Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          uSXuFMWcQx+7BPbOzv1dzD22iAcBYMi4U3+VaUgRngU=
Subject key identifier:   D1:37:64:66:F1:64:3F:EF:D9:0F:95:CA:EC:B7:7A:30:B6:0C:36:E1
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019D9BBEE48E315F94C58673E70F00D09F8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          081F
Signing time:             Fri 17 Apr 2026 14:01:11 +0000
Manifest this update:     Fri 17 Apr 2026 14:01:11 +0000
Manifest next update:     Sat 18 Apr 2026 14:01:11 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: v4dodpRhk7pg/INzlmEwDAsmKR7kRp7SRa0yTHxRXi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:e4:8e:31:5f:94:c5:86:73:e7:0f:00:d0:9f:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Apr 17 14:01:11 2026 GMT
            Not After : Apr 18 14:01:11 2026 GMT
        Subject: CN=d1376466f1643fefd90f95caecb77a30b60c36e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:16:b4:73:4d:27:1f:cb:88:ae:8e:4f:ad:3c:
                    3d:a1:ad:36:f8:07:41:b9:d3:cf:01:30:5f:14:48:
                    a8:b7:c2:5c:0b:23:f5:89:5d:47:66:52:64:ab:77:
                    91:7f:a0:f8:4d:c2:6a:b5:d5:ae:68:94:6e:9e:ae:
                    61:9f:66:a8:95:50:27:d3:61:1f:de:44:a5:4a:8f:
                    30:ff:96:cd:5c:f2:7c:13:4e:8f:03:f6:b6:79:5a:
                    8a:32:da:f3:10:18:a1:3b:a5:17:18:f4:0f:97:01:
                    e0:7b:89:a5:62:c7:82:69:c9:a8:54:92:59:a2:9b:
                    6a:00:3a:78:bf:b5:1c:5e:ac:89:d1:7b:4c:7b:ae:
                    41:91:97:d4:ed:dd:5a:be:ad:49:84:4a:96:99:fa:
                    fe:fd:49:d8:0b:7d:e9:83:be:c1:41:40:65:fb:27:
                    12:a4:82:67:f0:c5:39:e6:d4:1b:0c:b6:c6:20:cc:
                    08:65:b1:88:0a:96:1c:2b:dc:44:1a:5a:f0:33:66:
                    39:f6:08:9d:ab:c3:af:63:ad:f2:9c:48:5a:b0:7d:
                    94:59:7b:20:4e:a6:bd:5c:73:99:82:aa:5b:eb:e1:
                    ff:5b:ed:ca:1c:2f:51:b7:a6:38:5f:f9:b2:2b:4f:
                    d4:7b:59:0c:c3:0f:ce:99:90:5d:47:5d:ca:a2:5d:
                    90:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:37:64:66:F1:64:3F:EF:D9:0F:95:CA:EC:B7:7A:30:B6:0C:36:E1
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:7f:1f:36:db:e9:2f:54:ac:65:03:a7:3e:9a:da:c5:64:85:
         5e:73:4b:2b:0c:71:c1:82:16:41:b7:01:e9:ec:bb:dc:79:f0:
         0b:28:0c:75:65:86:d1:ca:38:12:24:ad:b8:b3:a0:54:7b:ef:
         f7:7a:39:c6:31:db:1b:92:a1:d0:eb:42:08:9a:60:86:a5:86:
         43:e7:b1:9e:84:2c:f3:4e:66:d1:3a:9a:ed:37:2f:09:d4:a0:
         43:bf:b8:a2:bc:9b:4d:d3:ce:d1:39:60:fe:99:50:a4:f9:ab:
         ea:2e:5f:07:5f:db:6a:b4:64:cd:db:a6:89:c9:07:ae:03:91:
         5b:26:73:75:d0:f0:a0:7c:13:fe:82:be:d8:cd:9d:9f:72:96:
         97:7d:c6:35:1a:1c:37:5e:f7:88:82:4d:9e:dd:9f:fc:93:f9:
         a1:fb:d1:b8:f6:c4:fe:f2:81:1b:77:61:d4:c4:bd:12:f0:3c:
         b1:df:d8:df:9f:4a:c0:95:c9:e9:0d:c5:37:a0:70:90:ad:f0:
         92:08:8f:48:4c:a9:2b:e0:50:12:e1:73:ac:7b:15:da:c5:4e:
         bb:b5:b3:fc:25:9b:c3:9c:00:41:47:f7:15:4f:ca:69:2c:8d:
         8e:64:b7:11:74:43:41:a7:e5:10:b2:1f:07:97:3c:76:5f:68:
         33:e4:a7:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvuSOMV+UxYZz5w8A0J+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjYwNDE3MTQwMTExWhcNMjYwNDE4MTQwMTExWjAzMTEwLwYDVQQD
EyhkMTM3NjQ2NmYxNjQzZmVmZDkwZjk1Y2FlY2I3N2EzMGI2MGMzNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxa0c00nH8uIro5PrTw9oa02+AdB
udPPATBfFEiot8JcCyP1iV1HZlJkq3eRf6D4TcJqtdWuaJRunq5hn2aolVAn02Ef
3kSlSo8w/5bNXPJ8E06PA/a2eVqKMtrzEBihO6UXGPQPlwHge4mlYseCacmoVJJZ
optqADp4v7UcXqyJ0XtMe65BkZfU7d1avq1JhEqWmfr+/UnYC33pg77BQUBl+ycS
pIJn8MU55tQbDLbGIMwIZbGICpYcK9xEGlrwM2Y59gidq8OvY63ynEhasH2UWXsg
Tqa9XHOZgqpb6+H/W+3KHC9Rt6Y4X/myK0/Ue1kMww/OmZBdR13Kol2QQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNE3ZGbxZD/v2Q+Vyuy3ejC2DDbhMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn38fNtvp
L1SsZQOnPpraxWSFXnNLKwxxwYIWQbcB6ey73HnwCygMdWWG0co4EiStuLOgVHvv
93o5xjHbG5Kh0OtCCJpghqWGQ+exnoQs805m0Tqa7TcvCdSgQ7+4orybTdPO0Tlg
/plQpPmr6i5fB1/barRkzdumickHrgORWyZzddDwoHwT/oK+2M2dn3KWl33GNRoc
N173iIJNnt2f/JP5ofvRuPbE/vKBG3dh1MS9EvA8sd/Y359KwJXJ6Q3FN6BwkK3w
kgiPSEypK+BQEuFzrHsV2sVOu7Wz/CWbw5wAQUf3FU/KaSyNjmS3EXRDQaflELIf
B5c8dl9oM+SnAw==
-----END CERTIFICATE-----