Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          1OvntcoUACZ5H6CddHYLoQpxYn2AJvad1RHUQeuzzS8=
Subject key identifier:   7B:D9:53:4E:4E:AF:73:36:07:82:B2:5A:B2:67:CE:FD:46:94:D2:AF
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       019D99630FE8B1E69F36F16CFE1B78E37A8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 03:01:39 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:39 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:39 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: qRMZlRN+lTDAe6arw8gjGsk43lxFgW/s0Ewfoh5yPqk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:63:0f:e8:b1:e6:9f:36:f1:6c:fe:1b:78:e3:7a:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Apr 17 03:01:39 2026 GMT
            Not After : Apr 18 03:01:39 2026 GMT
        Subject: CN=7bd9534e4eaf73360782b25ab267cefd4694d2af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:96:41:a2:94:db:ab:34:be:7f:04:c7:a0:04:
                    21:97:f0:ac:d2:b6:f0:eb:22:85:71:1a:78:3f:2a:
                    ba:33:a4:c2:d5:f5:85:b3:10:59:25:02:06:41:e2:
                    8b:f5:4e:2c:7e:81:06:3a:2e:1d:a3:51:3a:5a:08:
                    8c:ae:1e:de:71:56:b1:55:90:52:46:00:68:3e:71:
                    ff:8c:9a:03:f2:44:b2:21:32:b5:6c:8b:9c:1b:b6:
                    eb:c4:65:2d:f1:ee:9c:b7:73:4a:77:9c:88:64:16:
                    16:6a:a5:96:71:28:2e:f8:57:00:48:d0:c5:36:f5:
                    43:d5:51:6c:01:62:8d:7e:76:91:49:f3:71:98:b0:
                    67:82:16:6e:2e:33:00:4d:e8:82:c0:5c:25:f2:12:
                    69:f5:07:70:c2:22:c9:59:11:6e:e3:94:25:9c:1f:
                    0c:3d:8e:55:3f:a5:b5:e6:c9:1f:e1:40:57:bd:9c:
                    34:a0:22:30:ce:f6:40:b1:2d:f1:0c:e1:a3:78:6c:
                    a5:cb:b5:98:ea:0e:fd:94:47:18:94:38:70:a6:fe:
                    9a:70:7f:47:7f:4e:84:12:7b:e8:c5:7d:9d:10:7f:
                    45:91:a9:a6:e9:95:d4:4f:bf:69:04:fc:c8:5e:d5:
                    9f:8e:a5:3e:65:44:4c:3d:d2:b8:e2:c9:51:ca:4b:
                    ff:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:D9:53:4E:4E:AF:73:36:07:82:B2:5A:B2:67:CE:FD:46:94:D2:AF
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:70:96:64:9f:4c:cf:e4:ad:ee:3e:03:70:50:f8:c3:03:18:
         c2:97:2f:05:9c:ec:af:95:cc:59:4c:5b:f4:13:d6:7e:16:61:
         92:28:07:c5:55:9a:4e:77:1a:3f:26:9f:98:08:05:7b:60:43:
         cf:6c:b9:cd:ea:47:cc:6e:1f:a3:d7:aa:5d:aa:82:b6:f7:55:
         2e:a5:91:01:b3:bb:a5:12:b3:7e:2b:e8:de:ad:19:25:be:11:
         06:92:2f:4d:2d:ee:21:e9:a2:21:97:3d:6f:65:ed:b4:6b:3a:
         0b:71:ba:16:9a:70:72:a1:2b:fc:6b:d3:b5:ed:85:0f:9f:8e:
         5a:90:f1:95:2e:ef:fc:61:9a:32:e1:ef:87:d6:5e:51:1e:63:
         b0:4f:97:0e:80:11:e5:df:54:8b:54:f2:d3:7c:be:77:35:9f:
         12:fe:72:7b:9d:1a:83:52:39:00:04:03:d0:e1:c1:a7:ac:3f:
         d9:6e:80:65:ea:22:ac:02:3a:24:72:9d:2b:ce:66:1c:d1:80:
         63:37:3d:89:79:aa:d0:01:6c:30:91:5c:0b:3c:c3:48:88:d7:
         cf:d1:88:40:3f:db:fd:e8:a0:b9:b9:0a:a0:03:dc:10:81:8b:
         06:d0:b9:ad:98:20:0e:39:9e:70:aa:a2:3d:64:53:e6:af:bc:
         7c:fe:71:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYw/oseafNvFs/ht443qLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjYwNDE3MDMwMTM5WhcNMjYwNDE4MDMwMTM5WjAzMTEwLwYDVQQD
Eyg3YmQ5NTM0ZTRlYWY3MzM2MDc4MmIyNWFiMjY3Y2VmZDQ2OTRkMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJZBopTbqzS+fwTHoAQhl/Cs0rbw
6yKFcRp4Pyq6M6TC1fWFsxBZJQIGQeKL9U4sfoEGOi4do1E6WgiMrh7ecVaxVZBS
RgBoPnH/jJoD8kSyITK1bIucG7brxGUt8e6ct3NKd5yIZBYWaqWWcSgu+FcASNDF
NvVD1VFsAWKNfnaRSfNxmLBnghZuLjMATeiCwFwl8hJp9QdwwiLJWRFu45QlnB8M
PY5VP6W15skf4UBXvZw0oCIwzvZAsS3xDOGjeGyly7WY6g79lEcYlDhwpv6acH9H
f06EEnvoxX2dEH9Fkamm6ZXUT79pBPzIXtWfjqU+ZURMPdK44slRykv/3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvZU05Or3M2B4KyWrJnzv1GlNKvMB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASXCWZJ9M
z+St7j4DcFD4wwMYwpcvBZzsr5XMWUxb9BPWfhZhkigHxVWaTncaPyafmAgFe2BD
z2y5zepHzG4fo9eqXaqCtvdVLqWRAbO7pRKzfivo3q0ZJb4RBpIvTS3uIemiIZc9
b2XttGs6C3G6FppwcqEr/GvTte2FD5+OWpDxlS7v/GGaMuHvh9ZeUR5jsE+XDoAR
5d9Ui1Ty03y+dzWfEv5ye50ag1I5AAQD0OHBp6w/2W6AZeoirAI6JHKdK85mHNGA
Yzc9iXmq0AFsMJFcCzzDSIjXz9GIQD/b/eigubkKoAPcEIGLBtC5rZggDjmecKqi
PWRT5q+8fP5x1g==
-----END CERTIFICATE-----