Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
File:                     QH75-Xcjo9WiGTasNNMZl_JWHrk.mft (raw, json)
Hash identifier:          +ti0ZGOHtq6ARyxvrwoj2crtfptPIvK0jAj1zf0VcA0=
Subject key identifier:   27:A4:44:EC:F6:1B:60:7C:50:4D:B4:0D:D0:C0:6D:3A:F9:3C:DD:16
Authority key identifier: 40:7E:F9:F9:77:23:A3:D5:A2:19:36:AC:34:D3:19:97:F2:56:1E:B9
Certificate issuer:       /CN=407ef9f97723a3d5a21936ac34d31997f2561eb9
Certificate serial:       019D265F5E2135D1F244AF9D8E2834F48EDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
Manifest number:          0F65
Signing time:             Wed 25 Mar 2026 19:01:17 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:17 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:17 +0000
Files and hashes:         1: QH75-Xcjo9WiGTasNNMZl_JWHrk.crl (hash: kW9i3t8FZYEtFIM8wQiMAoiiE6OEL01CsePp5nJ6Y9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:5e:21:35:d1:f2:44:af:9d:8e:28:34:f4:8e:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407ef9f97723a3d5a21936ac34d31997f2561eb9
        Validity
            Not Before: Mar 25 19:01:17 2026 GMT
            Not After : Mar 26 19:01:17 2026 GMT
        Subject: CN=27a444ecf61b607c504db40dd0c06d3af93cdd16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ec:d3:5b:9b:96:e3:df:19:82:94:44:1b:28:
                    c3:b2:e7:11:db:48:18:a7:93:6e:3f:aa:22:ea:32:
                    a2:b2:26:c8:cd:49:37:90:8f:d4:cd:52:3f:82:7d:
                    f4:91:7f:f4:69:54:ff:d1:ca:c7:5e:ad:ef:ac:bc:
                    d0:30:73:da:6e:18:ae:c3:ac:eb:ec:df:ba:73:cf:
                    c1:fb:ac:9c:9a:e7:f3:b1:01:c6:99:3f:2b:53:3f:
                    66:2f:70:08:f6:41:4a:f9:a6:f3:8e:68:3e:f4:62:
                    fa:89:1a:8f:35:2d:91:1f:84:01:e1:c0:e2:1f:2d:
                    9a:a4:5d:2f:49:15:15:fb:c3:f7:4a:d1:fb:d1:24:
                    bf:27:2c:c5:11:6a:14:4f:7e:37:97:17:87:3e:74:
                    20:4d:83:6d:20:55:08:aa:60:61:a1:03:f8:60:86:
                    20:cd:2f:de:e8:e9:79:9b:b2:c3:0f:cf:ab:20:7d:
                    bb:d1:72:5a:d2:fa:ad:7d:5a:e6:ab:0d:4c:5d:f1:
                    43:bb:14:ce:1c:93:64:90:76:e9:b8:23:09:d0:a8:
                    b6:2a:2f:be:a9:75:19:86:e0:b3:26:9f:29:b3:79:
                    9d:bd:06:b1:25:33:1d:40:54:17:0a:d4:3c:12:5d:
                    2d:50:cd:51:89:a2:d2:8e:3f:3a:35:40:6d:7b:c1:
                    fe:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A4:44:EC:F6:1B:60:7C:50:4D:B4:0D:D0:C0:6D:3A:F9:3C:DD:16
            X509v3 Authority Key Identifier:
