Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
File:                     QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json)
Hash identifier:          ydth2rn5aARxV1tlsMWTySz+uMAeyueHUcKR86E62eQ=
Subject key identifier:   E7:AA:E7:D6:E0:6B:7A:B8:8E:91:86:25:19:F9:19:53:47:74:EC:1C
Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03
Certificate issuer:       /CN=40bfde3589b444c379f73360831b1dd8ea2f8703
Certificate serial:       019D9A3DE9CA38E7EB705E2492DB5C4F2136
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
Manifest number:          0AD1
Signing time:             Fri 17 Apr 2026 07:00:41 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:41 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:41 +0000
Files and hashes:         1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: RWa13pZy6zHNWuZ/xzFlLEqWdnw9/ouTddWzWQ4w92Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3d:e9:ca:38:e7:eb:70:5e:24:92:db:5c:4f:21:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703
        Validity
            Not Before: Apr 17 07:00:41 2026 GMT
            Not After : Apr 18 07:00:41 2026 GMT
        Subject: CN=e7aae7d6e06b7ab88e91862519f919534774ec1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:15:45:4c:ab:47:f6:db:3c:f7:d2:86:5d:ec:
                    d9:11:37:47:dd:74:91:ac:17:7a:a5:ff:8c:55:47:
                    80:fa:b1:f3:fd:3c:a5:ab:42:a9:9b:e1:84:95:28:
                    a1:c2:7e:64:43:db:16:7d:6e:44:00:df:b6:0b:82:
                    cd:aa:85:5a:e2:11:93:95:11:12:94:48:94:34:41:
                    cd:65:b6:a0:27:03:74:06:84:f5:4c:c0:45:ee:d1:
                    01:2f:9d:b4:27:a2:91:ad:77:9d:b1:6a:50:9e:22:
                    0c:94:b8:57:db:64:7a:e9:e7:d5:58:eb:d6:27:47:
                    92:90:89:0f:a2:a6:f2:f3:0d:96:b9:72:71:42:5f:
                    18:50:d1:6f:f4:34:ef:cb:f4:dd:1f:6e:70:83:9e:
                    48:25:ac:59:45:3c:f1:14:92:c3:d5:94:cc:8b:54:
                    cc:0e:55:da:4b:59:cb:0e:97:36:0b:09:08:31:0a:
                    eb:71:19:ef:30:a4:66:35:f9:d3:0f:61:51:53:84:
                    25:94:56:eb:47:11:23:5c:01:30:42:32:6b:8e:4d:
                    0b:d0:08:da:02:16:e8:0e:43:fb:24:58:e3:a9:18:
                    72:fd:c5:3b:55:b6:b9:63:e6:5c:42:61:5e:7c:21:
                    4f:49:5a:c2:42:0d:25:6b:3e:3b:ce:09:dc:30:6b:
                    58:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:AA:E7:D6:E0:6B:7A:B8:8E:91:86:25:19:F9:19:53:47:74:EC:1C
            X509v3 Authority Key Identifier:
                keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:3c:39:b0:bc:58:bc:46:4f:2b:d4:dc:6b:fe:44:1f:bc:cf:
         da:0c:1d:0c:73:93:27:57:fb:b0:9f:30:d4:3c:43:da:5e:6a:
         58:39:d6:aa:f1:25:58:f9:4b:9a:ab:5c:3f:91:1c:a9:5a:8a:
         e3:a9:b2:97:bc:d7:f7:c5:bd:e3:68:a9:5f:94:3e:b5:cf:cd:
         bd:12:07:25:67:85:e9:ec:5b:7d:46:1d:d1:56:3e:8d:d8:87:
         8d:27:26:b3:db:f3:50:e2:8f:12:49:8a:90:ec:fd:b6:58:d8:
         4f:79:b3:9a:1f:ac:8f:c3:68:41:59:43:79:fc:10:26:b0:b3:
         a4:b0:18:61:c8:f0:a7:9a:34:2b:87:ac:c7:8d:d5:6d:e0:2e:
         44:f6:a5:dd:90:16:9f:f8:83:35:72:e4:b3:16:8b:07:cc:0b:
         df:e5:85:de:61:b8:20:88:03:64:eb:76:36:d2:46:01:12:ac:
         07:6c:5c:57:e4:26:d7:93:14:f5:d3:11:ff:30:5d:86:19:3f:
         bf:2e:4d:9e:d9:74:27:fc:bc:12:4e:4c:3c:30:5f:ff:f1:12:
         50:1f:b3:a5:2d:f9:fb:65:c2:0e:36:9b:e2:1e:74:6f:2d:47:
         04:fd:c0:66:a0:b0:09:f3:d5:92:34:00:6c:24:9c:ba:e5:72:
         bd:35:59:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPenKOOfrcF4kkttcTyE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy
Zjg3MDMwHhcNMjYwNDE3MDcwMDQxWhcNMjYwNDE4MDcwMDQxWjAzMTEwLwYDVQQD
EyhlN2FhZTdkNmUwNmI3YWI4OGU5MTg2MjUxOWY5MTk1MzQ3NzRlYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxVFTKtH9ts899KGXezZETdH3XSR
rBd6pf+MVUeA+rHz/Tylq0Kpm+GElSihwn5kQ9sWfW5EAN+2C4LNqoVa4hGTlRES
lEiUNEHNZbagJwN0BoT1TMBF7tEBL520J6KRrXedsWpQniIMlLhX22R66efVWOvW
J0eSkIkPoqby8w2WuXJxQl8YUNFv9DTvy/TdH25wg55IJaxZRTzxFJLD1ZTMi1TM
DlXaS1nLDpc2CwkIMQrrcRnvMKRmNfnTD2FRU4QllFbrRxEjXAEwQjJrjk0L0Aja
AhboDkP7JFjjqRhy/cU7Vba5Y+ZcQmFefCFPSVrCQg0laz47zgncMGtYjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeq59bga3q4jpGGJRn5GVNHdOwcMB8GA1UdIwQY
MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt
NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi
LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjzw5sLxY
vEZPK9Tca/5EH7zP2gwdDHOTJ1f7sJ8w1DxD2l5qWDnWqvElWPlLmqtcP5EcqVqK
46myl7zX98W942ipX5Q+tc/NvRIHJWeF6exbfUYd0VY+jdiHjScms9vzUOKPEkmK
kOz9tljYT3mzmh+sj8NoQVlDefwQJrCzpLAYYcjwp5o0K4esx43VbeAuRPal3ZAW
n/iDNXLksxaLB8wL3+WF3mG4IIgDZOt2NtJGARKsB2xcV+Qm15MU9dMR/zBdhhk/
vy5Nntl0J/y8Ek5MPDBf//ESUB+zpS35+2XCDjab4h50by1HBP3AZqCwCfPVkjQA
bCScuuVyvTVZWg==
-----END CERTIFICATE-----