Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          39ZfPUmhWu7937G9n/htor6Ys/tAwm529yWN06GaFGE=
Subject key identifier:   B5:BC:7D:0E:6A:36:01:34:19:95:8D:6C:DF:03:C2:7A:64:26:B1:0C
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       019D27722294898C1197D37B90505B3835EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 00:01:24 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:24 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:24 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: YbhCFJ5FKB2s9blCVbCBdMDug2qJpTG3ikallanVv3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:22:94:89:8c:11:97:d3:7b:90:50:5b:38:35:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Mar 26 00:01:24 2026 GMT
            Not After : Mar 27 00:01:24 2026 GMT
        Subject: CN=b5bc7d0e6a36013419958d6cdf03c27a6426b10c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:4f:ae:fc:7f:d7:3f:20:c7:5c:27:32:75:6b:
                    29:82:b5:7b:b6:3f:23:5d:95:0d:ab:56:d1:95:6a:
                    6d:99:64:36:64:fc:68:aa:f6:b7:17:79:e7:e9:ff:
                    e9:e9:1c:c6:5a:0b:31:6c:22:a6:f5:b5:c4:bd:59:
                    0a:81:dd:e0:72:56:63:dc:a3:77:c3:07:4e:3c:3c:
                    c0:cb:6d:29:da:f1:10:6a:38:89:35:1d:d9:ed:33:
                    5b:0d:63:fd:b0:82:01:01:81:08:15:cb:fa:24:17:
                    ac:4b:c6:82:99:83:ab:e7:c2:8b:79:a6:eb:bb:7b:
                    48:31:e8:b0:41:ff:ab:61:ae:d0:5f:bf:95:1d:0b:
                    68:29:fa:a2:df:1e:d3:66:b9:6b:33:2d:45:de:23:
                    96:a1:99:24:54:21:c4:f7:3d:85:7b:1c:cb:a3:0d:
                    5e:a8:b2:cd:c7:02:b0:4b:3b:25:5c:ac:b7:a8:d5:
                    20:25:96:a8:6a:3c:b4:ad:e5:7b:07:26:4f:8a:53:
                    32:4a:25:3e:fb:84:52:57:12:11:d1:18:f2:cb:30:
                    9e:b0:a9:26:3b:1b:9f:5f:e4:fc:a0:30:17:06:12:
                    48:12:83:77:0b:77:1c:c2:26:b5:93:d9:46:08:3d:
                    49:89:54:8b:81:2d:ea:5e:65:fd:3e:db:a1:e9:59:
                    e6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:BC:7D:0E:6A:36:01:34:19:95:8D:6C:DF:03:C2:7A:64:26:B1:0C
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:ed:b7:e5:46:be:09:2d:cd:d5:ca:e9:0e:ef:24:5d:c5:6c:
         1b:26:b7:d9:58:8f:27:fe:ac:c2:ab:71:9b:c9:19:79:51:e3:
         fe:7f:84:b5:79:e0:f9:a7:da:98:eb:a5:8b:c6:71:08:2b:c2:
         bd:96:ce:ad:63:10:02:77:83:8e:0f:7d:ea:b8:62:82:e4:ed:
         e3:b5:93:b8:32:04:22:9d:67:15:4d:20:f6:3b:2c:c6:0c:9d:
         43:19:c7:72:5c:00:7b:b9:4c:11:32:a6:0d:ff:7a:7f:ea:a9:
         a7:cf:81:58:a5:63:15:c6:c6:05:1f:d1:f7:a9:9c:f1:42:29:
         d9:1e:6b:81:54:01:61:0c:64:34:82:ad:d3:14:68:d5:b3:a3:
         77:10:2e:de:19:39:f3:e4:94:7a:f6:f2:49:d1:28:67:f6:bd:
         5a:e0:3e:20:b8:47:e3:a4:3c:1b:f4:91:af:11:c6:c2:2a:28:
         52:f1:98:99:a2:39:dd:51:88:40:ff:f8:76:ce:ac:50:76:0f:
         9d:f7:f2:6a:14:74:57:21:78:9e:7c:26:e9:e4:8b:18:87:17:
         ac:d3:f5:9b:7e:33:e3:a1:c4:29:63:1a:6e:a0:a6:32:d0:9c:
         31:d2:d8:b6:52:a5:7c:ab:83:2f:8f:20:f6:f5:ca:8d:c9:c9:
         36:81:83:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nciKUiYwRl9N7kFBbODXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjYwMzI2MDAwMTI0WhcNMjYwMzI3MDAwMTI0WjAzMTEwLwYDVQQD
EyhiNWJjN2QwZTZhMzYwMTM0MTk5NThkNmNkZjAzYzI3YTY0MjZiMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7k+u/H/XPyDHXCcydWspgrV7tj8j
XZUNq1bRlWptmWQ2ZPxoqva3F3nn6f/p6RzGWgsxbCKm9bXEvVkKgd3gclZj3KN3
wwdOPDzAy20p2vEQajiJNR3Z7TNbDWP9sIIBAYEIFcv6JBesS8aCmYOr58KLeabr
u3tIMeiwQf+rYa7QX7+VHQtoKfqi3x7TZrlrMy1F3iOWoZkkVCHE9z2FexzLow1e
qLLNxwKwSzslXKy3qNUgJZaoajy0reV7ByZPilMySiU++4RSVxIR0RjyyzCesKkm
OxufX+T8oDAXBhJIEoN3C3ccwia1k9lGCD1JiVSLgS3qXmX9Ptuh6VnmZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLW8fQ5qNgE0GZWNbN8DwnpkJrEMMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAie235Ua+
CS3N1crpDu8kXcVsGya32ViPJ/6swqtxm8kZeVHj/n+EtXng+afamOuli8ZxCCvC
vZbOrWMQAneDjg996rhiguTt47WTuDIEIp1nFU0g9jssxgydQxnHclwAe7lMETKm
Df96f+qpp8+BWKVjFcbGBR/R96mc8UIp2R5rgVQBYQxkNIKt0xRo1bOjdxAu3hk5
8+SUevbySdEoZ/a9WuA+ILhH46Q8G/SRrxHGwiooUvGYmaI53VGIQP/4ds6sUHYP
nffyahR0VyF4nnwm6eSLGIcXrNP1m34z46HEKWMabqCmMtCcMdLYtlKlfKuDL48g
9vXKjcnJNoGDpg==
-----END CERTIFICATE-----