Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File:                     QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier:          M5eZKNfSifJtli8iNk1XG58ejKSGaSbB/P+RW6BX600=
Subject key identifier:   D4:8F:7C:8B:59:03:A9:34:9D:23:08:38:ED:10:4E:CF:57:E6:F7:FF
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer:       /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial:       019CACB48BA6B727B69CF59679F831997A44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number:          0A56
Signing time:             Mon 02 Mar 2026 04:00:39 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:39 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:39 +0000
Files and hashes:         1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: xzHFoSJzicLL9ku9s9r5NWWE2YqH4XrnBjA8dk4xiuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:8b:a6:b7:27:b6:9c:f5:96:79:f8:31:99:7a:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
        Validity
            Not Before: Mar  2 04:00:39 2026 GMT
            Not After : Mar  3 04:00:39 2026 GMT
        Subject: CN=d48f7c8b5903a9349d230838ed104ecf57e6f7ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:a8:51:e9:d3:b1:e7:ef:c4:d6:a6:f8:fc:cb:
                    31:ef:4b:04:de:9e:85:cc:3b:b3:ba:2d:b1:de:23:
                    1e:7d:06:ae:89:9f:6d:ec:03:d9:8a:db:e8:78:08:
                    d8:9c:b1:4b:85:4e:38:09:7f:28:a8:72:76:db:c8:
                    0f:7c:d9:fe:9e:14:7b:c6:93:e3:56:20:34:b4:4d:
                    69:fc:19:43:82:d8:b6:1e:dd:53:e0:66:4b:b1:59:
                    b0:1d:33:2f:c5:a2:22:40:60:69:41:5a:7c:60:e7:
                    bc:ad:40:31:fa:22:ba:b8:35:42:2f:16:dc:dd:67:
                    33:07:1c:28:8a:13:73:32:e2:23:60:e9:9a:17:27:
                    0c:b4:5c:1c:f6:7a:3c:2f:21:e0:0a:8b:23:82:93:
                    bb:3b:ce:53:7e:d0:c1:de:b7:cf:19:6c:fb:6c:39:
                    ec:bf:ae:ed:2a:5f:eb:ff:07:db:34:f9:bc:c0:d4:
                    dc:77:31:eb:94:70:87:af:f9:74:c3:c0:2a:ba:3a:
                    d9:cf:89:20:cc:74:c2:1d:b2:69:57:d0:c1:b8:8d:
                    09:85:57:c1:9b:26:67:77:84:dc:b1:4e:1f:73:4b:
                    3e:90:66:87:b8:1f:d4:75:d6:3f:83:c9:2d:86:d7:
                    01:d5:94:4b:f7:bc:20:47:c7:68:90:f2:a6:0e:21:
                    fe:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:8F:7C:8B:59:03:A9:34:9D:23:08:38:ED:10:4E:CF:57:E6:F7:FF
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:d4:bc:73:7a:53:40:2d:70:90:19:7a:11:a8:e7:af:d8:cf:
         b6:13:16:af:e0:25:eb:72:cf:8a:6a:9b:03:a6:4f:89:3c:98:
         4f:73:50:af:13:15:f0:77:d4:a0:51:69:02:89:b8:9a:a9:68:
         d4:83:58:6a:28:64:69:72:c2:db:94:0e:61:a8:f0:06:d2:47:
         d3:1d:19:c8:5a:51:11:b4:5d:80:32:77:8d:4c:24:7f:39:63:
         30:ab:3f:da:3b:96:c3:f7:0a:d8:1b:b4:49:42:d6:0f:27:81:
         1f:d0:73:75:e8:19:af:50:36:99:e6:25:1b:b5:63:0b:f4:1f:
         9e:f3:76:9c:1d:57:4b:e1:94:d6:9b:ef:01:58:2b:68:a9:82:
         de:d9:b1:d9:a7:a3:02:91:97:15:54:e1:2f:67:58:20:c4:25:
         c2:e5:88:5c:74:71:47:58:ce:66:c8:37:d8:73:58:de:30:b3:
         a4:18:53:e8:63:de:6b:55:35:8c:dd:89:e5:ed:40:58:f2:82:
         dc:50:af:c5:21:0c:6d:69:99:a9:c4:85:25:69:ab:16:3b:8a:
         1f:29:88:32:fc:66:63:9e:2f:72:d7:7a:09:a4:36:c0:86:cc:
         91:69:b4:ec:18:82:ea:d9:e8:ee:3a:2d:c9:6a:54:d7:a2:11:
         d0:95:12:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystIumtye2nPWWefgxmXpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjYwMzAyMDQwMDM5WhcNMjYwMzAzMDQwMDM5WjAzMTEwLwYDVQQD
EyhkNDhmN2M4YjU5MDNhOTM0OWQyMzA4MzhlZDEwNGVjZjU3ZTZmN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qhR6dOx5+/E1qb4/Msx70sE3p6F
zDuzui2x3iMefQauiZ9t7APZitvoeAjYnLFLhU44CX8oqHJ228gPfNn+nhR7xpPj
ViA0tE1p/BlDgti2Ht1T4GZLsVmwHTMvxaIiQGBpQVp8YOe8rUAx+iK6uDVCLxbc
3WczBxwoihNzMuIjYOmaFycMtFwc9no8LyHgCosjgpO7O85TftDB3rfPGWz7bDns
v67tKl/r/wfbNPm8wNTcdzHrlHCHr/l0w8AqujrZz4kgzHTCHbJpV9DBuI0JhVfB
myZnd4TcsU4fc0s+kGaHuB/UddY/g8kthtcB1ZRL97wgR8dokPKmDiH+HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSPfItZA6k0nSMIOO0QTs9X5vf/MB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9S8c3pT
QC1wkBl6Eajnr9jPthMWr+Al63LPimqbA6ZPiTyYT3NQrxMV8HfUoFFpAom4mqlo
1INYaihkaXLC25QOYajwBtJH0x0ZyFpREbRdgDJ3jUwkfzljMKs/2juWw/cK2Bu0
SULWDyeBH9BzdegZr1A2meYlG7VjC/QfnvN2nB1XS+GU1pvvAVgraKmC3tmx2aej
ApGXFVThL2dYIMQlwuWIXHRxR1jOZsg32HNY3jCzpBhT6GPea1U1jN2J5e1AWPKC
3FCvxSEMbWmZqcSFJWmrFjuKHymIMvxmY54vctd6CaQ2wIbMkWm07BiC6tno7jot
yWpU16IR0JUSRA==
-----END CERTIFICATE-----