Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          w2lCoAmkIwVBQlQA1pouGyGf707YaNz7IoEhKv3gUUA=
Subject key identifier:   CD:0D:1F:79:E0:C3:F0:8D:70:94:5B:E2:F3:E4:1A:2E:A8:46:F8:D5
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       019D2704BB6E05580793DD23763054236A36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          0CFB
Signing time:             Wed 25 Mar 2026 22:01:54 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:54 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:54 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: fXrslloR+VIblrCPVV6q0y2ReFiIJ1lvZ+BeazxABMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:bb:6e:05:58:07:93:dd:23:76:30:54:23:6a:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Mar 25 22:01:54 2026 GMT
            Not After : Mar 26 22:01:54 2026 GMT
        Subject: CN=cd0d1f79e0c3f08d70945be2f3e41a2ea846f8d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5f:21:71:73:45:fd:51:e9:19:89:85:d8:75:
                    8a:cd:a8:38:22:29:e9:f2:13:ed:9b:66:dc:33:a7:
                    1b:aa:d2:c1:7c:a7:ca:03:90:41:dd:58:ad:83:bd:
                    37:4a:8b:df:1b:55:f3:fe:24:0a:cf:a6:6e:6e:d3:
                    f3:b4:e1:3e:34:55:64:5a:e5:f3:60:b6:79:07:d9:
                    d9:fe:14:04:6a:bd:cf:19:c0:3b:01:db:fe:35:ec:
                    bd:e0:a0:d8:b8:20:de:59:13:a3:43:f0:6f:f7:4f:
                    98:b0:48:4f:91:91:fa:e5:10:1f:ab:00:0d:ae:47:
                    4a:5c:45:c1:25:10:4d:b7:31:d4:a5:7b:df:8f:88:
                    1f:b8:d6:8e:86:11:93:f2:fe:06:77:7f:4a:4f:d9:
                    8d:bb:4d:0b:81:76:a2:f7:58:64:74:9e:e1:d6:54:
                    65:52:fa:9d:91:96:cd:fb:dd:db:fe:ae:b9:92:0f:
                    dc:59:a5:20:14:e5:e5:62:30:51:78:22:dc:e5:2d:
                    22:82:bc:72:f2:c3:e8:ba:e9:e6:5b:2e:41:75:02:
                    fa:0d:6e:ee:e4:79:27:d3:f0:d4:f5:09:f1:17:6b:
                    44:18:aa:ca:c9:20:ee:f7:14:0a:35:ff:17:ff:41:
                    d9:e7:87:c3:87:2c:07:b7:78:57:86:da:66:b9:fd:
                    c9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:0D:1F:79:E0:C3:F0:8D:70:94:5B:E2:F3:E4:1A:2E:A8:46:F8:D5
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:e2:54:26:0b:4b:3c:2a:21:47:14:85:a2:fd:c1:6f:b1:66:
         84:55:12:43:e2:a6:75:73:d3:8c:ad:4a:2e:3b:5e:0f:36:4a:
         46:83:ad:e9:cb:ed:1a:34:cf:a2:7e:9f:d9:39:f3:75:6f:0c:
         2a:21:89:d3:77:b8:d1:10:3b:c7:a9:1f:70:1c:6d:d4:ce:c1:
         a7:e1:15:13:5e:35:7b:a5:57:c9:21:22:95:f5:f9:7b:91:d6:
         95:1c:11:92:7a:bb:09:d0:14:5c:8e:31:4e:41:77:0b:f6:61:
         bc:92:a9:d0:35:56:20:e0:03:89:9e:29:d1:1e:a2:a9:8e:e2:
         8a:b0:fd:e6:36:96:ca:87:ae:68:a7:b9:eb:2b:3e:71:04:30:
         e8:41:33:4b:ce:f8:3b:26:75:5d:c7:e5:68:ac:67:19:a5:d0:
         0d:57:4a:9a:92:68:03:40:6a:4b:97:f4:41:46:42:c6:da:38:
         60:d1:f3:d0:d1:95:49:4b:8e:a1:d9:96:42:81:44:a9:db:e1:
         5f:37:02:90:72:0d:23:2c:5b:f8:9c:f9:63:66:26:39:de:0d:
         65:c9:58:2b:3a:1f:aa:30:a5:da:da:99:18:5e:2b:59:30:92:
         fc:a7:a7:0a:80:5e:26:db:9a:4c:6a:40:04:19:06:8c:d1:ee:
         61:5c:0f:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLtuBVgHk90jdjBUI2o2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjYwMzI1MjIwMTU0WhcNMjYwMzI2MjIwMTU0WjAzMTEwLwYDVQQD
EyhjZDBkMWY3OWUwYzNmMDhkNzA5NDViZTJmM2U0MWEyZWE4NDZmOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr18hcXNF/VHpGYmF2HWKzag4Iinp
8hPtm2bcM6cbqtLBfKfKA5BB3Vitg703SovfG1Xz/iQKz6ZubtPztOE+NFVkWuXz
YLZ5B9nZ/hQEar3PGcA7Adv+Ney94KDYuCDeWROjQ/Bv90+YsEhPkZH65RAfqwAN
rkdKXEXBJRBNtzHUpXvfj4gfuNaOhhGT8v4Gd39KT9mNu00LgXai91hkdJ7h1lRl
UvqdkZbN+93b/q65kg/cWaUgFOXlYjBReCLc5S0igrxy8sPouunmWy5BdQL6DW7u
5Hkn0/DU9QnxF2tEGKrKySDu9xQKNf8X/0HZ54fDhywHt3hXhtpmuf3JgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0NH3ngw/CNcJRb4vPkGi6oRvjVMB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnOJUJgtL
PCohRxSFov3Bb7FmhFUSQ+KmdXPTjK1KLjteDzZKRoOt6cvtGjTPon6f2TnzdW8M
KiGJ03e40RA7x6kfcBxt1M7Bp+EVE141e6VXySEilfX5e5HWlRwRknq7CdAUXI4x
TkF3C/ZhvJKp0DVWIOADiZ4p0R6iqY7iirD95jaWyoeuaKe56ys+cQQw6EEzS874
OyZ1XcflaKxnGaXQDVdKmpJoA0BqS5f0QUZCxto4YNHz0NGVSUuOodmWQoFEqdvh
XzcCkHINIyxb+Jz5Y2YmOd4NZclYKzofqjCl2tqZGF4rWTCS/KenCoBeJtuaTGpA
BBkGjNHuYVwPmQ==
-----END CERTIFICATE-----