Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          FpYdT3wCz4pZbwhrGZJWK5x0HSnZsfTObKdyPSxEn8o=
Subject key identifier:   80:0D:43:20:DA:38:30:6E:65:55:86:A2:40:34:F7:F1:A8:E8:6F:4A
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       019CAE34F8A9E01FE4C13857C036746D44BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          07A4
Signing time:             Mon 02 Mar 2026 11:00:32 +0000
Manifest this update:     Mon 02 Mar 2026 11:00:32 +0000
Manifest next update:     Tue 03 Mar 2026 11:00:32 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: N00yDlUDXXst5Kp+bQtS8o6BkVUdJNuwV4T0Qquhtoo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 11:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:34:f8:a9:e0:1f:e4:c1:38:57:c0:36:74:6d:44:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: Mar  2 11:00:32 2026 GMT
            Not After : Mar  3 11:00:32 2026 GMT
        Subject: CN=800d4320da38306e655586a24034f7f1a8e86f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e5:b9:31:2d:a8:18:8a:d3:1c:e8:24:ef:b8:
                    9a:bf:7b:3b:11:93:82:39:a8:17:43:5d:21:cf:d5:
                    4e:a7:9b:97:cd:98:8d:9f:b6:52:38:e7:86:76:4e:
                    fc:5f:6c:f5:59:44:25:b0:2d:30:14:9b:b5:b6:71:
                    96:1c:aa:5c:f9:8e:38:83:4e:b4:5f:47:4a:f4:d3:
                    30:3c:44:b3:08:17:db:14:a6:95:cd:94:d7:3d:a0:
                    77:64:e9:d4:94:8c:fc:f2:68:5c:65:de:fc:7d:05:
                    f5:24:14:24:a0:f0:de:42:7d:ee:b6:aa:80:00:ba:
                    0d:43:4b:05:90:5a:f2:8c:c3:d5:97:de:55:50:02:
                    c8:de:84:be:8c:86:60:a6:bc:fa:fd:a6:94:dc:c6:
                    99:52:34:71:a5:70:29:3e:5e:b0:22:1a:90:34:f7:
                    5f:49:19:89:e4:aa:f9:70:97:d5:e1:8c:c5:a3:8c:
                    bc:36:64:75:e2:51:23:e7:aa:c2:34:41:c5:1c:0d:
                    7b:7c:e1:42:4a:e0:0e:da:9e:c0:1a:90:90:aa:b4:
                    13:54:4f:8f:2a:2a:7a:06:7d:3d:78:31:3d:84:b1:
                    7a:d6:3f:12:9b:58:b4:b0:c5:28:4a:da:35:75:b5:
                    b5:44:eb:93:b4:70:92:bd:15:cc:d0:d3:6a:a9:25:
                    46:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:0D:43:20:DA:38:30:6E:65:55:86:A2:40:34:F7:F1:A8:E8:6F:4A
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:48:18:45:00:d2:5a:5f:d5:a5:b5:14:df:89:d3:f0:6f:dc:
         a3:f7:b9:d6:da:34:80:4f:da:c8:87:69:cd:76:ba:21:39:64:
         fb:88:30:9b:c1:db:b6:8f:54:c3:d6:fa:a8:1e:0c:e8:43:a6:
         3c:c6:8e:86:08:9c:9f:28:39:b5:56:06:ab:5d:8f:1a:f9:eb:
         d4:fb:d6:70:89:19:77:c4:9e:81:6c:8c:4b:b1:b0:0d:9d:c0:
         d0:c4:45:7b:87:c2:a0:bc:4e:07:84:e6:c5:e4:9b:9e:a8:7f:
         d5:42:5c:94:3b:d9:fd:1a:b5:4f:68:7b:c5:89:45:1e:90:72:
         07:63:56:b7:67:92:48:c5:e1:da:af:7d:0a:1e:5c:fb:02:cf:
         43:c9:61:d7:a2:f7:60:0f:91:8e:88:bc:f5:f1:b5:2d:6a:a3:
         e0:2d:71:9a:db:9d:0b:7b:e8:a1:03:86:00:97:5b:a4:79:56:
         23:d3:0b:e7:a9:a1:15:ee:6b:6e:51:d4:e7:bb:09:f6:01:e8:
         1d:f0:27:35:96:6b:d5:06:70:44:b3:7f:f1:1e:ad:55:9b:0c:
         e8:20:16:ec:d6:7b:4c:93:59:79:7c:9d:46:23:75:94:22:ac:
         6e:c6:f1:8b:c2:76:14:30:83:b6:4c:ef:10:16:6e:e1:8a:32:
         ed:e0:38:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNPip4B/kwThXwDZ0bUS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjYwMzAyMTEwMDMyWhcNMjYwMzAzMTEwMDMyWjAzMTEwLwYDVQQD
Eyg4MDBkNDMyMGRhMzgzMDZlNjU1NTg2YTI0MDM0ZjdmMWE4ZTg2ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+W5MS2oGIrTHOgk77iav3s7EZOC
OagXQ10hz9VOp5uXzZiNn7ZSOOeGdk78X2z1WUQlsC0wFJu1tnGWHKpc+Y44g060
X0dK9NMwPESzCBfbFKaVzZTXPaB3ZOnUlIz88mhcZd78fQX1JBQkoPDeQn3utqqA
ALoNQ0sFkFryjMPVl95VUALI3oS+jIZgprz6/aaU3MaZUjRxpXApPl6wIhqQNPdf
SRmJ5Kr5cJfV4YzFo4y8NmR14lEj56rCNEHFHA17fOFCSuAO2p7AGpCQqrQTVE+P
Kip6Bn09eDE9hLF61j8Sm1i0sMUoSto1dbW1ROuTtHCSvRXM0NNqqSVGoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIANQyDaODBuZVWGokA09/Go6G9KMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEgYRQDS
Wl/VpbUU34nT8G/co/e51to0gE/ayIdpzXa6ITlk+4gwm8Hbto9Uw9b6qB4M6EOm
PMaOhgicnyg5tVYGq12PGvnr1PvWcIkZd8SegWyMS7GwDZ3A0MRFe4fCoLxOB4Tm
xeSbnqh/1UJclDvZ/Rq1T2h7xYlFHpByB2NWt2eSSMXh2q99Ch5c+wLPQ8lh16L3
YA+Rjoi89fG1LWqj4C1xmtudC3vooQOGAJdbpHlWI9ML56mhFe5rblHU57sJ9gHo
HfAnNZZr1QZwRLN/8R6tVZsM6CAW7NZ7TJNZeXydRiN1lCKsbsbxi8J2FDCDtkzv
EBZu4Yoy7eA4sw==
-----END CERTIFICATE-----