                keyid:40:7E:F9:F9:77:23:A3:D5:A2:19:36:AC:34:D3:19:97:F2:56:1E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH75-Xcjo9WiGTasNNMZl_JWHrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e1ce40-24e7-404c-8e24-8d66e720421d/1/QH75-Xcjo9WiGTasNNMZl_JWHrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:fc:1b:6c:6c:ea:e2:75:ae:81:89:d3:64:71:aa:9a:22:cc:
         39:a0:76:68:93:98:6d:09:8d:5d:aa:44:fa:f6:10:8f:76:9e:
         5a:39:0b:e8:a2:5b:b9:50:91:d5:31:eb:dc:88:63:c3:8c:92:
         c8:42:b6:4d:b1:1a:91:e8:29:1f:58:5e:ba:71:b0:e4:65:8d:
         ad:c8:9b:67:22:82:42:3a:48:3c:e6:87:8e:20:cf:dd:0d:33:
         6f:fe:86:19:ca:eb:c4:f8:eb:4f:c3:ce:f5:93:36:9c:49:d0:
         d1:be:8d:75:fc:b3:48:55:fe:77:fd:d3:ba:ae:1f:9b:07:f4:
         ee:b9:b2:6a:9b:f1:6e:b5:dc:9f:62:c2:1b:f0:bd:2b:2b:20:
         b4:1d:58:a1:ae:02:1b:1d:76:98:4c:c9:40:a2:07:ad:7d:44:
         7f:3e:51:f2:05:c1:75:35:96:d5:5b:1d:00:f9:df:ee:63:d4:
         70:5d:ec:1b:b8:a7:dd:cf:c3:71:64:12:6d:57:92:72:fe:19:
         b2:2d:79:e9:24:3a:b1:f3:2f:e0:e9:ad:4e:7d:fb:3d:fe:18:
         9c:1b:b9:b3:b1:9a:bf:5b:a5:dc:8a:75:68:01:14:f3:20:9d:
         d3:00:f1:85:0b:fc:06:ce:69:c9:d5:58:3c:25:b5:32:0f:b9:
         cf:2c:de:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX14hNdHyRK+djig09I7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2VmOWY5NzcyM2EzZDVhMjE5MzZhYzM0ZDMxOTk3ZjI1
NjFlYjkwHhcNMjYwMzI1MTkwMTE3WhcNMjYwMzI2MTkwMTE3WjAzMTEwLwYDVQQD
EygyN2E0NDRlY2Y2MWI2MDdjNTA0ZGI0MGRkMGMwNmQzYWY5M2NkZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruzTW5uW498ZgpREGyjDsucR20gY
p5NuP6oi6jKisibIzUk3kI/UzVI/gn30kX/0aVT/0crHXq3vrLzQMHPabhiuw6zr
7N+6c8/B+6ycmufzsQHGmT8rUz9mL3AI9kFK+abzjmg+9GL6iRqPNS2RH4QB4cDi
Hy2apF0vSRUV+8P3StH70SS/JyzFEWoUT343lxeHPnQgTYNtIFUIqmBhoQP4YIYg
zS/e6Ol5m7LDD8+rIH270XJa0vqtfVrmqw1MXfFDuxTOHJNkkHbpuCMJ0Ki2Ki++
qXUZhuCzJp8ps3mdvQaxJTMdQFQXCtQ8El0tUM1RiaLSjj86NUBte8H+GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCekROz2G2B8UE20DdDAbTr5PN0WMB8GA1UdIwQY
MBaAFEB++fl3I6PVohk2rDTTGZfyVh65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lMWNlNDAtMjRlNy00MDRjLThlMjQt
OGQ2NmU3MjA0MjFkLzEvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lMWNlNDAtMjRlNy00MDRjLThlMjQtOGQ2NmU3MjA0MjFk
LzEvUUg3NS1YY2pvOVdpR1Rhc05OTVpsX0pXSHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWfwbbGzq
4nWugYnTZHGqmiLMOaB2aJOYbQmNXapE+vYQj3aeWjkL6KJbuVCR1THr3Ihjw4yS
yEK2TbEakegpH1heunGw5GWNrcibZyKCQjpIPOaHjiDP3Q0zb/6GGcrrxPjrT8PO
9ZM2nEnQ0b6NdfyzSFX+d/3Tuq4fmwf07rmyapvxbrXcn2LCG/C9KysgtB1Yoa4C
Gx12mEzJQKIHrX1Efz5R8gXBdTWW1VsdAPnf7mPUcF3sG7in3c/DcWQSbVeScv4Z
si156SQ6sfMv4OmtTn37Pf4YnBu5s7Gav1ul3Ip1aAEU8yCd0wDxhQv8Bs5pydVY
PCW1Mg+5zyzeDg==
-----END CERTIFICATE-----