Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          VBjG9jlI30XyErqyvFvGRUplJUn7ppWqOvDU9M8pKSc=
Subject key identifier:   D5:D8:D2:11:60:97:FF:65:57:2D:DA:14:48:C3:47:AA:FC:8C:01:B6
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       019D27E052FE662CBC985ABAE721079CD768
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 02:01:45 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:45 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:45 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: OkqAyEuv0CbCeIT8qIo95fFEtu19iMggGkhdCUAYb8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:52:fe:66:2c:bc:98:5a:ba:e7:21:07:9c:d7:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Mar 26 02:01:45 2026 GMT
            Not After : Mar 27 02:01:45 2026 GMT
        Subject: CN=d5d8d2116097ff65572dda1448c347aafc8c01b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:43:e3:23:63:a0:25:c1:20:9c:03:5b:ac:ec:
                    83:56:00:86:0a:6b:e8:c0:ff:6c:1b:52:c9:a0:f9:
                    6f:cd:91:57:26:73:88:d2:5d:e0:9a:c6:4b:33:ae:
                    5c:10:6d:6d:b7:f3:9f:10:23:c7:b9:24:a7:07:d8:
                    cd:89:b8:84:62:78:b0:4f:32:16:6a:49:db:7e:0e:
                    b7:af:f4:6f:98:ae:51:e1:75:63:cb:01:4c:70:5e:
                    cc:c9:ce:47:3d:8d:cc:e3:87:b9:5b:50:a7:74:6b:
                    ce:97:40:fe:9c:8f:73:b4:57:50:be:dc:7b:65:a7:
                    c5:74:49:4c:d4:dd:ee:ae:47:db:39:c2:ac:00:ca:
                    dd:bb:7b:03:3f:7f:8c:21:7f:9d:b3:77:07:b1:02:
                    a0:5e:1b:01:17:22:d7:37:f4:3c:38:54:37:55:18:
                    51:00:96:0b:c6:22:e2:cd:82:51:11:fe:36:b2:03:
                    07:e7:fb:da:d0:9b:ab:28:66:90:a2:16:d4:c6:3b:
                    8c:a2:7a:37:9c:11:e9:d9:74:27:78:be:7c:83:0c:
                    67:ad:fe:73:6c:f9:b1:f0:e5:32:74:ee:84:e8:b3:
                    8a:f7:58:88:fc:e3:4d:78:b1:07:2b:bb:49:d7:96:
                    18:76:5c:fb:22:d6:db:72:8f:54:33:d5:21:ac:2e:
                    20:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D8:D2:11:60:97:FF:65:57:2D:DA:14:48:C3:47:AA:FC:8C:01:B6
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:b1:3c:ca:ea:48:54:6e:20:b0:04:47:9e:c2:d5:fe:a1:3d:
         6a:ba:d1:19:60:5d:b1:1e:58:42:85:ee:42:9c:27:b5:59:61:
         35:e3:52:eb:48:12:1b:ec:53:a1:cd:92:80:37:09:af:24:a6:
         2a:15:2f:70:41:59:39:82:ad:68:ca:62:70:19:07:ab:79:62:
         9f:12:2e:07:30:ed:8c:06:76:70:3b:ae:33:76:1b:39:e6:0b:
         8f:76:4b:2f:b7:cb:2e:25:1b:8e:65:4b:6d:0b:f4:58:f7:fa:
         b0:75:71:2e:6d:2c:a4:72:f6:41:ae:cb:ec:07:ae:fc:06:3f:
         32:fd:e6:2a:2f:64:7b:03:e4:55:70:a2:16:0a:60:0f:a5:92:
         42:6c:ff:2b:7d:9c:8e:4d:8d:f1:af:d5:9d:ef:f7:98:86:32:
         f7:2e:9d:81:6f:65:e1:8a:b1:fe:31:b3:e8:95:83:c8:78:09:
         5a:54:ad:ea:97:e0:74:14:a0:cc:5f:21:5c:fb:98:7a:f8:0f:
         4f:53:1b:07:b3:08:aa:8f:9f:81:6c:51:7c:ce:ee:e3:f6:89:
         fc:7f:ff:db:ce:db:f1:5f:ef:35:b4:57:3e:39:2f:47:44:c2:
         24:dd:a4:49:05:ba:30:6a:f3:81:d1:3e:53:b3:72:5f:91:02:
         d8:12:33:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4FL+Ziy8mFq65yEHnNdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjYwMzI2MDIwMTQ1WhcNMjYwMzI3MDIwMTQ1WjAzMTEwLwYDVQQD
EyhkNWQ4ZDIxMTYwOTdmZjY1NTcyZGRhMTQ0OGMzNDdhYWZjOGMwMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0PjI2OgJcEgnANbrOyDVgCGCmvo
wP9sG1LJoPlvzZFXJnOI0l3gmsZLM65cEG1tt/OfECPHuSSnB9jNibiEYniwTzIW
aknbfg63r/RvmK5R4XVjywFMcF7Myc5HPY3M44e5W1CndGvOl0D+nI9ztFdQvtx7
ZafFdElM1N3urkfbOcKsAMrdu3sDP3+MIX+ds3cHsQKgXhsBFyLXN/Q8OFQ3VRhR
AJYLxiLizYJREf42sgMH5/va0JurKGaQohbUxjuMono3nBHp2XQneL58gwxnrf5z
bPmx8OUydO6E6LOK91iI/ONNeLEHK7tJ15YYdlz7Itbbco9UM9UhrC4gCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXY0hFgl/9lVy3aFEjDR6r8jAG2MB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoLE8yupI
VG4gsARHnsLV/qE9arrRGWBdsR5YQoXuQpwntVlhNeNS60gSG+xToc2SgDcJrySm
KhUvcEFZOYKtaMpicBkHq3linxIuBzDtjAZ2cDuuM3YbOeYLj3ZLL7fLLiUbjmVL
bQv0WPf6sHVxLm0spHL2Qa7L7Aeu/AY/Mv3mKi9kewPkVXCiFgpgD6WSQmz/K32c
jk2N8a/Vne/3mIYy9y6dgW9l4Yqx/jGz6JWDyHgJWlSt6pfgdBSgzF8hXPuYevgP
T1MbB7MIqo+fgWxRfM7u4/aJ/H//287b8V/vNbRXPjkvR0TCJN2kSQW6MGrzgdE+
U7NyX5EC2BIzCA==
-----END CERTIFICATE-----