Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
File:                     QqjNSXm8XdMbENe3GFDvEurDz7U.mft (raw, json)
Hash identifier:          TuSK6jck2gInDiCSuPPnY5fVmRS9HhTOYw2n3wtOmro=
Subject key identifier:   68:DD:68:78:E7:C2:B4:15:1E:56:5C:B3:5B:FC:2B:E4:01:F9:41:FB
Authority key identifier: 42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5
Certificate issuer:       /CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
Certificate serial:       019D97E17AB36BACC07D9A64EEBE092DBA4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
Manifest number:          064B
Signing time:             Thu 16 Apr 2026 20:00:29 +0000
Manifest this update:     Thu 16 Apr 2026 20:00:29 +0000
Manifest next update:     Fri 17 Apr 2026 20:00:29 +0000
Files and hashes:         1: QqjNSXm8XdMbENe3GFDvEurDz7U.crl (hash: IA9FxWemK7AlrkbaULIXgl6LQmr9hZSOP+H/Kudo4II=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e1:7a:b3:6b:ac:c0:7d:9a:64:ee:be:09:2d:ba:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42a8cd4979bc5dd31b10d7b71850ef12eac3cfb5
        Validity
            Not Before: Apr 16 20:00:29 2026 GMT
            Not After : Apr 17 20:00:29 2026 GMT
        Subject: CN=68dd6878e7c2b4151e565cb35bfc2be401f941fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:9a:f7:80:22:31:c1:c4:f6:13:cd:4d:6e:8b:
                    21:ad:15:b3:40:36:f2:13:ca:ae:d3:76:1e:ee:7a:
                    84:bd:77:1a:72:56:cc:0b:4a:0b:02:ef:bd:90:74:
                    95:62:67:76:8f:70:3c:fd:f3:df:67:61:92:16:5e:
                    a9:79:3f:6d:9a:ca:0e:96:c4:78:ba:f2:2e:06:dd:
                    21:e9:4e:c3:94:02:1e:e4:27:c4:1f:e4:ec:73:6b:
                    af:dc:28:12:26:bf:34:b8:7c:ba:7c:07:8a:5b:03:
                    1b:da:a3:46:e4:7a:5b:76:7e:a8:22:29:e4:a1:d3:
                    99:f8:43:a1:45:57:5a:c3:c0:07:2c:40:7a:0a:e2:
                    1d:13:70:2a:80:1a:14:50:37:1a:36:51:a7:ee:ba:
                    57:c3:07:a4:07:ab:4f:1d:00:fb:62:99:7e:fc:62:
                    40:8c:4c:09:2f:aa:c8:8a:19:a7:e0:69:7f:47:7a:
                    07:81:92:aa:2f:62:c1:e0:36:e9:9c:f2:61:c1:ee:
                    29:39:c9:5b:1f:e4:1a:d4:53:f1:e5:79:71:49:d2:
                    91:6e:ff:2a:bc:28:af:6a:04:0a:8f:29:5e:f4:9c:
                    b0:a6:7d:3c:06:35:9e:b1:f8:b0:e7:9d:ce:9c:39:
                    1d:0c:b9:75:96:c2:32:4e:78:56:b5:87:26:eb:3f:
                    37:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:DD:68:78:E7:C2:B4:15:1E:56:5C:B3:5B:FC:2B:E4:01:F9:41:FB
            X509v3 Authority Key Identifier:
