Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
File:                     QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft (raw, json)
Hash identifier:          y2t3zzSDRLVcgbqwCaZjQVhHSnaAlZN7IqNf7GN/Fxk=
Subject key identifier:   C3:57:8C:85:30:F8:31:99:41:F9:51:40:49:CC:A9:1C:B6:35:11:7F
Authority key identifier: 42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84
Certificate issuer:       /CN=424c165b6a49349541c65af9b21580163819f284
Certificate serial:       019D270439AA84D4CACB4F32F4EEE72B08B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
Manifest number:          0C24
Signing time:             Wed 25 Mar 2026 22:01:21 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:21 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:21 +0000
Files and hashes:         1: QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl (hash: AzPpCBBgkmBS1tpPB2FJOyvlnawH9vi7HDE/6rFPniM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:39:aa:84:d4:ca:cb:4f:32:f4:ee:e7:2b:08:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=424c165b6a49349541c65af9b21580163819f284
        Validity
            Not Before: Mar 25 22:01:21 2026 GMT
            Not After : Mar 26 22:01:21 2026 GMT
        Subject: CN=c3578c8530f8319941f9514049cca91cb635117f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2e:15:2a:7f:7b:bb:04:30:6b:3c:46:65:79:
                    64:70:1b:2c:e8:ba:bf:82:31:fe:a5:41:89:f7:c1:
                    cb:e0:4b:60:b9:9b:73:8d:34:c1:e6:e9:0d:61:43:
                    ab:de:03:4a:82:e9:22:72:1f:c7:97:0b:4e:1e:ce:
                    40:9f:11:4d:36:13:27:05:32:12:a0:08:01:ee:5f:
                    d5:f5:8a:03:d0:ed:a1:ee:df:92:1f:d9:a6:71:c3:
                    e1:54:7f:93:a4:40:5a:c8:3a:fc:af:16:ba:16:1e:
                    8e:0b:66:87:f0:47:37:79:36:0f:2a:77:26:5e:ed:
                    b4:00:ec:55:65:9f:fe:1a:88:d2:d2:3b:9c:66:6b:
                    37:1b:28:23:bc:65:9b:84:55:e0:ae:a1:a6:49:91:
                    60:ae:45:9c:eb:5c:66:82:b5:cc:a9:a1:97:16:b2:
                    4b:91:4e:d3:ed:70:f5:40:96:58:8e:c6:c3:c6:a9:
                    8f:ac:e5:3f:3b:90:6d:d5:6d:df:f3:53:3f:98:7c:
                    9c:07:70:a5:88:e7:f5:39:d1:b1:19:13:6c:ec:31:
                    41:10:93:18:ee:3c:73:33:2b:25:e3:ff:6b:18:34:
                    3a:1f:b3:e9:5a:36:0a:82:b2:d1:8c:b7:ca:37:37:
                    9b:55:bd:97:23:be:dd:7d:ca:32:c5:05:84:55:a3:
                    73:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:57:8C:85:30:F8:31:99:41:F9:51:40:49:CC:A9:1C:B6:35:11:7F
            X509v3 Authority Key Identifier:
                keyid:42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:1b:14:8f:5c:32:38:56:5a:f8:69:03:f1:1a:fc:42:eb:ca:
         a2:93:0a:33:d2:96:d7:27:55:25:e7:f9:0c:58:36:af:e1:c9:
         60:5b:de:34:d8:2d:ec:2b:0d:27:58:8a:8b:ca:36:0c:f4:8b:
         d8:75:eb:b8:8f:b0:1a:a6:ad:4b:9d:2a:98:70:0c:80:ed:b6:
         f4:71:a2:15:cf:ef:46:72:56:58:c0:a2:71:b7:0f:71:4b:97:
         42:99:da:11:7a:88:34:c5:7c:26:fc:08:42:47:86:07:df:16:
         b9:9b:cb:e2:31:a0:15:9c:de:bc:c4:ab:5a:c9:e1:ea:9a:16:
         76:c5:5a:73:5a:7b:e8:64:b5:d8:1b:51:b8:8f:da:5b:88:71:
         5c:68:9e:54:92:1f:b8:ad:e0:58:85:a0:71:3c:33:0b:67:5f:
         79:76:ab:fd:d0:32:73:ff:23:60:20:ef:b1:c6:94:23:64:79:
         03:e3:81:90:96:13:13:7c:10:46:e8:f5:90:82:1a:21:72:fb:
         fc:c4:75:bd:20:6c:10:d0:c1:00:c8:e5:cf:54:f3:f5:f1:88:
         c6:69:8b:d8:25:9b:b7:cd:31:71:f7:7f:99:7a:f8:53:d3:f6:
         c8:e1:b1:ae:e6:c2:7c:3e:4a:0e:e6:1d:61:53:92:55:db:e5:
         69:f5:10:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDmqhNTKy08y9O7nKwiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGMxNjViNmE0OTM0OTU0MWM2NWFmOWIyMTU4MDE2Mzgx
OWYyODQwHhcNMjYwMzI1MjIwMTIxWhcNMjYwMzI2MjIwMTIxWjAzMTEwLwYDVQQD
EyhjMzU3OGM4NTMwZjgzMTk5NDFmOTUxNDA0OWNjYTkxY2I2MzUxMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S4VKn97uwQwazxGZXlkcBss6Lq/
gjH+pUGJ98HL4EtguZtzjTTB5ukNYUOr3gNKgukich/HlwtOHs5AnxFNNhMnBTIS
oAgB7l/V9YoD0O2h7t+SH9mmccPhVH+TpEBayDr8rxa6Fh6OC2aH8Ec3eTYPKncm
Xu20AOxVZZ/+GojS0jucZms3GygjvGWbhFXgrqGmSZFgrkWc61xmgrXMqaGXFrJL
kU7T7XD1QJZYjsbDxqmPrOU/O5Bt1W3f81M/mHycB3CliOf1OdGxGRNs7DFBEJMY
7jxzMysl4/9rGDQ6H7PpWjYKgrLRjLfKNzebVb2XI77dfcoyxQWEVaNzkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNXjIUw+DGZQflRQEnMqRy2NRF/MB8GA1UdIwQY
MBaAFEJMFltqSTSVQcZa+bIVgBY4GfKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgt
ZWMzYmY0ODE2ZDM2LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgtZWMzYmY0ODE2ZDM2
LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhhsUj1wy
OFZa+GkD8Rr8QuvKopMKM9KW1ydVJef5DFg2r+HJYFveNNgt7CsNJ1iKi8o2DPSL
2HXruI+wGqatS50qmHAMgO229HGiFc/vRnJWWMCicbcPcUuXQpnaEXqINMV8JvwI
QkeGB98WuZvL4jGgFZzevMSrWsnh6poWdsVac1p76GS12BtRuI/aW4hxXGieVJIf
uK3gWIWgcTwzC2dfeXar/dAyc/8jYCDvscaUI2R5A+OBkJYTE3wQRuj1kIIaIXL7
/MR1vSBsENDBAMjlz1Tz9fGIxmmL2CWbt80xcfd/mXr4U9P2yOGxrubCfD5KDuYd
YVOSVdvlafUQPQ==
-----END CERTIFICATE-----