Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          5IDTrfQgO41zXgwcStZbggGIuxf492friqDUGL+euuM=
Subject key identifier:   9A:94:87:54:2E:AB:22:E2:B8:07:65:F9:C9:23:29:3E:21:45:9F:21
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       019CACB4882F6D8033439C35204CD84A10ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          16EB
Signing time:             Mon 02 Mar 2026 04:00:38 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:38 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:38 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: Hp/VdHnDfb7e87nRYFv7faUA+u87uuvZptYNp0kWbh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:88:2f:6d:80:33:43:9c:35:20:4c:d8:4a:10:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Mar  2 04:00:38 2026 GMT
            Not After : Mar  3 04:00:38 2026 GMT
        Subject: CN=9a9487542eab22e2b80765f9c923293e21459f21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:36:f2:f4:24:43:18:da:9d:bc:04:65:c3:07:
                    d6:fe:df:e4:ea:e9:f2:19:4f:b1:bf:5d:18:0a:b9:
                    b2:53:23:10:c7:a9:b7:c1:6f:6e:e0:df:1d:01:84:
                    49:de:33:42:e7:99:14:b3:dc:16:7f:af:ed:12:98:
                    f0:21:c6:10:b5:88:32:d6:9b:ed:f1:da:3f:48:07:
                    f6:43:81:89:73:d9:14:a1:a5:16:62:af:50:73:ae:
                    82:7e:24:7d:c3:43:e0:b8:78:94:99:41:81:f0:6d:
                    5d:74:9d:5f:9e:46:85:31:2b:2d:a7:0d:88:33:5f:
                    1f:84:78:b2:d3:8f:95:d0:f1:f6:20:6b:d8:03:99:
                    c9:d4:7a:5b:a9:48:46:4a:9d:c1:96:f0:e5:4e:27:
                    74:ab:c3:23:11:91:f0:7b:82:2b:30:ba:52:08:c9:
                    94:15:ca:68:bd:d8:ad:af:5c:74:a4:37:a4:7d:11:
                    58:f2:a2:ce:30:9f:4d:d2:0f:e6:34:9e:3e:8e:7d:
                    a9:10:cf:af:e4:77:6e:e7:ea:54:ad:a7:17:6f:07:
                    19:af:76:fb:87:02:dd:d6:be:92:8e:ff:fa:52:a2:
                    b1:c7:5f:aa:9f:63:be:df:ce:a4:bc:d9:c0:33:97:
                    67:7f:14:d0:93:2e:f5:15:a6:b5:71:33:98:83:41:
                    09:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:94:87:54:2E:AB:22:E2:B8:07:65:F9:C9:23:29:3E:21:45:9F:21
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:ee:e5:7f:58:80:94:18:5d:f1:60:e5:98:9c:61:83:40:17:
         ac:4a:d2:70:40:29:3b:7e:02:65:10:6c:48:44:ee:eb:c7:42:
         91:04:68:a2:27:73:2c:fb:8d:e2:a9:01:c9:c5:77:1f:ac:5a:
         79:2e:da:68:05:ba:e2:50:63:30:f5:f8:e3:89:e7:b7:21:d4:
         8c:cd:b1:0b:49:1c:7d:c6:f6:74:28:17:71:8b:bd:9e:01:0e:
         a2:8b:e1:66:3e:7f:ec:d0:e3:db:0c:c2:59:06:98:3f:85:76:
         7a:02:fc:65:6a:90:57:df:93:8c:d1:28:c7:93:c1:44:7a:83:
         f5:ef:76:b5:2a:d1:c1:61:85:9d:23:0a:0d:46:e6:48:e9:46:
         2e:3a:26:e8:a5:2d:48:05:39:fc:c6:ea:74:90:1c:48:31:8c:
         4e:2b:be:44:6f:29:18:b3:46:e4:43:e2:23:04:ca:c4:05:3b:
         d7:fd:52:87:67:a0:d1:67:99:31:ec:a2:69:b8:4f:dd:97:de:
         6f:10:46:e4:64:18:67:26:fd:f3:b2:81:ef:a8:ec:00:30:cd:
         42:b5:02:1f:0c:31:bd:b5:c7:40:af:eb:8b:08:8e:8e:3d:0a:
         64:86:0d:87:ca:de:0a:17:f4:97:c2:37:b5:e4:5e:81:38:79:
         76:05:ad:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystIgvbYAzQ5w1IEzYShDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjYwMzAyMDQwMDM4WhcNMjYwMzAzMDQwMDM4WjAzMTEwLwYDVQQD
Eyg5YTk0ODc1NDJlYWIyMmUyYjgwNzY1ZjljOTIzMjkzZTIxNDU5ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjby9CRDGNqdvARlwwfW/t/k6uny
GU+xv10YCrmyUyMQx6m3wW9u4N8dAYRJ3jNC55kUs9wWf6/tEpjwIcYQtYgy1pvt
8do/SAf2Q4GJc9kUoaUWYq9Qc66CfiR9w0PguHiUmUGB8G1ddJ1fnkaFMSstpw2I
M18fhHiy04+V0PH2IGvYA5nJ1HpbqUhGSp3BlvDlTid0q8MjEZHwe4IrMLpSCMmU
Fcpovditr1x0pDekfRFY8qLOMJ9N0g/mNJ4+jn2pEM+v5Hdu5+pUracXbwcZr3b7
hwLd1r6Sjv/6UqKxx1+qn2O+386kvNnAM5dnfxTQky71Faa1cTOYg0EJkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqUh1QuqyLiuAdl+ckjKT4hRZ8hMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyO7lf1iA
lBhd8WDlmJxhg0AXrErScEApO34CZRBsSETu68dCkQRooidzLPuN4qkBycV3H6xa
eS7aaAW64lBjMPX444nntyHUjM2xC0kcfcb2dCgXcYu9ngEOoovhZj5/7NDj2wzC
WQaYP4V2egL8ZWqQV9+TjNEox5PBRHqD9e92tSrRwWGFnSMKDUbmSOlGLjom6KUt
SAU5/MbqdJAcSDGMTiu+RG8pGLNG5EPiIwTKxAU71/1Sh2eg0WeZMeyiabhP3Zfe
bxBG5GQYZyb987KB76jsADDNQrUCHwwxvbXHQK/riwiOjj0KZIYNh8reChf0l8I3
teRegTh5dgWttg==
-----END CERTIFICATE-----