Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
File:                     PqlK-DEYyT_-izYnXtU0mU1not0.mft (raw, json)
Hash identifier:          g9wVIwW9oW/z9rZ/Tk9b7jTDdLM12wUZoOZp/RHGelQ=
Subject key identifier:   3B:5A:17:C9:A6:72:B6:99:9C:0D:41:A9:06:04:0F:7C:84:76:F0:6E
Authority key identifier: 3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD
Certificate issuer:       /CN=3ea94af83118c93ffe8b36275ed534994d67a2dd
Certificate serial:       019D33ACE74AB59035ACC3CA5FDABF28B148
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
Manifest number:          147D
Signing time:             Sat 28 Mar 2026 09:01:02 +0000
Manifest this update:     Sat 28 Mar 2026 09:01:02 +0000
Manifest next update:     Sun 29 Mar 2026 09:01:02 +0000
Files and hashes:         1: PqlK-DEYyT_-izYnXtU0mU1not0.crl (hash: r9NrEeVRP8hvJjfFxmHC8hJUGLPLw2Cq1k9cUfMCzfI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:ac:e7:4a:b5:90:35:ac:c3:ca:5f:da:bf:28:b1:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ea94af83118c93ffe8b36275ed534994d67a2dd
        Validity
            Not Before: Mar 28 09:01:02 2026 GMT
            Not After : Mar 29 09:01:02 2026 GMT
        Subject: CN=3b5a17c9a672b6999c0d41a906040f7c8476f06e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b5:46:84:29:d6:25:4d:3d:8c:d0:ec:c5:f6:
                    30:f6:41:a2:f5:65:68:d6:d1:b1:77:fa:67:97:6e:
                    27:90:de:ac:a5:f7:d2:1f:8f:b6:fd:ab:5e:5f:ec:
                    68:3d:d8:db:05:85:19:a3:a3:23:12:2c:66:24:0f:
                    4d:0b:d1:ab:5b:40:8b:99:6f:8f:5c:8e:5f:d3:c9:
                    ec:2f:1d:d8:97:29:74:a4:e2:c5:d2:1a:db:ff:8f:
                    68:e7:26:94:75:bb:8b:ba:db:1c:6a:d1:32:32:ed:
                    2e:85:a2:c5:ec:8a:44:99:48:24:3d:6b:50:3a:81:
                    83:a4:8e:d7:75:36:a9:92:22:29:60:16:09:75:37:
                    dd:4b:71:2a:62:cc:02:fa:d9:f6:ee:fd:62:06:7b:
                    33:2d:4d:ee:82:ce:80:1e:ac:15:d6:f9:4e:29:ba:
                    7e:36:73:cc:e1:0f:eb:f4:cd:77:2f:66:c8:65:9d:
                    fd:49:df:8b:bd:2e:f6:1b:76:e3:f8:8f:fc:0f:10:
                    ca:6e:8e:bc:c2:3f:f1:17:43:af:26:94:1e:d7:9d:
                    92:4c:17:0b:84:89:7b:27:2c:93:dd:47:1f:49:6b:
                    0e:4c:ec:6f:41:00:8b:1b:36:56:9d:b7:7c:25:0b:
                    a6:07:04:dd:63:e5:90:5b:c3:fe:e8:b7:d5:d6:3f:
                    68:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:5A:17:C9:A6:72:B6:99:9C:0D:41:A9:06:04:0F:7C:84:76:F0:6E
            X509v3 Authority Key Identifier:
                keyid:3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:5f:a9:7d:c2:0a:ac:55:b8:1a:3c:54:65:ec:7b:d9:63:63:
         85:2e:4c:b5:3f:3e:c7:8c:ec:5c:0d:fc:af:f8:66:6c:f4:b2:
         25:7d:ca:63:af:f8:53:1d:91:1c:bd:a5:da:f9:c9:94:64:74:
         1d:b4:bb:f4:29:8b:13:cd:7e:47:0d:8e:29:77:bb:39:0e:65:
         a9:74:b2:16:95:84:32:9c:21:07:09:1b:6c:fb:ac:c7:82:46:
         a7:32:d7:1b:1a:b9:b0:f7:23:fb:e9:75:98:3c:8e:01:df:55:
         4a:5f:f3:ee:c0:4d:a7:3d:e5:44:2e:cb:02:e5:41:07:e0:03:
         a8:27:4e:2b:d0:e3:f3:dc:d9:4f:39:39:25:d8:d2:ec:ff:ef:
         3f:c0:1c:2e:cf:71:f2:5d:4f:42:c6:06:fe:4b:52:78:19:03:
         c6:79:00:ba:63:a9:a9:fa:05:6a:a8:cc:72:f3:74:6f:f6:5f:
         d4:03:c6:f7:97:63:11:be:03:ee:da:c4:75:56:0e:1d:9c:6d:
         48:6b:85:f1:aa:5d:4e:8a:e4:33:f2:7e:70:ba:38:3b:20:7c:
         30:cd:6d:c3:d1:0c:aa:aa:9a:64:76:39:ac:3c:c2:07:40:30:
         75:b8:89:c4:b1:fe:f3:96:93:2c:12:80:66:92:a8:47:55:c1:
         01:5a:cd:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zrOdKtZA1rMPKX9q/KLFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTk0YWY4MzExOGM5M2ZmZThiMzYyNzVlZDUzNDk5NGQ2
N2EyZGQwHhcNMjYwMzI4MDkwMTAyWhcNMjYwMzI5MDkwMTAyWjAzMTEwLwYDVQQD
EygzYjVhMTdjOWE2NzJiNjk5OWMwZDQxYTkwNjA0MGY3Yzg0NzZmMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubVGhCnWJU09jNDsxfYw9kGi9WVo
1tGxd/pnl24nkN6spffSH4+2/ateX+xoPdjbBYUZo6MjEixmJA9NC9GrW0CLmW+P
XI5f08nsLx3Ylyl0pOLF0hrb/49o5yaUdbuLutscatEyMu0uhaLF7IpEmUgkPWtQ
OoGDpI7XdTapkiIpYBYJdTfdS3EqYswC+tn27v1iBnszLU3ugs6AHqwV1vlOKbp+
NnPM4Q/r9M13L2bIZZ39Sd+LvS72G3bj+I/8DxDKbo68wj/xF0OvJpQe152STBcL
hIl7JyyT3UcfSWsOTOxvQQCLGzZWnbd8JQumBwTdY+WQW8P+6LfV1j9oqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtaF8mmcraZnA1BqQYED3yEdvBuMB8GA1UdIwQY
MBaAFD6pSvgxGMk//os2J17VNJlNZ6LdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEt
Mjk1N2FmYjE0Nzk0LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEtMjk1N2FmYjE0Nzk0
LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHF+pfcIK
rFW4GjxUZex72WNjhS5MtT8+x4zsXA38r/hmbPSyJX3KY6/4Ux2RHL2l2vnJlGR0
HbS79CmLE81+Rw2OKXe7OQ5lqXSyFpWEMpwhBwkbbPusx4JGpzLXGxq5sPcj++l1
mDyOAd9VSl/z7sBNpz3lRC7LAuVBB+ADqCdOK9Dj89zZTzk5JdjS7P/vP8AcLs9x
8l1PQsYG/ktSeBkDxnkAumOpqfoFaqjMcvN0b/Zf1APG95djEb4D7trEdVYOHZxt
SGuF8apdTorkM/J+cLo4OyB8MM1tw9EMqqqaZHY5rDzCB0AwdbiJxLH+85aTLBKA
ZpKoR1XBAVrNww==
-----END CERTIFICATE-----