Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          44LYlI+zOyjMKfeAbGnSCdMiuNw9yHX8R0jZzPjv17I=
Subject key identifier:   19:77:41:65:FA:34:62:FD:D4:C2:5F:BE:96:5C:9B:45:1A:02:90:7A
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       019D9AABDC23F30BB0FA169E88D3616683FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          15BE
Signing time:             Fri 17 Apr 2026 09:00:47 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:47 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:47 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: 6+yMcWZAxXOIWg7q5czqkDdySBCOXRK2QSEY1SPQr4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ab:dc:23:f3:0b:b0:fa:16:9e:88:d3:61:66:83:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: Apr 17 09:00:47 2026 GMT
            Not After : Apr 18 09:00:47 2026 GMT
        Subject: CN=19774165fa3462fdd4c25fbe965c9b451a02907a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c1:e4:33:c8:19:87:f5:f5:e1:97:2d:38:23:
                    7c:c9:4e:33:16:f2:45:d8:ee:e2:ee:44:3f:ac:4a:
                    9b:a6:79:a2:2f:86:e7:8b:2d:f5:b0:0b:7f:bf:81:
                    3c:ef:96:a0:d4:bd:95:2c:59:e2:4d:bd:b3:cc:fd:
                    16:ba:fb:e8:49:b6:6c:20:2a:06:1c:2f:e9:d2:66:
                    f1:a0:15:93:8c:e9:34:2c:a0:88:7e:8a:6a:2c:f3:
                    df:dc:4d:00:c7:b9:3b:28:95:11:b6:ea:3f:b6:9f:
                    f3:4a:7d:0d:59:88:8e:c1:80:ce:9b:df:17:c7:44:
                    f4:6b:e4:31:5f:06:73:2f:92:68:c5:c6:40:ee:4d:
                    80:ba:82:7b:b3:b6:f5:1e:6a:e4:33:97:33:8f:cc:
                    34:94:4d:11:5c:b5:96:7b:b5:93:a7:cc:67:ad:78:
                    8d:bd:a4:05:1f:0c:68:df:b6:c1:96:bb:7c:bf:88:
                    3b:ec:28:72:30:b2:ff:8e:60:bf:44:22:7e:75:92:
                    67:7c:e1:08:ef:a3:90:89:ea:3a:58:e7:c0:17:12:
                    c0:1c:7c:6c:89:43:2e:46:00:eb:e2:4f:07:ee:e6:
                    d6:96:bf:3f:bc:71:24:b3:c8:25:3a:be:ab:9b:19:
                    89:28:b2:f9:99:a0:72:e6:06:e8:2e:03:a5:c1:35:
                    cf:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:77:41:65:FA:34:62:FD:D4:C2:5F:BE:96:5C:9B:45:1A:02:90:7A
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:8d:5a:c7:b3:cd:94:48:e4:6d:24:60:a6:9a:77:93:f7:23:
         14:f0:a0:1d:27:4b:c6:9c:f8:46:58:c0:37:13:01:af:c2:16:
         b0:68:40:3c:ac:37:c8:3d:4c:41:e5:cd:51:52:ad:1c:5a:2a:
         b1:8e:09:21:73:cc:b4:bc:92:dd:28:cd:6d:1e:af:b9:97:76:
         37:08:c7:21:c5:a2:12:0e:1f:d5:8d:92:ad:09:77:e5:0b:89:
         ee:f7:ec:2e:07:27:a8:6d:00:e1:56:dc:5e:36:56:d9:ea:2b:
         40:7f:3f:61:40:e8:36:a7:ea:f3:84:2d:c4:97:b0:2e:07:ec:
         00:e4:3c:75:b3:0d:63:9e:8f:fb:3c:5a:b8:98:ba:24:88:ce:
         57:74:96:ec:88:53:82:88:29:cb:03:74:53:67:73:ce:d9:2f:
         47:e3:c9:78:16:0e:fc:ab:3d:57:6c:7b:7b:ab:18:fc:f9:54:
         a8:6a:ea:db:47:15:a0:d4:31:17:d8:c6:e9:d7:1f:cc:c1:c2:
         1c:4e:51:b4:f0:12:c5:b7:89:e4:5c:ae:15:f2:c4:74:c8:c1:
         e1:da:9e:80:ba:1b:62:a3:8f:04:b2:40:b6:d3:f6:14:f1:a9:
         f7:47:b2:58:aa:ef:f6:fa:28:d4:1c:f1:9e:c6:d7:b9:0e:a2:
         0b:a3:29:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq9wj8wuw+haeiNNhZoP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjYwNDE3MDkwMDQ3WhcNMjYwNDE4MDkwMDQ3WjAzMTEwLwYDVQQD
EygxOTc3NDE2NWZhMzQ2MmZkZDRjMjVmYmU5NjVjOWI0NTFhMDI5MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsHkM8gZh/X14ZctOCN8yU4zFvJF
2O7i7kQ/rEqbpnmiL4bniy31sAt/v4E875ag1L2VLFniTb2zzP0WuvvoSbZsICoG
HC/p0mbxoBWTjOk0LKCIfopqLPPf3E0Ax7k7KJURtuo/tp/zSn0NWYiOwYDOm98X
x0T0a+QxXwZzL5JoxcZA7k2AuoJ7s7b1HmrkM5czj8w0lE0RXLWWe7WTp8xnrXiN
vaQFHwxo37bBlrt8v4g77ChyMLL/jmC/RCJ+dZJnfOEI76OQieo6WOfAFxLAHHxs
iUMuRgDr4k8H7ubWlr8/vHEks8glOr6rmxmJKLL5maBy5gboLgOlwTXPNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBl3QWX6NGL91MJfvpZcm0UaApB6MB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ41ax7PN
lEjkbSRgppp3k/cjFPCgHSdLxpz4RljANxMBr8IWsGhAPKw3yD1MQeXNUVKtHFoq
sY4JIXPMtLyS3SjNbR6vuZd2NwjHIcWiEg4f1Y2SrQl35QuJ7vfsLgcnqG0A4Vbc
XjZW2eorQH8/YUDoNqfq84QtxJewLgfsAOQ8dbMNY56P+zxauJi6JIjOV3SW7IhT
gogpywN0U2dzztkvR+PJeBYO/Ks9V2x7e6sY/PlUqGrq20cVoNQxF9jG6dcfzMHC
HE5RtPASxbeJ5FyuFfLEdMjB4dqegLobYqOPBLJAttP2FPGp90eyWKrv9voo1Bzx
nsbXuQ6iC6MpAg==
-----END CERTIFICATE-----