Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
File:                     qafBolN_0DVAh1mXh8qoQv7WC38.mft (raw, json)
Hash identifier:          U/JXrrBdCDdD5e5KwqGClgw2Tm7roBb5IXcfPXeiTEo=
Subject key identifier:   87:02:5A:C6:91:75:69:3B:73:7D:B7:FD:3A:CC:EF:06:84:FA:9D:48
Authority key identifier: A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F
Certificate issuer:       /CN=a9a7c1a2537fd0354087599787caa842fed60b7f
Certificate serial:       019D2AA9E5DEC6E48271CFEB8C8EFA074CD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
Manifest number:          0B27
Signing time:             Thu 26 Mar 2026 15:01:10 +0000
Manifest this update:     Thu 26 Mar 2026 15:01:10 +0000
Manifest next update:     Fri 27 Mar 2026 15:01:10 +0000
Files and hashes:         1: qafBolN_0DVAh1mXh8qoQv7WC38.crl (hash: Omt8yUjDSa2aR6ZsN5vcJN1ULFc4JIsRvVO1G+PstPM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 15:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:a9:e5:de:c6:e4:82:71:cf:eb:8c:8e:fa:07:4c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9a7c1a2537fd0354087599787caa842fed60b7f
        Validity
            Not Before: Mar 26 15:01:10 2026 GMT
            Not After : Mar 27 15:01:10 2026 GMT
        Subject: CN=87025ac69175693b737db7fd3accef0684fa9d48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8f:03:0b:02:52:51:2a:5f:78:93:72:39:96:
                    91:6a:51:c0:cc:53:37:98:7e:2e:a5:b3:21:9b:b7:
                    ea:5a:14:17:04:4e:54:30:1d:b9:c1:f8:03:cc:3b:
                    f9:26:02:09:c6:59:a1:c8:fa:42:35:55:0a:83:61:
                    2e:e9:3b:07:bd:d9:b3:b2:df:98:d4:73:d1:6e:c7:
                    d2:6b:b7:06:94:ce:9a:7f:73:3c:87:ae:83:83:80:
                    18:44:3a:09:f6:b8:6d:7d:53:a9:7c:d4:e6:f9:82:
                    27:f6:eb:f4:54:bb:1d:73:a0:cc:87:77:a3:5b:7c:
                    bd:d7:60:8e:76:3b:4d:93:de:0c:bc:12:c4:9a:4c:
                    76:56:74:74:7a:45:b1:ec:84:fc:7a:82:48:16:1d:
                    ad:c5:d5:fa:c9:04:e7:28:5c:48:24:f1:7c:16:52:
                    ad:25:e0:a1:54:21:1a:07:fa:0c:17:a8:a3:5d:fb:
                    67:4f:03:81:19:30:4b:48:61:a7:16:ed:cc:1f:34:
                    1b:5c:c7:30:bd:75:01:90:57:b7:b5:f2:4e:d9:b4:
                    16:01:58:55:d6:15:3b:75:22:d6:c5:51:a3:54:75:
                    10:77:7b:12:d9:dc:95:25:40:ef:83:4c:64:8a:77:
                    a5:07:c8:33:d8:17:2b:1c:bc:a0:28:be:5b:d7:f8:
                    9d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:02:5A:C6:91:75:69:3B:73:7D:B7:FD:3A:CC:EF:06:84:FA:9D:48
            X509v3 Authority Key Identifier:
                keyid:A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:76:98:1d:72:0a:bc:3b:bc:5c:99:c0:48:63:b8:4e:e6:33:
         df:c7:19:3f:77:65:c2:dd:65:1b:e5:03:ad:85:4d:84:79:87:
         b8:d1:14:e7:d1:8e:59:d7:12:e9:90:24:48:79:96:07:50:46:
         a7:b5:89:bb:45:bb:08:4c:83:a1:b4:e5:10:ef:1f:7d:0d:7b:
         bb:db:5b:e2:45:91:b2:bd:7c:de:db:f0:1e:ae:85:58:9a:2a:
         16:b9:4d:07:02:53:7d:7c:c9:c4:2f:d4:1c:22:29:48:9c:0b:
         75:b8:42:35:a1:7c:d5:fe:a7:0e:45:f9:72:77:22:98:3d:7d:
         33:29:9c:14:4d:80:fb:db:16:0d:e8:eb:4d:dc:2c:3d:f1:78:
         f5:22:7b:cb:65:6b:24:e5:32:ff:24:24:2f:ab:45:7e:59:ca:
         38:9c:b1:6e:91:92:de:eb:53:08:d0:65:c6:25:05:2e:6f:a0:
         8a:4b:a0:12:83:cb:2b:ec:80:fb:bc:67:81:f9:e0:9c:72:66:
         c2:24:95:79:c7:02:98:1d:a0:9e:01:2b:8e:ef:23:7c:0f:be:
         8c:e4:48:c4:87:4a:43:2c:a6:ed:d3:4e:3d:3f:65:32:b6:19:
         98:34:3f:3d:4c:d8:2f:7f:ee:be:83:b6:f5:85:90:8f:1d:d4:
         ea:1e:93:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qqeXexuSCcc/rjI76B0zRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTdjMWEyNTM3ZmQwMzU0MDg3NTk5Nzg3Y2FhODQyZmVk
NjBiN2YwHhcNMjYwMzI2MTUwMTEwWhcNMjYwMzI3MTUwMTEwWjAzMTEwLwYDVQQD
Eyg4NzAyNWFjNjkxNzU2OTNiNzM3ZGI3ZmQzYWNjZWYwNjg0ZmE5ZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv48DCwJSUSpfeJNyOZaRalHAzFM3
mH4upbMhm7fqWhQXBE5UMB25wfgDzDv5JgIJxlmhyPpCNVUKg2Eu6TsHvdmzst+Y
1HPRbsfSa7cGlM6af3M8h66Dg4AYRDoJ9rhtfVOpfNTm+YIn9uv0VLsdc6DMh3ej
W3y912COdjtNk94MvBLEmkx2VnR0ekWx7IT8eoJIFh2txdX6yQTnKFxIJPF8FlKt
JeChVCEaB/oMF6ijXftnTwOBGTBLSGGnFu3MHzQbXMcwvXUBkFe3tfJO2bQWAVhV
1hU7dSLWxVGjVHUQd3sS2dyVJUDvg0xkinelB8gz2BcrHLygKL5b1/idaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcCWsaRdWk7c323/TrM7waE+p1IMB8GA1UdIwQY
MBaAFKmnwaJTf9A1QIdZl4fKqEL+1gt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEt
NDhmMWU1MTA5MDQ3LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEtNDhmMWU1MTA5MDQ3
LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3aYHXIK
vDu8XJnASGO4TuYz38cZP3dlwt1lG+UDrYVNhHmHuNEU59GOWdcS6ZAkSHmWB1BG
p7WJu0W7CEyDobTlEO8ffQ17u9tb4kWRsr183tvwHq6FWJoqFrlNBwJTfXzJxC/U
HCIpSJwLdbhCNaF81f6nDkX5cncimD19MymcFE2A+9sWDejrTdwsPfF49SJ7y2Vr
JOUy/yQkL6tFflnKOJyxbpGS3utTCNBlxiUFLm+gikugEoPLK+yA+7xngfngnHJm
wiSVeccCmB2gngErju8jfA++jORIxIdKQyym7dNOPT9lMrYZmDQ/PUzYL3/uvoO2
9YWQjx3U6h6TZw==
-----END CERTIFICATE-----