6f:3f:21:e7:09:95:67:
                    8d:f3:6a:f2:f3:cd:bf:bc:c2:37:70:80:33:fa:c9:
                    1d:f9:a1:a0:de:41:1e:71:ba:0c:a6:78:01:81:13:
                    f9:cf:17:88:46:d2:ca:3e:a0:7d:94:c6:70:54:43:
                    e2:df:1c:f8:c1:81:02:bc:d0:94:cd:c6:d3:c0:79:
                    26:53:5e:ec:08:9f:e1:34:8a:e4:33:f7:e5:6f:36:
                    65:cc:8d:0b:c7:86:8a:6f:be:a7:fe:24:1d:e3:c9:
                    7e:25:26:ee:62:3a:85:90:6d:73:af:12:4d:f1:27:
                    97:f5:e4:44:d8:2b:3e:04:64:d1:f7:8c:96:0f:97:
                    39:42:d2:82:45:99:e9:f0:05:fe:91:6f:90:f4:db:
                    de:4c:35:53:05:65:cf:fe:b6:30:e7:f9:2c:c4:6d:
                    60:e7:2e:8b:0f:fd:ce:16:38:c7:96:d2:58:63:c7:
                    34:b3:b6:77:1d:88:9c:44:6a:d0:a6:e0:03:a7:04:
                    f2:0c:95:5e:b5:7f:02:01:c4:d2:96:f1:e7:a1:d9:
                    6c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5D:84:A6:6F:E7:EB:41:15:56:FF:54:15:A6:BD:D5:E5:8B:CD:BF
            X509v3 Authority Key Identifier:
                keyid:A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:ac:f1:18:b4:f6:0b:0f:38:60:1d:3b:d2:7d:df:d9:34:83:
         23:3d:a8:a3:b1:dc:4a:7b:3d:a8:53:32:95:e7:7e:60:b7:20:
         30:cb:6f:58:4d:25:49:77:da:76:0d:af:cf:9c:6d:a9:2f:31:
         df:96:d4:76:89:d4:d1:ea:61:4a:0a:3f:e7:9e:db:37:b0:1c:
         76:dc:20:08:15:51:ee:11:4b:84:da:48:bf:c5:ab:5b:ae:7b:
         c9:02:27:5d:7a:af:a0:08:eb:58:05:80:f4:54:d1:4e:4f:9f:
         88:88:2b:d7:1b:c6:fc:18:0d:c7:a4:6b:71:35:5b:a8:da:09:
         63:ab:83:a8:d4:87:03:50:94:0e:62:a1:db:f1:d5:bb:b1:d8:
         2e:1c:3d:02:47:ad:f6:25:fb:e0:6f:27:55:fc:26:c5:96:47:
         91:47:44:6c:96:c1:7d:18:36:70:14:2d:1f:d6:d5:97:51:53:
         75:dc:37:33:d8:3f:6f:de:b7:83:83:cf:49:59:a8:f8:56:3a:
         4e:e4:49:8d:63:42:ee:7c:7b:b5:26:bd:8a:e5:6e:dd:eb:f5:
         1a:12:08:b0:50:6d:b8:92:ca:55:80:f9:c4:ac:a9:28:f6:6e:
         22:99:60:b9:04:e6:19:b7:2f:a4:5f:4c:82:38:2a:4b:ae:02:
         0d:d7:c5:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plsYeMqlHff3ics9gi/ClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YTIzYWNlMmMwNjdmOGUyMTJmZjM1OWRhOTZjMjA1OGI2
NGIzZWEwHhcNMjYwMzI2MTAwMDQwWhcNMjYwMzI3MTAwMDQwWjAzMTEwLwYDVQQD
Eyg3YzVkODRhNjZmZTdlYjQxMTU1NmZmNTQxNWE2YmRkNWU1OGJjZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotsLhJs0t4vogEX4Y1DGDtSk64Wv
/6+kVHnljTI/JyEUuw+0epXLG3XJOqcq1EVYcRI2Hm8/IecJlWeN82ry882/vMI3
cIAz+skd+aGg3kEecboMpngBgRP5zxeIRtLKPqB9lMZwVEPi3xz4wYECvNCUzcbT
wHkmU17sCJ/hNIrkM/flbzZlzI0Lx4aKb76n/iQd48l+JSbuYjqFkG1zrxJN8SeX
9eRE2Cs+BGTR94yWD5c5QtKCRZnp8AX+kW+Q9NveTDVTBWXP/rYw5/ksxG1g5y6L
D/3OFjjHltJYY8c0s7Z3HYicRGrQpuADpwTyDJVetX8CAcTSlvHnodlskQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxdhKZv5+tBFVb/VBWmvdXli82/MB8GA1UdIwQY
MBaAFKiiOs4sBn+OIS/zWdqWwgWLZLPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGIt
NzUyZDVkZTBhOTBlLzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGItNzUyZDVkZTBhOTBl
LzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnazxGLT2
Cw84YB070n3f2TSDIz2oo7HcSns9qFMyled+YLcgMMtvWE0lSXfadg2vz5xtqS8x
35bUdonU0ephSgo/557bN7AcdtwgCBVR7hFLhNpIv8WrW657yQInXXqvoAjrWAWA
9FTRTk+fiIgr1xvG/BgNx6RrcTVbqNoJY6uDqNSHA1CUDmKh2/HVu7HYLhw9Aket
9iX74G8nVfwmxZZHkUdEbJbBfRg2cBQtH9bVl1FTddw3M9g/b963g4PPSVmo+FY6
TuRJjWNC7nx7tSa9iuVu3ev1GhIIsFBtuJLKVYD5xKypKPZuIplguQTmGbcvpF9M
gjgqS64CDdfFqg==
-----END CERTIFICATE-----