Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          QwN3Goh69Z0iH2gYyNsNOSsK3PP3weH0C7pM5Wcye0Y=
Subject key identifier:   F5:64:6B:29:12:2F:E8:FA:A8:88:84:0A:B5:8B:77:D8:BD:0F:07:8F
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019D9AE2E6972717182371CDA78D155E60CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          1063
Signing time:             Fri 17 Apr 2026 10:00:54 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:54 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:54 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: PNTD2JzpbdrWW6TCbuXAnmc/9kzg25rL4hr7mWUJV84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:e6:97:27:17:18:23:71:cd:a7:8d:15:5e:60:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Apr 17 10:00:54 2026 GMT
            Not After : Apr 18 10:00:54 2026 GMT
        Subject: CN=f5646b29122fe8faa888840ab58b77d8bd0f078f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:45:4b:c6:81:7d:7f:25:26:a9:fc:11:c7:e1:
                    6f:e6:1d:44:1e:f3:0f:93:11:46:78:4f:eb:6f:bc:
                    9e:b3:73:e2:32:2a:e3:75:51:09:03:f3:23:ca:81:
                    be:58:d6:75:35:4f:31:4f:da:0c:9f:2e:2d:96:88:
                    6f:33:81:b1:f3:99:05:07:be:79:18:c9:1f:30:6a:
                    91:0a:ce:12:82:a8:76:d5:f8:50:9a:b7:8d:6e:b4:
                    71:c5:ad:e4:05:27:db:df:78:2e:8d:4a:9a:4e:56:
                    e5:ac:c9:55:25:2c:66:1c:42:ec:a9:4d:7e:83:97:
                    96:be:c1:b6:f9:b1:8e:e7:44:08:f5:2c:c3:85:7d:
                    fe:16:fc:0c:84:32:3d:4c:54:f2:ed:e3:0e:5c:dc:
                    c9:dd:75:55:df:07:4e:d0:1b:1f:24:bd:17:b9:1c:
                    d8:cc:40:03:5c:17:57:58:85:3f:f9:ee:91:3e:a3:
                    de:83:24:72:f3:7f:7e:a3:3b:e3:53:fa:6d:86:91:
                    f3:48:11:c5:ee:54:62:c2:13:00:97:37:f3:65:a8:
                    fb:09:f4:9f:ee:28:ae:d5:59:0d:76:c4:75:88:d7:
                    df:80:f0:3b:9b:fe:ba:d0:59:4c:14:84:c3:00:e3:
                    cb:8e:d8:b5:11:7d:fc:5c:fe:7a:40:9e:a6:d1:59:
                    30:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:64:6B:29:12:2F:E8:FA:A8:88:84:0A:B5:8B:77:D8:BD:0F:07:8F
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:96:b0:00:c5:0d:5e:0a:3b:18:5e:30:7b:5c:0d:c8:29:1f:
         bb:56:e8:dd:53:7a:85:a5:42:03:f4:4e:9f:eb:18:33:cf:42:
         0b:77:1f:74:1d:23:10:71:c1:e6:c0:04:de:ce:00:60:ba:c2:
         02:0e:0d:3d:56:8c:e7:8c:36:14:53:ce:fd:8e:1a:c5:91:10:
         79:8c:bd:cf:10:66:2a:db:e4:ba:cb:26:58:4e:04:6a:a5:3c:
         25:4e:58:0d:cf:23:dc:42:01:0a:6b:a1:e5:e7:cf:2d:38:d7:
         03:be:2c:1f:9e:f7:ba:ea:6b:a9:92:61:c7:e2:49:f9:68:38:
         3f:a3:d3:03:07:d4:f3:18:18:66:22:99:41:5e:57:ab:36:70:
         10:84:78:e5:1d:81:d0:c3:8d:63:1c:40:1e:6f:0a:95:1e:be:
         32:b6:a4:bb:4c:08:cc:65:92:43:1b:a2:af:7e:0f:8d:cd:77:
         bf:3d:54:72:86:12:09:44:7b:af:16:bb:a0:64:67:c3:ed:10:
         6d:02:ef:b0:b5:2a:2e:9b:0d:02:fc:28:f1:61:26:b6:ff:39:
         69:96:70:c5:6a:d2:38:60:6f:21:84:b9:c7:f6:f4:3a:e4:86:
         c9:f9:f2:c6:f2:e3:16:06:7d:d6:4e:77:25:7c:c4:8f:42:e3:
         b4:ed:b8:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4uaXJxcYI3HNp40VXmDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjYwNDE3MTAwMDU0WhcNMjYwNDE4MTAwMDU0WjAzMTEwLwYDVQQD
EyhmNTY0NmIyOTEyMmZlOGZhYTg4ODg0MGFiNThiNzdkOGJkMGYwNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEVLxoF9fyUmqfwRx+Fv5h1EHvMP
kxFGeE/rb7yes3PiMirjdVEJA/MjyoG+WNZ1NU8xT9oMny4tlohvM4Gx85kFB755
GMkfMGqRCs4Sgqh21fhQmreNbrRxxa3kBSfb33gujUqaTlblrMlVJSxmHELsqU1+
g5eWvsG2+bGO50QI9SzDhX3+FvwMhDI9TFTy7eMOXNzJ3XVV3wdO0BsfJL0XuRzY
zEADXBdXWIU/+e6RPqPegyRy839+ozvjU/pthpHzSBHF7lRiwhMAlzfzZaj7CfSf
7iiu1VkNdsR1iNffgPA7m/660FlMFITDAOPLjti1EX38XP56QJ6m0VkwswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVkaykSL+j6qIiECrWLd9i9DwePMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhpawAMUN
Xgo7GF4we1wNyCkfu1bo3VN6haVCA/ROn+sYM89CC3cfdB0jEHHB5sAE3s4AYLrC
Ag4NPVaM54w2FFPO/Y4axZEQeYy9zxBmKtvkussmWE4EaqU8JU5YDc8j3EIBCmuh
5efPLTjXA74sH573uuprqZJhx+JJ+Wg4P6PTAwfU8xgYZiKZQV5XqzZwEIR45R2B
0MONYxxAHm8KlR6+Mraku0wIzGWSQxuir34Pjc13vz1UcoYSCUR7rxa7oGRnw+0Q
bQLvsLUqLpsNAvwo8WEmtv85aZZwxWrSOGBvIYS5x/b0OuSGyfnyxvLjFgZ91k53
JXzEj0LjtO249g==
-----END CERTIFICATE-----