Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
File:                     QIS7AapYrpSxMg_UvkIT-TFOkFY.mft (raw, json)
Hash identifier:          dTWuexz6wUz3vb/GPthhIB0gV/j0xHK6uTM2Mxv0o7A=
Subject key identifier:   1F:67:2A:19:D4:AD:05:05:7B:29:0A:12:4F:EC:92:0A:26:08:41:F1
Authority key identifier: 40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56
Certificate issuer:       /CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
Certificate serial:       019D33E391FD84CAAA69A16283DEC74AA1C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
Manifest number:          087B
Signing time:             Sat 28 Mar 2026 10:00:45 +0000
Manifest this update:     Sat 28 Mar 2026 10:00:45 +0000
Manifest next update:     Sun 29 Mar 2026 10:00:45 +0000
Files and hashes:         1: QIS7AapYrpSxMg_UvkIT-TFOkFY.crl (hash: E6Jdt10uDw07377qYKjq4chLsZIxFgEkC25f6F70hXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:e3:91:fd:84:ca:aa:69:a1:62:83:de:c7:4a:a1:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4084bb01aa58ae94b1320fd4be4213f9314e9056
        Validity
            Not Before: Mar 28 10:00:45 2026 GMT
            Not After : Mar 29 10:00:45 2026 GMT
        Subject: CN=1f672a19d4ad05057b290a124fec920a260841f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ee:5e:5b:be:f2:49:6c:61:2b:bb:2f:22:8f:
                    64:ca:92:40:69:b3:6f:b0:34:33:d9:d7:5e:e6:80:
                    39:31:bc:3c:74:45:69:a9:7f:79:f5:64:51:d3:c9:
                    b4:f1:5f:7c:fe:91:ec:44:38:d8:32:18:b4:d4:da:
                    3a:07:95:11:15:c5:f3:4c:fa:b5:14:ab:98:1b:16:
                    14:50:c5:7b:ea:eb:42:90:5c:a1:11:f2:3e:26:5a:
                    46:7d:c0:0b:16:a4:d4:ab:15:4d:93:7c:7c:f7:bf:
                    82:bb:9f:f0:40:05:6e:df:8c:a8:11:34:d1:16:c2:
                    31:11:32:b1:47:7f:6a:97:33:7a:e4:be:39:9e:81:
                    c2:6e:ec:c2:73:4c:d7:41:21:f2:87:06:54:55:57:
                    02:e9:34:b4:8c:48:22:20:cf:7e:a3:9e:dc:2a:31:
                    66:1d:6e:6e:eb:29:fc:af:f5:74:b3:b0:86:b4:37:
                    43:e8:00:0a:f6:bf:b2:65:2f:c6:57:04:cf:1f:69:
                    81:86:31:7f:55:7d:b9:62:53:58:74:1a:bc:58:73:
                    09:67:52:f4:5f:db:39:ec:1d:50:09:de:e4:37:5a:
                    35:a4:64:6d:0f:dc:6c:23:0c:d0:a0:f2:3e:76:7f:
                    c5:da:44:b8:2c:b2:a6:a7:bf:91:34:fb:00:e3:fb:
                    57:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:67:2A:19:D4:AD:05:05:7B:29:0A:12:4F:EC:92:0A:26:08:41:F1
            X509v3 Authority Key Identifier:
                keyid:40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:b7:3a:44:9e:e0:23:1b:1a:1d:09:57:04:c6:27:d2:1b:fa:
         86:51:b5:d3:cd:57:c7:62:1d:40:20:18:6a:0f:21:ec:d6:89:
         31:0b:8c:6b:26:52:c7:b1:cc:e1:27:23:a1:17:7f:1c:dd:5b:
         20:af:cd:9e:5f:c4:91:e5:94:99:56:7a:d1:15:3d:b6:d8:56:
         49:7a:9a:83:6f:ec:b2:b0:cd:13:92:4e:e6:15:71:35:13:98:
         36:ff:69:5f:64:a9:c3:22:00:81:bf:17:75:cc:1d:c3:92:57:
         7f:90:da:fa:96:86:cb:c2:e2:c5:c0:3a:20:f5:71:c6:4c:eb:
         2a:9e:dc:cc:bf:81:02:58:0d:e7:5c:f7:af:87:cf:3b:e3:4a:
         3c:8f:37:09:0d:2d:4a:d2:73:65:35:9d:66:26:93:c0:2b:c2:
         aa:65:05:cc:e5:49:7d:55:da:ec:9a:e5:98:a7:3b:9a:f3:32:
         31:93:86:77:91:52:9d:9e:bd:19:6e:42:26:d4:f4:91:7d:c9:
         62:76:a1:3a:63:f2:d2:13:8c:25:9a:8d:5e:05:49:63:d2:be:
         0d:30:6a:2e:cd:81:7c:60:56:79:47:22:31:52:d8:42:9e:03:
         42:3d:00:0a:17:99:a3:44:12:3c:f6:91:3b:fc:dd:03:38:fd:
         25:f2:3c:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z45H9hMqqaaFig97HSqHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODRiYjAxYWE1OGFlOTRiMTMyMGZkNGJlNDIxM2Y5MzE0
ZTkwNTYwHhcNMjYwMzI4MTAwMDQ1WhcNMjYwMzI5MTAwMDQ1WjAzMTEwLwYDVQQD
EygxZjY3MmExOWQ0YWQwNTA1N2IyOTBhMTI0ZmVjOTIwYTI2MDg0MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO5eW77ySWxhK7svIo9kypJAabNv
sDQz2dde5oA5Mbw8dEVpqX959WRR08m08V98/pHsRDjYMhi01No6B5URFcXzTPq1
FKuYGxYUUMV76utCkFyhEfI+JlpGfcALFqTUqxVNk3x897+Cu5/wQAVu34yoETTR
FsIxETKxR39qlzN65L45noHCbuzCc0zXQSHyhwZUVVcC6TS0jEgiIM9+o57cKjFm
HW5u6yn8r/V0s7CGtDdD6AAK9r+yZS/GVwTPH2mBhjF/VX25YlNYdBq8WHMJZ1L0
X9s57B1QCd7kN1o1pGRtD9xsIwzQoPI+dn/F2kS4LLKmp7+RNPsA4/tXPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9nKhnUrQUFeykKEk/skgomCEHxMB8GA1UdIwQY
MBaAFECEuwGqWK6UsTIP1L5CE/kxTpBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzkt
ZDFiNjQ4YTRmZDBlLzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzktZDFiNjQ4YTRmZDBl
LzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALrc6RJ7g
IxsaHQlXBMYn0hv6hlG1081Xx2IdQCAYag8h7NaJMQuMayZSx7HM4ScjoRd/HN1b
IK/Nnl/EkeWUmVZ60RU9tthWSXqag2/ssrDNE5JO5hVxNROYNv9pX2SpwyIAgb8X
dcwdw5JXf5Da+paGy8LixcA6IPVxxkzrKp7czL+BAlgN51z3r4fPO+NKPI83CQ0t
StJzZTWdZiaTwCvCqmUFzOVJfVXa7JrlmKc7mvMyMZOGd5FSnZ69GW5CJtT0kX3J
YnahOmPy0hOMJZqNXgVJY9K+DTBqLs2BfGBWeUciMVLYQp4DQj0ACheZo0QSPPaR
O/zdAzj9JfI8ew==
-----END CERTIFICATE-----