Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
File:                     Q9JznRqU2rlXbiF80N-FdyBLIwA.mft (raw, json)
Hash identifier:          8xXGCwQkOxTh4MZB5PxctKT2DYcoe/Pf5ba9T9C3cEc=
Subject key identifier:   88:06:EB:3D:92:C7:E8:83:60:1C:8F:2D:C5:2A:09:D1:7D:59:CB:6F
Authority key identifier: 43:D2:73:9D:1A:94:DA:B9:57:6E:21:7C:D0:DF:85:77:20:4B:23:00
Certificate issuer:       /CN=43d2739d1a94dab9576e217cd0df8577204b2300
Certificate serial:       019D329AF652DF4DA9603DB1BB8ABA72367C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
Manifest number:          05E3
Signing time:             Sat 28 Mar 2026 04:01:49 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:49 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:49 +0000
Files and hashes:         1: Q9JznRqU2rlXbiF80N-FdyBLIwA.crl (hash: Up2a/9tH5/Br6mhBStmExfV8CGrLHJOtMFQPadvOZj0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:f6:52:df:4d:a9:60:3d:b1:bb:8a:ba:72:36:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d2739d1a94dab9576e217cd0df8577204b2300
        Validity
            Not Before: Mar 28 04:01:49 2026 GMT
            Not After : Mar 29 04:01:49 2026 GMT
        Subject: CN=8806eb3d92c7e883601c8f2dc52a09d17d59cb6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:dc:d5:58:90:61:36:40:33:eb:6c:1b:e5:cc:
                    26:ba:fc:d7:9f:50:58:5e:a3:8d:a1:45:57:d5:65:
                    e5:3b:97:d8:eb:4b:8b:45:b7:e5:1f:95:e6:8d:f0:
                    ba:97:83:97:8c:90:14:08:23:00:3a:29:ba:8b:6a:
                    41:14:8f:6d:04:02:0a:a1:f0:2f:c3:cc:e9:de:fc:
                    93:b1:cd:8e:c0:3d:27:ba:ee:be:f9:48:e9:76:b6:
                    79:01:5a:f1:10:55:68:e5:27:63:50:96:50:0c:4c:
                    b8:8a:dc:15:e4:53:f2:d2:d2:bc:ef:0d:48:fc:5f:
                    c3:f3:8e:14:c3:4e:74:fe:0b:3a:46:26:99:aa:75:
                    4b:d7:8f:43:00:bb:ac:a8:d2:3b:25:70:c9:7d:97:
                    28:1c:3d:85:61:50:17:d4:aa:f3:03:a3:4a:5c:58:
                    5e:73:d0:40:a1:2f:ba:64:23:8b:dd:24:72:0a:bb:
                    d6:d2:c5:b8:de:97:78:82:70:d6:29:41:02:c0:fd:
                    f5:bb:28:97:23:b7:26:ff:70:23:27:3a:15:30:9d:
                    93:86:30:34:bd:85:5e:cc:11:17:f1:1d:60:85:23:
                    6c:e2:79:04:19:1a:40:98:b8:93:d4:28:e7:50:36:
                    e1:52:3f:11:73:72:cc:41:e4:dc:08:3d:f9:18:3b:
                    3a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:06:EB:3D:92:C7:E8:83:60:1C:8F:2D:C5:2A:09:D1:7D:59:CB:6F
