Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          CHuqjvaWc4uhLtwN+4i9ioMLtPx0gDmPSCy5T/XaVHc=
Subject key identifier:   C4:DA:45:E4:99:27:F0:32:67:FD:D3:15:09:E4:9B:DD:12:DC:A3:D1
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       019CABD9390BE0450AE55CA817CCE78AC247
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 00:01:05 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:05 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:05 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: pJdDo0Wi4l1qc+6SFK+cmqeaGZZ8XrPs+2e2RI4wduw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:39:0b:e0:45:0a:e5:5c:a8:17:cc:e7:8a:c2:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Mar  2 00:01:05 2026 GMT
            Not After : Mar  3 00:01:05 2026 GMT
        Subject: CN=c4da45e49927f03267fdd31509e49bdd12dca3d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:07:73:be:5c:fe:41:83:88:aa:4f:1a:e8:d6:
                    73:eb:3d:a4:7b:fc:d7:34:80:6e:45:9a:22:04:27:
                    69:49:32:f6:d1:97:c3:bc:c9:5d:65:b4:eb:b4:f0:
                    43:3f:34:37:f2:50:2f:11:b6:fb:d9:e7:66:5f:18:
                    26:ba:36:f1:86:0a:62:14:64:56:12:b8:9d:2b:0a:
                    58:d1:3d:c5:4c:5c:bc:be:08:28:6d:f0:01:a0:12:
                    62:14:dd:b0:5c:98:3a:3a:a5:f1:31:81:2c:ee:35:
                    fd:a0:26:19:5e:1c:1a:84:5c:74:6c:e4:bd:50:91:
                    14:60:59:7c:e7:2a:ca:16:12:c7:63:b0:60:49:22:
                    ae:0d:39:2b:12:0d:d0:08:f2:c1:f3:64:7b:fd:57:
                    49:85:b1:98:49:4c:4d:84:f1:d5:f4:74:e7:da:18:
                    ea:b4:1b:4b:07:71:00:3f:0e:3d:b1:b6:b5:89:84:
                    16:98:b5:86:73:e4:13:63:e8:18:26:8f:bd:05:f2:
                    85:22:86:a3:78:09:9a:7f:22:3f:11:19:1c:7a:9d:
                    d1:6f:dc:8c:4b:72:c4:06:ce:c1:cd:74:6c:35:8f:
                    90:7d:28:bd:db:23:ac:15:b4:7e:c8:84:7b:cc:5f:
                    e8:95:65:47:a4:8b:4a:5b:5a:09:a5:0c:2f:cb:2a:
                    cd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:DA:45:E4:99:27:F0:32:67:FD:D3:15:09:E4:9B:DD:12:DC:A3:D1
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:75:4b:f9:7f:92:a7:a1:ec:a2:eb:a6:3d:59:a2:01:6c:d8:
         a4:d9:16:68:7c:95:01:c6:db:0d:ba:86:7b:ce:97:5c:46:6e:
         ab:7f:21:1e:e6:6c:95:de:43:07:0a:68:23:28:f5:d7:51:99:
         22:86:64:50:2d:d9:9e:03:86:f9:32:aa:8a:20:13:0f:9f:3c:
         5e:59:07:56:51:ec:7a:fe:76:b3:06:bd:f2:1a:45:24:d3:4c:
         ee:13:ba:aa:d6:a9:26:34:c9:e1:b0:86:9a:35:23:4f:d6:2e:
         44:61:34:24:28:88:8b:04:36:6a:5c:70:43:53:02:44:7d:90:
         58:f0:d5:c9:8a:69:01:d5:dd:95:23:ad:6a:17:3d:f0:2d:23:
         61:87:b8:73:f9:2b:80:8d:58:55:5f:2b:86:f7:a8:d1:e7:95:
         2a:67:4b:80:33:31:8e:b2:73:5d:16:7c:6e:c7:46:98:31:76:
         6e:b7:1d:ef:4c:2b:f2:dd:49:63:3e:00:1e:fa:f3:12:0d:f6:
         d2:7d:f2:d1:13:21:ec:e6:87:fd:23:5a:58:c9:60:55:36:71:
         26:81:c9:9a:18:fe:4c:74:91:46:ef:57:41:7b:e3:46:64:de:
         11:45:2a:81:03:74:36:4c:a4:c0:d0:ec:1d:ee:39:0c:22:10:
         ec:e5:c2:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2TkL4EUK5VyoF8znisJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjYwMzAyMDAwMTA1WhcNMjYwMzAzMDAwMTA1WjAzMTEwLwYDVQQD
EyhjNGRhNDVlNDk5MjdmMDMyNjdmZGQzMTUwOWU0OWJkZDEyZGNhM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAdzvlz+QYOIqk8a6NZz6z2ke/zX
NIBuRZoiBCdpSTL20ZfDvMldZbTrtPBDPzQ38lAvEbb72edmXxgmujbxhgpiFGRW
EridKwpY0T3FTFy8vggobfABoBJiFN2wXJg6OqXxMYEs7jX9oCYZXhwahFx0bOS9
UJEUYFl85yrKFhLHY7BgSSKuDTkrEg3QCPLB82R7/VdJhbGYSUxNhPHV9HTn2hjq
tBtLB3EAPw49sba1iYQWmLWGc+QTY+gYJo+9BfKFIoajeAmafyI/ERkcep3Rb9yM
S3LEBs7BzXRsNY+QfSi92yOsFbR+yIR7zF/olWVHpItKW1oJpQwvyyrNsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTaReSZJ/AyZ/3TFQnkm90S3KPRMB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC3VL+X+S
p6HsouumPVmiAWzYpNkWaHyVAcbbDbqGe86XXEZuq38hHuZsld5DBwpoIyj111GZ
IoZkUC3ZngOG+TKqiiATD588XlkHVlHsev52swa98hpFJNNM7hO6qtapJjTJ4bCG
mjUjT9YuRGE0JCiIiwQ2alxwQ1MCRH2QWPDVyYppAdXdlSOtahc98C0jYYe4c/kr
gI1YVV8rhveo0eeVKmdLgDMxjrJzXRZ8bsdGmDF2brcd70wr8t1JYz4AHvrzEg32
0n3y0RMh7OaH/SNaWMlgVTZxJoHJmhj+THSRRu9XQXvjRmTeEUUqgQN0NkykwNDs
He45DCIQ7OXCMw==
-----END CERTIFICATE-----