Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          0IBuSlahsrxLeYLgLwQOvZvv36/jg9MwpTth4UJIW58=
Subject key identifier:   27:2F:60:BC:81:1F:C2:0E:8E:C6:4E:83:A6:1B:A1:F5:09:CD:B9:32
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       019CAE35037AFF6870D56F934400B24F18F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          1568
Signing time:             Mon 02 Mar 2026 11:00:35 +0000
Manifest this update:     Mon 02 Mar 2026 11:00:35 +0000
Manifest next update:     Tue 03 Mar 2026 11:00:35 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: 0KEsFfcNLYALI9Pu/LbAJPDFd9RgVn7qXuwLOxR4MkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 11:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:35:03:7a:ff:68:70:d5:6f:93:44:00:b2:4f:18:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Mar  2 11:00:35 2026 GMT
            Not After : Mar  3 11:00:35 2026 GMT
        Subject: CN=272f60bc811fc20e8ec64e83a61ba1f509cdb932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:62:ae:48:05:c3:7b:c4:1c:f7:95:a7:75:12:
                    48:40:ca:84:16:db:33:df:df:24:73:bb:b6:c0:99:
                    88:7c:aa:29:71:ed:90:ba:45:47:7b:23:95:92:c6:
                    b7:a3:2a:d3:9f:d2:ae:23:6f:73:5d:a1:aa:a0:4a:
                    b1:8e:ae:28:a0:c5:a7:9f:d5:f2:81:2a:e2:b6:a1:
                    5e:40:34:98:fd:f8:a3:9e:21:bf:89:76:1a:25:a9:
                    0e:49:20:34:bc:96:4f:16:11:b9:18:07:49:61:9d:
                    a2:f2:99:93:ef:b1:5e:01:d4:1e:fb:c9:cc:63:79:
                    ee:98:aa:7a:d7:f0:03:8f:28:49:d2:f8:ec:9e:b8:
                    9c:19:f2:91:bb:7b:99:74:a2:12:6b:39:84:2a:21:
                    7a:90:6e:6c:99:6d:e8:ca:63:38:28:6b:7f:bb:af:
                    2e:53:f8:a8:b2:87:44:fc:d1:51:c5:b0:66:85:02:
                    5a:f4:cf:1f:17:d6:2e:e0:22:a5:a0:78:51:02:c2:
                    7a:c9:e0:09:eb:c0:f8:c2:dc:18:ed:c6:6c:27:68:
                    73:20:1c:59:a6:5e:e5:df:d9:16:d9:3e:16:63:3b:
                    c7:ef:45:d6:ba:4b:b6:39:e8:c1:31:51:0f:0d:0d:
                    25:c9:4e:1a:ff:d4:77:14:97:83:bd:f1:cd:f6:11:
                    7a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:2F:60:BC:81:1F:C2:0E:8E:C6:4E:83:A6:1B:A1:F5:09:CD:B9:32
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:ba:d0:41:ba:2f:7e:19:2d:ad:25:5b:98:65:12:2a:e1:e1:
         78:68:16:d7:53:88:14:b1:8a:5e:44:2f:b4:0a:18:d6:f4:e1:
         df:48:71:1f:4d:93:d4:b3:dc:30:c1:9f:8b:c0:5d:31:ee:71:
         22:1e:c0:1d:9f:f7:01:69:39:e0:fe:99:2e:74:21:5f:0d:12:
         4b:f1:12:35:63:53:20:cc:c0:d3:bf:26:b8:46:fa:8f:19:ec:
         79:b1:96:ea:3b:80:56:a9:45:a2:71:13:f6:80:ff:b0:93:56:
         8b:a3:42:8b:75:78:4d:07:95:bc:d9:66:96:ef:f2:7e:cd:fd:
         ea:48:24:03:29:46:20:ee:dc:f7:5e:4e:9d:bb:62:b6:cd:ad:
         28:e2:0a:82:82:53:3d:76:c4:e1:b6:5d:fc:2c:58:03:ea:69:
         12:7c:56:d9:27:9d:1d:ef:b0:58:05:7b:02:f5:10:c0:5a:7d:
         aa:06:f0:e6:0f:a6:9c:be:5a:a6:b3:43:4e:6a:70:21:9f:12:
         c1:f9:b1:54:b8:5d:40:92:89:bf:fe:99:49:3e:9d:05:46:39:
         ae:3a:17:bb:12:49:f6:71:29:47:43:6b:d6:24:ef:b4:a3:9b:
         f6:16:1b:be:4c:65:6e:03:ce:d5:4a:05:3e:ee:94:ec:40:2f:
         aa:79:f5:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNQN6/2hw1W+TRACyTxj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjYwMzAyMTEwMDM1WhcNMjYwMzAzMTEwMDM1WjAzMTEwLwYDVQQD
EygyNzJmNjBiYzgxMWZjMjBlOGVjNjRlODNhNjFiYTFmNTA5Y2RiOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmKuSAXDe8Qc95WndRJIQMqEFtsz
398kc7u2wJmIfKopce2QukVHeyOVksa3oyrTn9KuI29zXaGqoEqxjq4ooMWnn9Xy
gSritqFeQDSY/fijniG/iXYaJakOSSA0vJZPFhG5GAdJYZ2i8pmT77FeAdQe+8nM
Y3numKp61/ADjyhJ0vjsnricGfKRu3uZdKISazmEKiF6kG5smW3oymM4KGt/u68u
U/iosodE/NFRxbBmhQJa9M8fF9Yu4CKloHhRAsJ6yeAJ68D4wtwY7cZsJ2hzIBxZ
pl7l39kW2T4WYzvH70XWuku2OejBMVEPDQ0lyU4a/9R3FJeDvfHN9hF6BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcvYLyBH8IOjsZOg6YbofUJzbkyMB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANLrQQbov
fhktrSVbmGUSKuHheGgW11OIFLGKXkQvtAoY1vTh30hxH02T1LPcMMGfi8BdMe5x
Ih7AHZ/3AWk54P6ZLnQhXw0SS/ESNWNTIMzA078muEb6jxnsebGW6juAVqlFonET
9oD/sJNWi6NCi3V4TQeVvNlmlu/yfs396kgkAylGIO7c915Onbtits2tKOIKgoJT
PXbE4bZd/CxYA+ppEnxW2SedHe+wWAV7AvUQwFp9qgbw5g+mnL5aprNDTmpwIZ8S
wfmxVLhdQJKJv/6ZST6dBUY5rjoXuxJJ9nEpR0Nr1iTvtKOb9hYbvkxlbgPO1UoF
Pu6U7EAvqnn1OA==
-----END CERTIFICATE-----