            X509v3 Authority Key Identifier:
                keyid:43:D2:73:9D:1A:94:DA:B9:57:6E:21:7C:D0:DF:85:77:20:4B:23:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:64:fa:eb:68:31:ff:7c:ca:f8:74:a3:d7:15:f6:92:2c:80:
         2f:85:12:07:b3:2b:76:d5:4f:3a:e5:e2:3b:3b:32:47:16:0f:
         2e:7c:d7:f4:cd:88:bf:94:9d:ed:b9:ec:9c:8b:1d:8d:ed:84:
         84:90:31:8f:4e:88:6d:7c:a9:1a:7e:04:84:55:d4:d4:f9:53:
         bb:ba:24:91:91:7e:4c:4a:fb:d1:b3:a2:ce:95:30:30:37:89:
         bc:a1:02:18:7a:4a:7e:19:53:d9:66:52:2b:96:53:25:44:ae:
         c5:fc:71:a0:95:f1:b3:82:a8:c0:76:b6:c0:0c:e8:b7:1c:2e:
         61:a0:30:6b:fd:36:73:fe:a9:0e:66:e3:19:e7:35:c3:d3:db:
         b9:2e:3a:99:06:3a:b9:6a:b8:0f:59:e4:c2:c6:40:f8:1d:7b:
         4e:e0:e0:56:17:63:d1:49:a9:74:15:32:f2:66:94:d9:c8:49:
         dc:21:18:49:f8:86:58:61:59:27:bd:a3:2e:2c:f2:16:c8:3a:
         fe:77:1a:43:c2:5b:86:ba:8a:4a:78:ef:0f:08:7f:62:a6:cd:
         f9:48:21:8f:36:fb:7f:22:b9:e8:d0:24:ce:d1:bc:ba:6e:d8:
         c3:51:9e:e5:7a:20:4c:1d:ba:bd:e1:4e:02:92:37:ce:ed:24:
         ef:21:dd:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymvZS302pYD2xu4q6cjZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDI3MzlkMWE5NGRhYjk1NzZlMjE3Y2QwZGY4NTc3MjA0
YjIzMDAwHhcNMjYwMzI4MDQwMTQ5WhcNMjYwMzI5MDQwMTQ5WjAzMTEwLwYDVQQD
Eyg4ODA2ZWIzZDkyYzdlODgzNjAxYzhmMmRjNTJhMDlkMTdkNTljYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NzVWJBhNkAz62wb5cwmuvzXn1BY
XqONoUVX1WXlO5fY60uLRbflH5XmjfC6l4OXjJAUCCMAOim6i2pBFI9tBAIKofAv
w8zp3vyTsc2OwD0nuu6++UjpdrZ5AVrxEFVo5SdjUJZQDEy4itwV5FPy0tK87w1I
/F/D844Uw050/gs6RiaZqnVL149DALusqNI7JXDJfZcoHD2FYVAX1KrzA6NKXFhe
c9BAoS+6ZCOL3SRyCrvW0sW43pd4gnDWKUECwP31uyiXI7cm/3AjJzoVMJ2ThjA0
vYVezBEX8R1ghSNs4nkEGRpAmLiT1CjnUDbhUj8Rc3LMQeTcCD35GDs6qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgG6z2Sx+iDYByPLcUqCdF9WctvMB8GA1UdIwQY
MBaAFEPSc50alNq5V24hfNDfhXcgSyMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ZmU1YzUtOWJhMi00ZTY2LWJhMmUt
YTQ0MzI2YTM5Zjk3LzEvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ZmU1YzUtOWJhMi00ZTY2LWJhMmUtYTQ0MzI2YTM5Zjk3
LzEvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALWT662gx
/3zK+HSj1xX2kiyAL4USB7MrdtVPOuXiOzsyRxYPLnzX9M2Iv5Sd7bnsnIsdje2E
hJAxj06IbXypGn4EhFXU1PlTu7okkZF+TEr70bOizpUwMDeJvKECGHpKfhlT2WZS
K5ZTJUSuxfxxoJXxs4KowHa2wAzotxwuYaAwa/02c/6pDmbjGec1w9PbuS46mQY6
uWq4D1nkwsZA+B17TuDgVhdj0UmpdBUy8maU2chJ3CEYSfiGWGFZJ72jLizyFsg6
/ncaQ8JbhrqKSnjvDwh/YqbN+Ughjzb7fyK56NAkztG8um7Yw1Ge5XogTB26veFO
ApI3zu0k7yHdbQ==
-----END CERTIFICATE-----