Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
File:                     QqjNSXm8XdMbENe3GFDvEurDz7U.mft (raw, json)
Hash identifier:          1xQKonAre1ta0na5ZjDAGYju4uXYLy9SUt55ybNhnyQ=
Subject key identifier:   AF:04:3B:8E:D0:4D:C6:12:46:F1:1A:D7:FA:F4:1E:DB:80:DB:9C:94
Authority key identifier: 42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5
Certificate issuer:       /CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
Certificate serial:       019CAC473469B36E0C3D7EBED6934182D3F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
Manifest number:          05D1
Signing time:             Mon 02 Mar 2026 02:01:13 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:13 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:13 +0000
Files and hashes:         1: QqjNSXm8XdMbENe3GFDvEurDz7U.crl (hash: SAWanCklU4X/RnfsbcWZfLQreYhN1xVXOv3YsFkoOvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:34:69:b3:6e:0c:3d:7e:be:d6:93:41:82:d3:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
        Validity
            Not Before: Mar  2 02:01:13 2026 GMT
            Not After : Mar  3 02:01:13 2026 GMT
        Subject: CN=af043b8ed04dc61246f11ad7faf41edb80db9c94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e5:b2:79:37:26:bb:d5:6b:64:51:f4:e2:33:
                    73:08:17:cb:33:dd:3a:ac:cf:c7:b3:a1:f0:9d:ff:
                    f7:8c:8f:bf:b2:92:4d:08:89:52:0d:5d:77:ca:ec:
                    f3:02:45:08:64:a5:14:ac:5c:31:fc:f2:0c:c0:de:
                    c3:19:71:09:94:47:e2:8e:03:36:3f:cc:a2:cf:d7:
                    2e:a7:e4:fc:55:c7:f2:ee:b7:81:ef:16:cd:de:e3:
                    56:02:84:82:6e:83:db:51:df:89:e4:9b:36:0a:91:
                    91:e4:18:ed:c8:0a:e5:79:a1:47:b8:88:52:cb:2a:
                    63:7b:4b:b6:39:dc:6b:01:79:a7:1c:a6:63:aa:fc:
                    7a:b7:1d:cb:bd:73:1b:ce:2d:39:ec:9b:55:18:aa:
                    5f:c9:46:dc:ca:f5:98:ea:56:1e:51:4b:f1:f3:d8:
                    7c:14:ea:21:86:14:ec:de:7a:d9:d7:df:d3:ef:a0:
                    3c:37:0e:e1:f1:15:48:c8:e2:b2:b9:15:de:10:13:
                    3f:1a:5b:ad:98:e1:86:7f:02:c8:9f:7f:ea:18:ba:
                    08:c8:ad:d4:9a:1c:43:5e:04:3d:5f:df:7b:5d:6f:
                    f4:45:f8:3a:b9:c0:c9:42:27:61:8a:0c:98:07:a2:
                    ca:97:70:3f:d8:e9:71:8c:de:35:f8:41:d4:0d:15:
                    d0:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:04:3B:8E:D0:4D:C6:12:46:F1:1A:D7:FA:F4:1E:DB:80:DB:9C:94
            X509v3 Authority Key Identifier:
                keyid:42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:fb:36:7a:ee:96:bc:76:3d:dc:54:7e:8a:33:99:a1:fd:d6:
         e3:80:25:77:5d:12:6b:be:98:6c:ec:ee:66:e9:02:bc:15:1a:
         fb:62:5d:53:a6:b9:66:97:3d:5a:30:ab:3b:9a:11:4e:21:76:
         75:e9:73:2f:dd:41:58:20:1a:5f:56:80:cd:92:4c:d7:ac:6b:
         25:b9:91:92:53:ff:fe:95:fd:28:22:5a:34:36:26:f2:c9:4b:
         e2:84:a4:5f:de:d0:82:31:14:2a:e7:69:b8:bc:e1:22:0c:bd:
         d5:62:6b:6a:b3:b9:f7:25:b2:4c:6f:be:00:19:69:1b:5c:8d:
         a9:7f:3e:4b:d6:c4:82:9f:7c:33:53:85:d1:2a:8b:98:67:c3:
         28:af:fd:45:7e:d2:d6:99:75:62:78:d9:2d:4d:c5:57:05:f4:
         ab:c9:1c:53:40:81:74:8b:c7:86:e9:55:1a:3c:a3:16:87:ba:
         44:d2:74:16:39:17:cf:5e:e0:4d:1f:f8:f9:5a:53:a0:51:77:
         a7:07:bb:dc:59:11:11:74:26:d6:2b:89:ed:a0:ad:2c:39:41:
         d0:1c:09:8f:75:01:55:71:af:fa:af:94:49:18:55:29:1f:89:
         ae:1f:99:3c:8c:10:93:a2:03:6e:48:0b:1c:9b:4b:2e:cf:60:
         81:bc:ca:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRzRps24MPX6+1pNBgtP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYThjZDQ5NzliYzVkZDMxYjEwZDdiNzE4NTBlZjEyZWFj
M2NmYjUwHhcNMjYwMzAyMDIwMTEzWhcNMjYwMzAzMDIwMTEzWjAzMTEwLwYDVQQD
EyhhZjA0M2I4ZWQwNGRjNjEyNDZmMTFhZDdmYWY0MWVkYjgwZGI5Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OWyeTcmu9VrZFH04jNzCBfLM906
rM/Hs6Hwnf/3jI+/spJNCIlSDV13yuzzAkUIZKUUrFwx/PIMwN7DGXEJlEfijgM2
P8yiz9cup+T8Vcfy7reB7xbN3uNWAoSCboPbUd+J5Js2CpGR5BjtyArleaFHuIhS
yypje0u2OdxrAXmnHKZjqvx6tx3LvXMbzi057JtVGKpfyUbcyvWY6lYeUUvx89h8
FOohhhTs3nrZ19/T76A8Nw7h8RVIyOKyuRXeEBM/GlutmOGGfwLIn3/qGLoIyK3U
mhxDXgQ9X997XW/0Rfg6ucDJQidhigyYB6LKl3A/2OlxjN41+EHUDRXQzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8EO47QTcYSRvEa1/r0HtuA25yUMB8GA1UdIwQY
MBaAFEKozUl5vF3TGxDXtxhQ7xLqw8+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYt
YmU1YTBmZmI4Y2E1LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYtYmU1YTBmZmI4Y2E1
LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHfs2eu6W
vHY93FR+ijOZof3W44Ald10Sa76YbOzuZukCvBUa+2JdU6a5Zpc9WjCrO5oRTiF2
delzL91BWCAaX1aAzZJM16xrJbmRklP//pX9KCJaNDYm8slL4oSkX97QgjEUKudp
uLzhIgy91WJrarO59yWyTG++ABlpG1yNqX8+S9bEgp98M1OF0SqLmGfDKK/9RX7S
1pl1YnjZLU3FVwX0q8kcU0CBdIvHhulVGjyjFoe6RNJ0FjkXz17gTR/4+VpToFF3
pwe73FkREXQm1iuJ7aCtLDlB0BwJj3UBVXGv+q+USRhVKR+Jrh+ZPIwQk6IDbkgL
HJtLLs9ggbzKXw==
-----END CERTIFICATE-----