Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          SzgcK1yxlPDTCTrMn1XCgnzv4XohO4iB1OYzUKyh/xg=
Subject key identifier:   92:55:78:29:83:37:B0:28:1C:76:36:A0:E4:C5:99:5A:7C:7B:72:50
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       019D2816E3A85E54772CC8DED92DC4D3FA5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0E35
Signing time:             Thu 26 Mar 2026 03:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:21 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: KLtIdKQvax3GGMO7jqpXWhY2hURP8N97KJuCPMGpfTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:e3:a8:5e:54:77:2c:c8:de:d9:2d:c4:d3:fa:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: Mar 26 03:01:21 2026 GMT
            Not After : Mar 27 03:01:21 2026 GMT
        Subject: CN=925578298337b0281c7636a0e4c5995a7c7b7250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:32:0b:44:4e:1a:e6:3f:59:ab:a8:fa:5c:f6:
                    e7:58:d9:f5:4b:50:ca:66:37:92:41:dc:b4:63:05:
                    3b:f2:6d:ad:5c:a2:b7:6b:43:97:52:f7:78:24:6d:
                    fe:5a:47:f2:8d:df:c3:9b:3c:b5:7d:b1:a6:b6:f9:
                    19:12:61:64:d2:c7:70:57:8f:98:12:8a:33:8e:14:
                    d5:da:0a:36:56:7b:2e:c3:44:35:ed:eb:7b:7d:19:
                    85:f2:9b:bc:62:66:38:ba:34:73:2f:d2:49:a0:a1:
                    b7:67:f5:83:7a:0f:08:13:01:75:39:c3:74:df:54:
                    fe:eb:f4:67:f1:ea:bf:b8:a1:b6:8f:88:26:36:47:
                    d1:a5:79:b2:74:ca:9f:9b:7a:ce:77:40:af:b1:e4:
                    42:59:b3:7d:ac:a8:40:54:d4:32:a0:60:44:f3:c1:
                    9c:2c:39:83:a6:fe:35:0a:35:83:59:a9:58:2e:a3:
                    7f:4d:e2:15:a4:ba:48:82:1a:fe:21:6e:f4:61:d0:
                    cb:7a:19:90:2b:84:d5:bc:72:58:16:74:c4:e8:6d:
                    83:69:49:0b:d9:aa:35:9e:9c:a0:70:a1:96:f9:ea:
                    1b:60:34:7f:2e:38:3c:5a:58:69:db:86:11:82:cd:
                    dc:e0:02:f6:52:41:f8:6f:3d:9f:c2:27:a3:1d:b6:
                    b7:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:55:78:29:83:37:B0:28:1C:76:36:A0:E4:C5:99:5A:7C:7B:72:50
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:0d:7e:c1:24:a9:17:12:5c:0e:76:c3:0e:0e:cb:01:a5:b0:
         fe:88:b7:53:6a:59:2e:2b:7e:af:06:24:2c:64:6b:00:7d:8e:
         3b:e0:b8:87:79:13:a1:8b:d1:fc:67:6a:b4:1d:15:45:f1:09:
         2d:88:12:84:62:0f:34:fe:e1:f1:b6:dd:7d:d7:52:2b:9e:96:
         a7:23:93:e6:8b:1a:6f:55:18:d7:a7:67:10:3a:3a:04:07:a1:
         c9:e6:08:16:b7:d7:58:b7:92:9e:bb:40:6e:a4:76:04:9a:31:
         b2:98:e0:04:c6:12:0d:38:b8:b8:62:9c:05:54:6f:87:cc:f6:
         c4:6e:79:06:9c:3e:d1:d9:d5:f3:70:2b:e2:51:6a:35:69:5c:
         84:d6:9e:b9:66:d8:4f:16:4d:b2:06:9b:25:39:38:13:9f:90:
         dd:6a:20:ea:20:08:fc:ea:cd:3e:ea:5a:ee:42:31:5f:49:ca:
         cb:62:38:e6:3c:09:44:66:0c:46:fb:21:a9:1b:63:70:dd:c5:
         50:0d:bd:c2:d8:6f:3f:ac:46:f9:a2:a2:ec:67:73:15:74:27:
         c6:06:0a:50:d9:b9:f6:6f:fe:ac:d7:89:53:bd:b5:c6:24:1b:
         9d:d6:7b:3d:60:ac:c6:39:74:67:c0:47:a9:a7:6f:18:95:b5:
         90:90:9d:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFuOoXlR3LMje2S3E0/peMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjYwMzI2MDMwMTIxWhcNMjYwMzI3MDMwMTIxWjAzMTEwLwYDVQQD
Eyg5MjU1NzgyOTgzMzdiMDI4MWM3NjM2YTBlNGM1OTk1YTdjN2I3MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDILRE4a5j9Zq6j6XPbnWNn1S1DK
ZjeSQdy0YwU78m2tXKK3a0OXUvd4JG3+Wkfyjd/Dmzy1fbGmtvkZEmFk0sdwV4+Y
EoozjhTV2go2Vnsuw0Q17et7fRmF8pu8YmY4ujRzL9JJoKG3Z/WDeg8IEwF1OcN0
31T+6/Rn8eq/uKG2j4gmNkfRpXmydMqfm3rOd0CvseRCWbN9rKhAVNQyoGBE88Gc
LDmDpv41CjWDWalYLqN/TeIVpLpIghr+IW70YdDLehmQK4TVvHJYFnTE6G2DaUkL
2ao1npygcKGW+eobYDR/Ljg8Wlhp24YRgs3c4AL2UkH4bz2fwiejHba3QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJVeCmDN7AoHHY2oOTFmVp8e3JQMB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADw1+wSSp
FxJcDnbDDg7LAaWw/oi3U2pZLit+rwYkLGRrAH2OO+C4h3kToYvR/GdqtB0VRfEJ
LYgShGIPNP7h8bbdfddSK56WpyOT5osab1UY16dnEDo6BAehyeYIFrfXWLeSnrtA
bqR2BJoxspjgBMYSDTi4uGKcBVRvh8z2xG55Bpw+0dnV83Ar4lFqNWlchNaeuWbY
TxZNsgabJTk4E5+Q3Wog6iAI/OrNPupa7kIxX0nKy2I45jwJRGYMRvshqRtjcN3F
UA29wthvP6xG+aKi7GdzFXQnxgYKUNm59m/+rNeJU721xiQbndZ7PWCsxjl0Z8BH
qadvGJW1kJCd+w==
-----END CERTIFICATE-----