Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
File:                     qQ_wEQVOz-aKitx94mit5sCCdxE.mft (raw, json)
Hash identifier:          jQ7RwmrQhhBs59gqgf+llfi2mD9krDusO4/Q6IHwokg=
Subject key identifier:   18:B1:7B:D6:97:EE:BE:25:C5:FC:F2:A3:BC:F6:1E:9A:56:41:05:03
Authority key identifier: A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
Certificate issuer:       /CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Certificate serial:       019D27049E2B58BD0295237B091F16EFF823
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:47 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:47 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:47 +0000
Files and hashes:         1: qQ_wEQVOz-aKitx94mit5sCCdxE.crl (hash: eopFsuANuC22EBduFz2m5l28vLx4NcjMXeVpesuAbA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:9e:2b:58:bd:02:95:23:7b:09:1f:16:ef:f8:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90ff011054ecfe68a8adc7de268ade6c0827711
        Validity
            Not Before: Mar 25 22:01:47 2026 GMT
            Not After : Mar 26 22:01:47 2026 GMT
        Subject: CN=18b17bd697eebe25c5fcf2a3bcf61e9a56410503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:db:6f:b9:dc:07:e0:56:ad:e9:24:3a:f6:74:
                    73:6d:6b:47:67:f7:b2:5b:3c:87:a3:90:48:21:7b:
                    5a:26:32:ea:9d:0b:56:76:ea:91:7b:b9:c3:e9:c4:
                    86:7b:6a:03:4a:ae:2f:85:dd:93:a6:34:97:4f:a6:
                    52:d5:28:d7:27:2e:97:bc:09:a9:57:e6:05:ca:55:
                    7d:c1:9b:62:1c:82:bc:3c:7f:d1:45:0c:6d:a3:4f:
                    21:e3:b5:a3:e3:2a:a1:f9:4b:92:85:59:22:34:a5:
                    6e:03:6e:bb:b3:22:ca:3a:b7:30:e0:77:46:c9:f7:
                    45:40:71:42:93:d8:0b:14:a6:6f:7e:55:25:55:fe:
                    ab:32:94:a1:3a:95:bf:89:08:10:b7:16:f2:f3:5e:
                    a0:ff:30:22:ac:fc:23:51:93:6e:63:99:ef:24:20:
                    68:dc:0d:20:e4:9f:1e:f4:75:b2:39:de:a5:ab:5d:
                    fb:69:56:88:fd:2b:3e:6f:5b:79:28:9b:8a:a6:04:
                    7a:76:61:39:60:bc:4a:00:f7:49:09:a9:01:52:c9:
                    00:6c:c2:0d:17:bd:b4:a9:34:78:e8:89:20:22:d6:
                    a8:f5:91:41:c1:d5:5d:f2:09:96:27:1b:eb:79:a6:
                    51:70:80:ea:ae:7c:9b:06:49:96:00:a1:be:12:68:
                    be:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:B1:7B:D6:97:EE:BE:25:C5:FC:F2:A3:BC:F6:1E:9A:56:41:05:03
            X509v3 Authority Key Identifier:
                keyid:A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:5e:0d:32:b6:b4:97:b0:aa:e9:15:95:30:3e:78:c7:5c:4c:
         1c:e1:66:a6:00:d8:40:a5:b9:3b:bb:ec:11:db:53:67:9d:4b:
         97:ff:97:dd:62:b4:d6:df:f5:a7:67:ff:f6:58:75:7d:b9:d9:
         f1:13:a0:70:ab:81:93:4b:45:4e:e2:e9:76:e7:ea:d2:0b:3b:
         66:63:3a:cd:2d:d3:c0:ae:8f:68:99:76:0e:2a:35:bf:14:2a:
         b7:be:d5:45:2c:62:49:93:9f:a4:11:03:56:70:54:bd:68:0c:
         82:99:53:0d:8c:70:6a:60:d9:55:61:bd:19:49:fb:38:d7:fc:
         34:0b:6c:6f:6c:5a:92:ae:c3:6d:e6:b8:45:a3:9a:c6:75:54:
         44:23:bb:2c:59:1b:60:16:9d:52:d1:db:04:4b:da:b4:23:d5:
         b0:a3:33:a9:ec:5f:a4:ab:76:8f:0e:74:a4:06:60:ee:9c:37:
         b2:32:55:1b:18:6a:ed:ea:3b:23:fe:50:9b:4d:84:e1:34:3c:
         a5:de:2d:82:b8:26:c0:ea:79:e2:95:fe:5b:3a:dd:84:ce:4f:
         c2:13:fd:80:73:68:8b:c5:d7:f4:1a:c2:b1:56:16:0b:63:34:
         f8:8d:cd:5b:b3:21:5a:7b:d0:26:0e:96:12:67:89:d7:66:d9:
         6f:86:41:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJ4rWL0ClSN7CR8W7/gjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGZmMDExMDU0ZWNmZTY4YThhZGM3ZGUyNjhhZGU2YzA4
Mjc3MTEwHhcNMjYwMzI1MjIwMTQ3WhcNMjYwMzI2MjIwMTQ3WjAzMTEwLwYDVQQD
EygxOGIxN2JkNjk3ZWViZTI1YzVmY2YyYTNiY2Y2MWU5YTU2NDEwNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAittvudwH4Fat6SQ69nRzbWtHZ/ey
WzyHo5BIIXtaJjLqnQtWduqRe7nD6cSGe2oDSq4vhd2TpjSXT6ZS1SjXJy6XvAmp
V+YFylV9wZtiHIK8PH/RRQxto08h47Wj4yqh+UuShVkiNKVuA267syLKOrcw4HdG
yfdFQHFCk9gLFKZvflUlVf6rMpShOpW/iQgQtxby816g/zAirPwjUZNuY5nvJCBo
3A0g5J8e9HWyOd6lq137aVaI/Ss+b1t5KJuKpgR6dmE5YLxKAPdJCakBUskAbMIN
F720qTR46IkgItao9ZFBwdVd8gmWJxvreaZRcIDqrnybBkmWAKG+Emi+AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBixe9aX7r4lxfzyo7z2HppWQQUDMB8GA1UdIwQY
MBaAFKkP8BEFTs/miorcfeJorebAgncRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMt
ZTk5Mjc3MDM3YTQzLzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMtZTk5Mjc3MDM3YTQz
LzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiV4NMra0
l7Cq6RWVMD54x1xMHOFmpgDYQKW5O7vsEdtTZ51Ll/+X3WK01t/1p2f/9lh1fbnZ
8ROgcKuBk0tFTuLpdufq0gs7ZmM6zS3TwK6PaJl2Dio1vxQqt77VRSxiSZOfpBED
VnBUvWgMgplTDYxwamDZVWG9GUn7ONf8NAtsb2xakq7Dbea4RaOaxnVURCO7LFkb
YBadUtHbBEvatCPVsKMzqexfpKt2jw50pAZg7pw3sjJVGxhq7eo7I/5Qm02E4TQ8
pd4tgrgmwOp54pX+WzrdhM5PwhP9gHNoi8XX9BrCsVYWC2M0+I3NW7MhWnvQJg6W
EmeJ12bZb4ZB0w==
-----END CERTIFICATE-----