Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          NTp1A79f2C9EQAy/asvK59WBRGxbu8Zy0LheYk22cz4=
Subject key identifier:   EC:C4:7B:02:93:8C:E4:02:AC:90:0C:DC:2E:1D:18:5B:D5:DA:34:82
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       019CAD59F098098DC757852879C58649F624
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          08E3
Signing time:             Mon 02 Mar 2026 07:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:18 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: lUe2hdt0Y17b9vA5yKPzmZPaKriQ9bDEkxB+tOXWvM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:f0:98:09:8d:c7:57:85:28:79:c5:86:49:f6:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Mar  2 07:01:18 2026 GMT
            Not After : Mar  3 07:01:18 2026 GMT
        Subject: CN=ecc47b02938ce402ac900cdc2e1d185bd5da3482
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:71:15:13:be:96:4d:49:0d:7c:63:6b:86:51:
                    10:0e:3f:4e:12:2d:ad:da:dc:59:d4:78:52:09:f9:
                    27:07:7a:aa:2e:85:a0:a4:c2:d0:41:2a:8e:a9:86:
                    b9:82:73:6b:c5:07:8d:31:78:dc:3b:55:ed:f9:0f:
                    89:15:0b:33:a5:79:03:b8:cf:10:04:ac:2f:55:26:
                    4c:33:0d:e0:a5:72:9f:fa:99:b9:be:94:1d:34:1d:
                    c1:79:7f:ed:40:ba:db:48:6e:82:e6:cb:63:e8:b8:
                    09:8d:95:5c:12:b6:6d:11:92:8f:1c:b5:61:ca:82:
                    d0:fa:a8:57:d3:ed:76:cc:67:7d:09:ac:01:26:74:
                    d9:51:54:c8:85:ac:ad:23:fb:6a:62:d8:6b:13:4d:
                    40:ba:7f:5b:1e:e8:e4:b3:e6:6f:5d:b1:fd:61:8f:
                    74:8c:56:26:f0:b8:c4:73:b9:8f:6f:07:4d:c6:b2:
                    fa:4d:b2:bd:cf:04:55:65:8a:58:22:85:29:ec:55:
                    74:28:c1:fa:30:40:d3:81:2f:b5:c4:ab:48:5b:83:
                    36:fe:c7:54:03:77:61:1e:88:78:ef:5f:1b:f6:a3:
                    60:e6:55:a2:17:18:68:fb:6f:d1:4b:33:88:6e:3b:
                    5b:fe:1e:2f:f9:e6:e7:6a:a2:f8:6e:92:82:63:d3:
                    e7:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C4:7B:02:93:8C:E4:02:AC:90:0C:DC:2E:1D:18:5B:D5:DA:34:82
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:c7:4e:c7:d2:7b:14:50:9c:de:39:94:38:67:7e:58:2a:99:
         03:20:4e:cb:96:13:a4:e8:a5:62:fc:06:5c:b4:ac:1a:da:c1:
         a7:fa:55:73:b1:45:e1:2e:3f:4f:a8:27:a1:c4:4b:47:57:e6:
         3b:a6:73:cf:69:0f:f8:52:bf:ac:e5:6e:7e:33:a5:f8:ac:65:
         99:77:7e:bb:85:67:cb:a8:f3:d7:f3:5f:31:5b:74:57:92:f1:
         db:4d:39:76:a5:89:c9:3b:8a:a6:0b:26:24:45:d5:ef:c7:f9:
         2f:28:2d:69:e7:94:1c:75:71:b4:63:8e:66:af:95:eb:b4:10:
         46:31:04:0d:53:c5:d2:34:4b:17:3e:f7:d3:5b:89:38:99:93:
         1c:30:c2:67:8e:20:fd:b7:17:7a:51:e1:69:14:ac:d4:37:f1:
         ff:64:63:ef:e9:38:c0:24:12:20:f4:6b:52:36:b9:f6:d5:c8:
         54:39:56:f3:69:9b:4a:68:db:28:8a:08:5f:96:bd:e2:d9:82:
         c1:e7:c2:44:88:ef:f0:c7:2a:83:08:b7:f7:bd:40:05:a3:50:
         6d:2b:90:76:c6:3f:43:ba:47:0b:14:12:87:7c:54:9d:ec:db:
         8b:83:57:0e:ff:44:e0:c4:75:cd:8d:b1:11:3d:7f:2e:14:78:
         fd:b2:6c:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfCYCY3HV4UoecWGSfYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjYwMzAyMDcwMTE4WhcNMjYwMzAzMDcwMTE4WjAzMTEwLwYDVQQD
EyhlY2M0N2IwMjkzOGNlNDAyYWM5MDBjZGMyZTFkMTg1YmQ1ZGEzNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXEVE76WTUkNfGNrhlEQDj9OEi2t
2txZ1HhSCfknB3qqLoWgpMLQQSqOqYa5gnNrxQeNMXjcO1Xt+Q+JFQszpXkDuM8Q
BKwvVSZMMw3gpXKf+pm5vpQdNB3BeX/tQLrbSG6C5stj6LgJjZVcErZtEZKPHLVh
yoLQ+qhX0+12zGd9CawBJnTZUVTIhaytI/tqYthrE01Aun9bHujks+ZvXbH9YY90
jFYm8LjEc7mPbwdNxrL6TbK9zwRVZYpYIoUp7FV0KMH6MEDTgS+1xKtIW4M2/sdU
A3dhHoh4718b9qNg5lWiFxho+2/RSzOIbjtb/h4v+ebnaqL4bpKCY9Pn0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzEewKTjOQCrJAM3C4dGFvV2jSCMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasdOx9J7
FFCc3jmUOGd+WCqZAyBOy5YTpOilYvwGXLSsGtrBp/pVc7FF4S4/T6gnocRLR1fm
O6Zzz2kP+FK/rOVufjOl+KxlmXd+u4Vny6jz1/NfMVt0V5Lx2005dqWJyTuKpgsm
JEXV78f5LygtaeeUHHVxtGOOZq+V67QQRjEEDVPF0jRLFz7301uJOJmTHDDCZ44g
/bcXelHhaRSs1Dfx/2Rj7+k4wCQSIPRrUja59tXIVDlW82mbSmjbKIoIX5a94tmC
wefCRIjv8Mcqgwi3971ABaNQbSuQdsY/Q7pHCxQSh3xUnezbi4NXDv9E4MR1zY2x
ET1/LhR4/bJsTA==
-----END CERTIFICATE-----