                keyid:42:A8:CD:49:79:BC:5D:D3:1B:10:D7:B7:18:50:EF:12:EA:C3:CF:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqjNSXm8XdMbENe3GFDvEurDz7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51e7f6-f4fb-4ea0-8ddf-be5a0ffb8ca5/1/QqjNSXm8XdMbENe3GFDvEurDz7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:cc:e2:b4:b6:b1:de:ea:e4:27:e1:f9:bd:6e:da:57:9a:96:
         b5:42:cd:71:c8:cd:53:6d:8b:83:e9:cb:23:b4:f0:86:cd:48:
         4c:77:f1:be:5f:e1:4d:c5:bd:3a:9f:28:b3:ae:77:54:dc:a4:
         6a:36:2b:4b:c8:44:cc:b9:5f:ea:75:30:f6:d7:93:96:00:75:
         c7:20:87:40:51:4e:52:cf:fd:40:2f:5e:8b:9e:10:da:4b:34:
         81:99:c6:1e:d5:9e:ec:00:6b:bb:98:a9:f7:5b:8c:fc:cf:00:
         42:aa:cf:50:df:c2:9a:f3:ec:92:04:60:08:ef:39:37:99:c2:
         73:98:76:a7:d1:48:cf:20:95:17:d3:e3:b3:fe:b1:9f:4a:17:
         10:26:27:a8:aa:02:25:d4:eb:36:e1:51:a2:c1:c6:4b:12:0c:
         df:03:d4:c1:cd:6f:81:de:8e:f7:c6:a9:6f:fb:03:ba:1f:82:
         33:ac:4e:2f:22:14:66:c3:dd:09:48:41:18:6d:37:9d:70:e0:
         8b:5b:bf:be:cd:8c:10:3f:2f:b6:59:eb:9d:8a:f9:c0:03:b5:
         37:c5:a5:07:d1:a8:9b:e3:cb:3d:96:2b:a2:f9:93:ef:fb:c5:
         94:33:c3:6d:bb:27:f6:7d:e0:b4:eb:4f:f9:1b:7e:1b:8c:5d:
         eb:b6:3c:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4Xqza6zAfZpk7r4JLbpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYThjZDQ5NzliYzVkZDMxYjEwZDdiNzE4NTBlZjEyZWFj
M2NmYjUwHhcNMjYwNDE2MjAwMDI5WhcNMjYwNDE3MjAwMDI5WjAzMTEwLwYDVQQD
Eyg2OGRkNjg3OGU3YzJiNDE1MWU1NjVjYjM1YmZjMmJlNDAxZjk0MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpr3gCIxwcT2E81NboshrRWzQDby
E8qu03Ye7nqEvXcaclbMC0oLAu+9kHSVYmd2j3A8/fPfZ2GSFl6peT9tmsoOlsR4
uvIuBt0h6U7DlAIe5CfEH+Tsc2uv3CgSJr80uHy6fAeKWwMb2qNG5Hpbdn6oIink
odOZ+EOhRVdaw8AHLEB6CuIdE3AqgBoUUDcaNlGn7rpXwwekB6tPHQD7Ypl+/GJA
jEwJL6rIihmn4Gl/R3oHgZKqL2LB4DbpnPJhwe4pOclbH+Qa1FPx5XlxSdKRbv8q
vCivagQKjyle9Jywpn08BjWesfiw553OnDkdDLl1lsIyTnhWtYcm6z83IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjdaHjnwrQVHlZcs1v8K+QB+UH7MB8GA1UdIwQY
MBaAFEKozUl5vF3TGxDXtxhQ7xLqw8+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYt
YmU1YTBmZmI4Y2E1LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81MWU3ZjYtZjRmYi00ZWEwLThkZGYtYmU1YTBmZmI4Y2E1
LzEvUXFqTlNYbThYZE1iRU5lM0dGRHZFdXJEejdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8zitLax
3urkJ+H5vW7aV5qWtULNccjNU22Lg+nLI7Twhs1ITHfxvl/hTcW9Op8os653VNyk
ajYrS8hEzLlf6nUw9teTlgB1xyCHQFFOUs/9QC9ei54Q2ks0gZnGHtWe7ABru5ip
91uM/M8AQqrPUN/CmvPskgRgCO85N5nCc5h2p9FIzyCVF9Pjs/6xn0oXECYnqKoC
JdTrNuFRosHGSxIM3wPUwc1vgd6O98apb/sDuh+CM6xOLyIUZsPdCUhBGG03nXDg
i1u/vs2MED8vtlnrnYr5wAO1N8WlB9Gom+PLPZYrovmT7/vFlDPDbbsn9n3gtOtP
+Rt+G4xd67Y87g==
-----END CERTIFICATE-----