Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          3Oz3xGog5cibir3Shsqzws6dp5bELmwi/lMxyPVjfcI=
Subject key identifier:   8E:CF:E1:E8:B1:CC:57:3F:41:F1:CD:2C:F0:84:0B:3F:3A:1E:EA:90
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       019D292983902B79DFD6D88398C2B5453DE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          0491
Signing time:             Thu 26 Mar 2026 08:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:19 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: 7CfDhEFiS0XpAmv2Qs9JrcfoKrtjlLqnExj+eO1cdKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:83:90:2b:79:df:d6:d8:83:98:c2:b5:45:3d:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: Mar 26 08:01:19 2026 GMT
            Not After : Mar 27 08:01:19 2026 GMT
        Subject: CN=8ecfe1e8b1cc573f41f1cd2cf0840b3f3a1eea90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:85:36:16:23:a8:61:bb:93:eb:81:51:5e:66:
                    ca:35:dd:c5:33:69:c5:00:2e:8c:3a:b4:3f:c4:71:
                    ca:36:34:f9:2a:aa:37:84:77:14:f5:60:bf:f1:2c:
                    56:e6:c1:91:d8:70:07:8e:7d:fd:5f:1f:c5:71:62:
                    e4:0f:d7:7f:6f:03:99:b0:be:20:c5:b8:78:fe:a9:
                    ef:af:26:d6:cf:7d:78:44:54:93:78:dc:dc:38:3e:
                    2b:4e:6f:1d:ad:84:f8:d3:b2:40:97:79:1e:34:55:
                    8e:a5:2a:99:ce:d1:36:41:c4:b4:a9:c0:25:af:88:
                    80:98:91:bb:35:e8:53:57:e5:c7:be:be:7b:a7:7b:
                    fe:4e:64:a3:fe:8d:97:c0:d9:da:ec:7d:6f:37:24:
                    ab:3c:e9:79:f5:3d:ab:b2:1e:05:43:a3:69:f9:c5:
                    57:5c:3b:86:1c:9b:94:c8:25:51:95:e5:17:f0:9d:
                    77:27:20:52:85:23:15:8a:89:18:b1:b7:d4:1b:83:
                    d4:06:f5:5a:81:7e:b4:b8:7c:f4:ca:8f:e9:ac:6a:
                    e8:28:43:10:fc:38:8c:8f:af:22:3d:1c:0c:10:92:
                    2b:89:f6:32:5c:3d:f1:b7:21:e3:3e:da:67:f8:41:
                    99:0b:5e:56:47:f9:41:c6:79:3e:6d:24:ef:3d:8f:
                    f5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:CF:E1:E8:B1:CC:57:3F:41:F1:CD:2C:F0:84:0B:3F:3A:1E:EA:90
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:4d:1f:42:ca:6e:6c:89:02:3a:b7:37:53:c6:60:cf:9a:13:
         7d:98:4a:89:c1:20:85:33:29:3f:fc:91:7f:0b:9b:00:4e:eb:
         25:9a:7d:4c:55:b2:87:b9:69:7f:27:15:0b:e4:83:d9:4a:c1:
         44:eb:2f:cd:de:7b:29:c7:7b:f1:08:a6:2f:4d:d3:1d:5d:1c:
         88:9a:4b:32:5c:a7:20:aa:a1:ea:e9:df:fe:05:91:85:cd:ed:
         a6:b2:f3:b0:e6:4c:c8:d5:bb:3f:7c:0e:c6:36:19:43:d0:8a:
         f1:02:1a:e7:7f:cf:47:54:66:c5:af:f6:83:3d:82:d2:de:1d:
         35:d5:31:db:37:c3:03:7e:99:e5:26:3e:e4:cf:01:a3:33:fc:
         d8:d2:f6:71:fc:ab:63:b4:14:5f:be:48:df:69:1c:f8:c1:56:
         0e:87:dc:20:26:c7:a3:6b:63:21:c8:5a:46:88:2c:e8:b5:71:
         38:fc:e8:07:32:3d:99:c5:4d:84:e5:6d:e6:cc:e6:70:13:14:
         b4:e3:8d:72:81:a5:9b:25:0f:76:e0:c1:5c:e1:4d:fb:23:2d:
         a5:23:c9:aa:b9:da:c0:bf:2c:d1:d0:1d:24:d9:d8:95:40:cc:
         e6:89:32:b9:63:0c:56:33:2d:4d:e9:59:39:68:90:99:f7:ae:
         3d:39:a5:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKYOQK3nf1tiDmMK1RT3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjYwMzI2MDgwMTE5WhcNMjYwMzI3MDgwMTE5WjAzMTEwLwYDVQQD
Eyg4ZWNmZTFlOGIxY2M1NzNmNDFmMWNkMmNmMDg0MGIzZjNhMWVlYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYU2FiOoYbuT64FRXmbKNd3FM2nF
AC6MOrQ/xHHKNjT5Kqo3hHcU9WC/8SxW5sGR2HAHjn39Xx/FcWLkD9d/bwOZsL4g
xbh4/qnvrybWz314RFSTeNzcOD4rTm8drYT407JAl3keNFWOpSqZztE2QcS0qcAl
r4iAmJG7NehTV+XHvr57p3v+TmSj/o2XwNna7H1vNySrPOl59T2rsh4FQ6Np+cVX
XDuGHJuUyCVRleUX8J13JyBShSMViokYsbfUG4PUBvVagX60uHz0yo/prGroKEMQ
/DiMj68iPRwMEJIrifYyXD3xtyHjPtpn+EGZC15WR/lBxnk+bSTvPY/1PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7P4eixzFc/QfHNLPCECz86HuqQMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlk0fQspu
bIkCOrc3U8Zgz5oTfZhKicEghTMpP/yRfwubAE7rJZp9TFWyh7lpfycVC+SD2UrB
ROsvzd57Kcd78QimL03THV0ciJpLMlynIKqh6unf/gWRhc3tprLzsOZMyNW7P3wO
xjYZQ9CK8QIa53/PR1Rmxa/2gz2C0t4dNdUx2zfDA36Z5SY+5M8BozP82NL2cfyr
Y7QUX75I32kc+MFWDofcICbHo2tjIchaRogs6LVxOPzoBzI9mcVNhOVt5szmcBMU
tOONcoGlmyUPduDBXOFN+yMtpSPJqrnawL8s0dAdJNnYlUDM5okyuWMMVjMtTelZ
OWiQmfeuPTmltQ==
-----END CERTIFICATE-----