Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
File:                     qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json)
Hash identifier:          6VTJ022SoRnENyibv+KqYbXCzEhIQqXdHoqyO6dFxWo=
Subject key identifier:   28:A5:3F:3A:B2:CF:30:E6:00:B3:8E:0D:55:11:82:A4:93:27:6B:13
Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04
Certificate issuer:       /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
Certificate serial:       019D9CD146AC1D897E4B8A47AA310A8D59CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
Manifest number:          095F
Signing time:             Fri 17 Apr 2026 19:00:53 +0000
Manifest this update:     Fri 17 Apr 2026 19:00:53 +0000
Manifest next update:     Sat 18 Apr 2026 19:00:53 +0000
Files and hashes:         1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: K/Pep3mx8yJlX5jcxRs+WidxduHj4XJHy9c68mAc7gQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:d1:46:ac:1d:89:7e:4b:8a:47:aa:31:0a:8d:59:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04
        Validity
            Not Before: Apr 17 19:00:53 2026 GMT
            Not After : Apr 18 19:00:53 2026 GMT
        Subject: CN=28a53f3ab2cf30e600b38e0d551182a493276b13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:97:ea:80:32:78:78:9b:f8:c2:0a:27:e8:09:
                    40:15:cb:ac:8d:b8:be:36:70:a9:8d:72:2f:7a:ce:
                    aa:45:f8:e2:17:9f:ae:b5:d6:19:02:37:e3:f0:6d:
                    26:e6:2b:55:61:67:92:85:94:cd:1b:3d:d7:19:9f:
                    62:2e:16:7d:aa:df:73:ab:a0:46:e4:9c:fa:22:de:
                    a8:13:44:52:5e:e9:b5:88:58:07:d5:7f:34:4e:0f:
                    5a:3a:c1:e9:aa:69:5c:55:65:d0:f9:76:55:67:ce:
                    d5:2b:8c:ab:31:af:62:5e:17:54:eb:48:cb:9a:c9:
                    84:65:c7:4a:25:bf:7e:ce:d1:ae:ad:5d:1f:26:d2:
                    f3:99:be:bc:f2:8f:11:38:be:f1:3b:9e:4f:30:35:
                    9e:a8:b5:91:37:30:f3:cf:cb:1b:a2:7a:00:77:07:
                    33:5b:f0:3f:fc:6f:87:20:3e:bf:3f:1d:11:2f:87:
                    f4:81:c6:9b:32:ec:85:47:8c:ee:9c:27:e7:3a:db:
                    77:d9:fb:88:8b:d7:13:1b:52:14:36:2b:c4:81:b1:
                    9e:b1:a0:96:1d:35:d2:d8:69:ab:70:b8:06:de:d7:
                    dd:20:c3:ce:8b:3c:8d:11:85:ee:0a:1a:08:82:d5:
                    ec:15:58:a3:06:7c:bd:00:91:4a:2e:47:bb:54:5f:
                    00:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A5:3F:3A:B2:CF:30:E6:00:B3:8E:0D:55:11:82:A4:93:27:6B:13
            X509v3 Authority Key Identifier:
                keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:86:46:93:08:59:ea:ef:55:d7:ea:20:d1:af:f5:a0:17:b2:
         b9:85:38:fa:3b:2c:65:af:cf:e1:41:ce:db:f2:44:b9:89:d5:
         66:7b:0a:3f:d3:4f:80:19:4b:14:8f:99:1c:68:0d:18:5a:da:
         c5:60:24:0b:48:27:29:2d:a8:ef:5b:9d:f5:a9:f0:d0:94:e4:
         73:56:60:ee:ad:84:1e:c7:71:ae:37:9d:ff:06:a5:64:d7:b1:
         99:40:a8:7f:e3:5e:bb:5e:cd:87:42:ab:97:41:08:26:d6:ac:
         26:f6:31:2a:50:e7:70:35:83:77:ed:4f:e9:66:22:33:91:1b:
         c2:71:81:53:47:17:8f:b6:b1:5f:47:b3:f5:b9:7b:c5:34:32:
         72:a4:75:30:23:dd:82:46:90:57:95:8b:7d:71:f8:dd:9d:82:
         09:a8:7e:d9:a8:3d:60:2f:5b:18:8f:35:da:42:96:45:63:18:
         64:b1:b9:f9:5a:5c:9c:91:02:54:4a:46:d7:b6:c2:4b:0a:a8:
         fe:dd:61:81:6b:d7:4d:a4:19:da:8a:95:38:e3:1a:4c:3f:a4:
         a4:46:91:24:67:81:6e:cd:60:bf:cc:22:03:70:fd:65:d9:bd:
         f3:f4:c4:7d:30:29:dd:74:fd:db:1a:ef:a9:21:d6:1d:8f:2d:
         c5:fc:2f:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2c0UasHYl+S4pHqjEKjVnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy
MjJmMDQwHhcNMjYwNDE3MTkwMDUzWhcNMjYwNDE4MTkwMDUzWjAzMTEwLwYDVQQD
EygyOGE1M2YzYWIyY2YzMGU2MDBiMzhlMGQ1NTExODJhNDkzMjc2YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZfqgDJ4eJv4wgon6AlAFcusjbi+
NnCpjXIves6qRfjiF5+utdYZAjfj8G0m5itVYWeShZTNGz3XGZ9iLhZ9qt9zq6BG
5Jz6It6oE0RSXum1iFgH1X80Tg9aOsHpqmlcVWXQ+XZVZ87VK4yrMa9iXhdU60jL
msmEZcdKJb9+ztGurV0fJtLzmb688o8ROL7xO55PMDWeqLWRNzDzz8sbonoAdwcz
W/A//G+HID6/Px0RL4f0gcabMuyFR4zunCfnOtt32fuIi9cTG1IUNivEgbGesaCW
HTXS2GmrcLgG3tfdIMPOizyNEYXuChoIgtXsFVijBny9AJFKLke7VF8APQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCilPzqyzzDmALOODVURgqSTJ2sTMB8GA1UdIwQY
MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt
Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2
LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIoZGkwhZ
6u9V1+og0a/1oBeyuYU4+jssZa/P4UHO2/JEuYnVZnsKP9NPgBlLFI+ZHGgNGFra
xWAkC0gnKS2o71ud9anw0JTkc1Zg7q2EHsdxrjed/walZNexmUCof+Neu17Nh0Kr
l0EIJtasJvYxKlDncDWDd+1P6WYiM5EbwnGBU0cXj7axX0ez9bl7xTQycqR1MCPd
gkaQV5WLfXH43Z2CCah+2ag9YC9bGI812kKWRWMYZLG5+VpcnJECVEpG17bCSwqo
/t1hgWvXTaQZ2oqVOOMaTD+kpEaRJGeBbs1gv8wiA3D9Zdm98/TEfTAp3XT92xrv
qSHWHY8txfwvIA==
-----END CERTIFICATE-----